diff --git a/CHANGES b/CHANGES
index a67e4d50a..f1222d423 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,9 @@
                                   Changelog
 
 Daniel (20 March 2006)
+- David McCreedy fixed libcurl to no longer ignore AUTH failures and now it
+  reacts properly according to the CURLOPT_FTP_SSL setting.
+
 - Dan Fandrich fixed two TFTP problems: Fixed a bug whereby a received file
   whose length was a multiple of 512 bytes could have random garbage
   appended. Also, stop processing TFTP packets which are too short to be
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 619ff8ce6..a7cb01f03 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -15,6 +15,7 @@ This release includes the following changes:
 
 This release includes the following bugfixes:
 
+ o treat FTP AUTH failures properly
  o TFTP transfers could trash data
  o -d + -G combo crash
 
@@ -25,6 +26,6 @@ Other curl-related news since the previous public release:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Dan Fandrich, Ilja van Sprundel
+ Dan Fandrich, Ilja van Sprundel, David McCreedy
 
         Thanks! (and sorry if I forgot to mention someone)
diff --git a/lib/ftp.c b/lib/ftp.c
index b53f8f309..86d37eafc 100644
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -2430,8 +2430,14 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
         result = Curl_nbftpsendf(conn, "AUTH %s", ftpauth[ftp->count1]);
         /* remain in this same state */
       }
-      else
-        result = ftp_state_user(conn);
+      else {
+        if(data->set.ftp_ssl > CURLFTPSSL_TRY)
+          /* we failed and CURLFTPSSL_CONTROL or CURLFTPSSL_ALL is set */
+          result = CURLE_FTP_SSL_FAILED;
+        else
+          /* ignore the failure and continue */
+          result = ftp_state_user(conn);
+      }
 
       if(result)
         return result;