From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 10 Aug 2020 08:56:20 +0000 (+0200)
Subject: ftp: don't do ssl_shutdown instead of ssl_close
X-Git-Tag: curl-7_72_0~22
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aecce3551cbb62a7980e8d22b40eabc091f896a0;p=thirdparty%2Fcurl.git

ftp: don't do ssl_shutdown instead of ssl_close

The shutdown function is for downgrading a connection from TLS to plain,
and this is not requested here.

Have ssl_close reset the TLS connection state.

This partially reverts commit f002c850d98d

Reported-by: Rasmus Melchior Jacobsen
Reported-by: Denis Goleshchikhin
Fixes #5797
---

diff --git a/lib/ftp.c b/lib/ftp.c
index 20351ff865..9fadac5138 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -3251,9 +3251,9 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
     }
 
     if(conn->ssl[SECONDARYSOCKET].use) {
-      /* The secondary socket used SSL so we must close down that part first
-         before we close the socket for real */
-      result = Curl_ssl_shutdown(conn, SECONDARYSOCKET);
+      /* The secondary socket is using SSL so we must close down that part
+         first before we close the socket for real */
+      Curl_ssl_close(conn, SECONDARYSOCKET);
 
       /* Note that we keep "use" set to TRUE since that (next) connection is
          still requested to use SSL */
diff --git a/lib/vtls/vtls.c b/lib/vtls/vtls.c
index c3a55fb1cb..281043aa63 100644
--- a/lib/vtls/vtls.c
+++ b/lib/vtls/vtls.c
@@ -621,6 +621,7 @@ void Curl_ssl_close(struct connectdata *conn, int sockindex)
 {
   DEBUGASSERT((sockindex <= 1) && (sockindex >= -1));
   Curl_ssl->close_one(conn, sockindex);
+  conn->ssl[sockindex].state = ssl_connection_none;
 }
 
 CURLcode Curl_ssl_shutdown(struct connectdata *conn, int sockindex)