summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/ftp.c16
-rw-r--r--lib/urldata.h1
-rw-r--r--tests/data/test16312
-rw-r--r--tests/data/test16322
4 files changed, 7 insertions, 14 deletions
diff --git a/lib/ftp.c b/lib/ftp.c
index a5083be04..3fd9cea2c 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -2508,7 +2508,7 @@ static CURLcode ftp_state_loggedin(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
- if(conn->ssl[FIRSTSOCKET].use) {
+ if(conn->bits.ftp_use_control_ssl) {
/* PBSZ = PROTECTION BUFFER SIZE.
The 'draft-murray-auth-ftp-ssl' (draft 12, page 7) says:
@@ -2659,14 +2659,8 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
}
#endif
- if(data->set.use_ssl &&
- (!conn->ssl[FIRSTSOCKET].use
-#ifndef CURL_DISABLE_PROXY
- || (conn->bits.proxy_ssl_connected[FIRSTSOCKET] &&
- !conn->proxy_ssl[FIRSTSOCKET].use)
-#endif
- )) {
- /* We don't have a SSL/TLS connection yet, but FTPS is
+ if(data->set.use_ssl && !conn->bits.ftp_use_control_ssl) {
+ /* We don't have a SSL/TLS control connection yet, but FTPS is
requested. Try a FTPS connection now */
ftpc->count3 = 0;
@@ -2708,6 +2702,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
result = Curl_ssl_connect(conn, FIRSTSOCKET);
if(!result) {
conn->bits.ftp_use_data_ssl = FALSE; /* clear-text data */
+ conn->bits.ftp_use_control_ssl = TRUE; /* SSL on control */
result = ftp_state_user(conn);
}
}
@@ -3089,7 +3084,7 @@ static CURLcode ftp_block_statemach(struct connectdata *conn)
*
*/
static CURLcode ftp_connect(struct connectdata *conn,
- bool *done) /* see description above */
+ bool *done) /* see description above */
{
CURLcode result;
struct ftp_conn *ftpc = &conn->proto.ftpc;
@@ -3110,6 +3105,7 @@ static CURLcode ftp_connect(struct connectdata *conn,
result = Curl_ssl_connect(conn, FIRSTSOCKET);
if(result)
return result;
+ conn->bits.ftp_use_control_ssl = TRUE;
}
Curl_pp_setup(pp); /* once per transfer */
diff --git a/lib/urldata.h b/lib/urldata.h
index d0a0625cd..5ee81770e 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -469,6 +469,7 @@ struct ConnectBits {
EPRT doesn't work we disable it for the forthcoming
requests */
BIT(ftp_use_data_ssl); /* Enabled SSL for the data connection */
+ BIT(ftp_use_control_ssl); /* Enabled SSL for the control connection */
#endif
BIT(netrc); /* name+password provided by netrc */
BIT(bound); /* set true if bind() has already been done on this socket/
diff --git a/tests/data/test1631 b/tests/data/test1631
index cd36b1d9b..878511908 100644
--- a/tests/data/test1631
+++ b/tests/data/test1631
@@ -74,8 +74,6 @@ Proxy-Connection: Keep-Alive
<protocol>
USER anonymous
PASS ftp@example.com
-PBSZ 0
-PROT P
PWD
EPSV
TYPE I
diff --git a/tests/data/test1632 b/tests/data/test1632
index b10b2a68a..94577efdd 100644
--- a/tests/data/test1632
+++ b/tests/data/test1632
@@ -89,8 +89,6 @@ Proxy-Connection: Keep-Alive
<protocol>
USER anonymous
PASS ftp@example.com
-PBSZ 0
-PROT P
PWD
EPSV
TYPE I