From aecce3551cbb62a7980e8d22b40eabc091f896a0 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 10 Aug 2020 10:56:20 +0200 Subject: ftp: don't do ssl_shutdown instead of ssl_close The shutdown function is for downgrading a connection from TLS to plain, and this is not requested here. Have ssl_close reset the TLS connection state. This partially reverts commit f002c850d98d Reported-by: Rasmus Melchior Jacobsen Reported-by: Denis Goleshchikhin Fixes #5797 --- lib/ftp.c | 6 +++--- lib/vtls/vtls.c | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/ftp.c b/lib/ftp.c index 20351ff86..9fadac513 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -3251,9 +3251,9 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status, } if(conn->ssl[SECONDARYSOCKET].use) { - /* The secondary socket used SSL so we must close down that part first - before we close the socket for real */ - result = Curl_ssl_shutdown(conn, SECONDARYSOCKET); + /* The secondary socket is using SSL so we must close down that part + first before we close the socket for real */ + Curl_ssl_close(conn, SECONDARYSOCKET); /* Note that we keep "use" set to TRUE since that (next) connection is still requested to use SSL */ diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c index c3a55fb1c..281043aa6 100644 --- a/lib/vtls/vtls.c +++ b/lib/vtls/vtls.c @@ -621,6 +621,7 @@ void Curl_ssl_close(struct connectdata *conn, int sockindex) { DEBUGASSERT((sockindex <= 1) && (sockindex >= -1)); Curl_ssl->close_one(conn, sockindex); + conn->ssl[sockindex].state = ssl_connection_none; } CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex) -- cgit v1.2.1