openssl: close_notify on the initial connection markes it for closebagder/ftp-tls-close

... for FTPS transfers, we are destined to get it on the data connection without that being a signal to close the control connection! Regression since 3f5da4e59a556fc (7.65.0) Reported-by: Zenju on github Fixes #4329
author: Daniel Stenberg <daniel@haxx.se> 2019-09-12 17:56:49 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2019-09-12 17:56:49 +0200
commit: b7ef8289b0f8d314e5b210fe4b903c788ede0d52 (patch)
tree: 3378577ec5db468d650fb932f5aa8e2311d033a9
parent: 4e3dfe3323bedc534024cff7ee5d27771958895d (diff)
download: curl-bagder/ftp-tls-close.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 385f28179..216ed9fc5 100644
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3878,7 +3878,10 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */
       break;
     case SSL_ERROR_ZERO_RETURN: /* no more data */
       /* close_notify alert */
-      connclose(conn, "TLS close_notify");
+      if(num == FIRSTSOCKET)
+        /* mark the connection for close if it is indeed the control
+           connection */
+        connclose(conn, "TLS close_notify");
       break;
     case SSL_ERROR_WANT_READ:
     case SSL_ERROR_WANT_WRITE:
author	Daniel Stenberg <daniel@haxx.se>	2019-09-12 17:56:49 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2019-09-12 17:56:49 +0200
commit	b7ef8289b0f8d314e5b210fe4b903c788ede0d52 (patch)
tree	3378577ec5db468d650fb932f5aa8e2311d033a9
parent	4e3dfe3323bedc534024cff7ee5d27771958895d (diff)
download	curl-bagder/ftp-tls-close.tar.gz