From 8986d3c6f4f72cb4734f24ef297d31865e3018cc Mon Sep 17 00:00:00 2001 From: Daniel Gustafsson Date: Tue, 21 May 2019 09:38:11 +0200 Subject: [PATCH] ftp: move ftp_ccc in under featureflag Commit e91e48161235272ff485ff32bd048c53af731f43 moved ftp_ccc in under the FTP featureflag in the UserDefined struct, but vtls callsites were still using it unprotected. Closes #3912 Fixes: https://curl.haxx.se/dev/log.cgi?id=20190520044705-29865 Reviewed-by: Daniel Stenberg, Marcel Raad --- lib/vtls/gskit.c | 2 ++ lib/vtls/gtls.c | 2 ++ lib/vtls/openssl.c | 2 ++ lib/vtls/sectransp.c | 2 ++ 4 files changed, 8 insertions(+) diff --git a/lib/vtls/gskit.c b/lib/vtls/gskit.c index 130d82a81..b93ff5d4f 100644 --- a/lib/vtls/gskit.c +++ b/lib/vtls/gskit.c @@ -1266,8 +1266,10 @@ static int Curl_gskit_shutdown(struct connectdata *conn, int sockindex) if(!BACKEND->handle) return 0; +#ifndef CURL_DISABLE_FTP if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE) return 0; +#endif close_one(connssl, conn, sockindex); rc = 0; diff --git a/lib/vtls/gtls.c b/lib/vtls/gtls.c index e597eac5e..8693cdce3 100644 --- a/lib/vtls/gtls.c +++ b/lib/vtls/gtls.c @@ -1640,6 +1640,7 @@ static int Curl_gtls_shutdown(struct connectdata *conn, int sockindex) int retval = 0; struct Curl_easy *data = conn->data; +#ifndef CURL_DISABLE_FTP /* This has only been tested on the proftpd server, and the mod_tls code sends a close notify alert without waiting for a close notify alert in response. Thus we wait for a close notify alert from the server, but @@ -1647,6 +1648,7 @@ static int Curl_gtls_shutdown(struct connectdata *conn, int sockindex) if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE) gnutls_bye(BACKEND->session, GNUTLS_SHUT_WR); +#endif if(BACKEND->session) { ssize_t result; diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index df4553423..85e9be616 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1308,6 +1308,7 @@ static int Curl_ossl_shutdown(struct connectdata *conn, int sockindex) int err; bool done = FALSE; +#ifndef CURL_DISABLE_FTP /* This has only been tested on the proftpd server, and the mod_tls code sends a close notify alert without waiting for a close notify alert in response. Thus we wait for a close notify alert from the server, but @@ -1315,6 +1316,7 @@ static int Curl_ossl_shutdown(struct connectdata *conn, int sockindex) if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE) (void)SSL_shutdown(BACKEND->handle); +#endif if(BACKEND->handle) { buffsize = (int)sizeof(buf); diff --git a/lib/vtls/sectransp.c b/lib/vtls/sectransp.c index ef618a471..2fdf662a1 100644 --- a/lib/vtls/sectransp.c +++ b/lib/vtls/sectransp.c @@ -2963,8 +2963,10 @@ static int Curl_sectransp_shutdown(struct connectdata *conn, int sockindex) if(!BACKEND->ssl_ctx) return 0; +#ifndef CURL_DISABLE_FTP if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE) return 0; +#endif Curl_sectransp_close(conn, sockindex);