diff --git a/lib/imap.c b/lib/imap.c
index 5ef2e0f66..793596e25 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -460,19 +460,6 @@ static void state(struct connectdata *conn, imapstate newstate)
   imapc->state = newstate;
 }
 
-static CURLcode imap_state_starttls(struct connectdata *conn)
-{
-  CURLcode result = CURLE_OK;
-
-  /* Send the STARTTLS command */
-  result = imap_sendf(conn, "STARTTLS");
-
-  if(!result)
-    state(conn, IMAP_STARTTLS);
-
-  return result;
-}
-
 static CURLcode imap_state_capability(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
@@ -493,6 +480,20 @@ static CURLcode imap_state_capability(struct connectdata *conn)
   return CURLE_OK;
 }
 
+static CURLcode imap_state_starttls(struct connectdata *conn)
+{
+  CURLcode result = CURLE_OK;
+
+  /* Send the STARTTLS command */
+  result = imap_sendf(conn, "STARTTLS");
+
+  if(!result)
+    state(conn, IMAP_STARTTLS);
+
+  return result;
+}
+
+
 static CURLcode imap_state_login(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
@@ -662,6 +663,38 @@ static CURLcode imap_state_servergreet_resp(struct connectdata *conn,
   return result;
 }
 
+/* For CAPABILITY responses */
+static CURLcode imap_state_capability_resp(struct connectdata *conn,
+                                           int imapcode,
+                                           imapstate instate)
+{
+  CURLcode result = CURLE_OK;
+  struct SessionHandle *data = conn->data;
+  struct imap_conn *imapc = &conn->proto.imapc;
+
+  (void)instate; /* no use for this yet */
+
+  if(imapcode != 'O')
+    result = imap_state_login(conn);
+  else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
+    /* We don't have a SSL/TLS connection yet, but SSL is requested */
+    if(imapc->tls_supported)
+      /* Switch to TLS connection now */
+      result = imap_state_starttls(conn);
+    else if(data->set.use_ssl == CURLUSESSL_TRY)
+      /* Fallback and carry on with authentication */
+      result = imap_authenticate(conn);
+    else {
+      failf(data, "STARTTLS not supported.");
+      result = CURLE_USE_SSL_FAILED;
+    }
+  }
+  else
+    result = imap_authenticate(conn);
+
+  return result;
+}
+
 /* For STARTTLS responses */
 static CURLcode imap_state_starttls_resp(struct connectdata *conn,
                                          int imapcode,
@@ -706,38 +739,6 @@ static CURLcode imap_state_upgrade_tls(struct connectdata *conn)
   return result;
 }
 
-/* For CAPABILITY responses */
-static CURLcode imap_state_capability_resp(struct connectdata *conn,
-                                           int imapcode,
-                                           imapstate instate)
-{
-  CURLcode result = CURLE_OK;
-  struct SessionHandle *data = conn->data;
-  struct imap_conn *imapc = &conn->proto.imapc;
-
-  (void)instate; /* no use for this yet */
-
-  if(imapcode != 'O')
-    result = imap_state_login(conn);
-  else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
-    /* We don't have a SSL/TLS connection yet, but SSL is requested */
-    if(imapc->tls_supported)
-      /* Switch to TLS connection now */
-      result = imap_state_starttls(conn);
-    else if(data->set.use_ssl == CURLUSESSL_TRY)
-      /* Fallback and carry on with authentication */
-      result = imap_authenticate(conn);
-    else {
-      failf(data, "STARTTLS not supported.");
-      result = CURLE_USE_SSL_FAILED;
-    }
-  }
-  else
-    result = imap_authenticate(conn);
-
-  return result;
-}
-
 /* For AUTHENTICATE PLAIN (without initial response) responses */
 static CURLcode imap_state_auth_plain_resp(struct connectdata *conn,
                                            int imapcode,
diff --git a/lib/pop3.c b/lib/pop3.c
index 3e541fa86..55422a403 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -373,19 +373,6 @@ static void state(struct connectdata *conn, pop3state newstate)
   pop3c->state = newstate;
 }
 
-static CURLcode pop3_state_starttls(struct connectdata *conn)
-{
-  CURLcode result = CURLE_OK;
-
-  /* Send the STLS command */
-  result = Curl_pp_sendf(&conn->proto.pop3c.pp, "STLS");
-
-  if(!result)
-    state(conn, POP3_STARTTLS);
-
-  return result;
-}
-
 static CURLcode pop3_state_capa(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
@@ -406,6 +393,20 @@ static CURLcode pop3_state_capa(struct connectdata *conn)
   return CURLE_OK;
 }
 
+static CURLcode pop3_state_starttls(struct connectdata *conn)
+{
+  CURLcode result = CURLE_OK;
+
+  /* Send the STLS command */
+  result = Curl_pp_sendf(&conn->proto.pop3c.pp, "STLS");
+
+  if(!result)
+    state(conn, POP3_STARTTLS);
+
+  return result;
+}
+
+
 static CURLcode pop3_state_user(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
@@ -586,6 +587,37 @@ static CURLcode pop3_state_servergreet_resp(struct connectdata *conn,
   return result;
 }
 
+/* For CAPA responses */
+static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
+                                     pop3state instate)
+{
+  CURLcode result = CURLE_OK;
+  struct SessionHandle *data = conn->data;
+  struct pop3_conn *pop3c = &conn->proto.pop3c;
+
+  (void)instate; /* no use for this yet */
+
+  if(pop3code != '+')
+    result = pop3_state_user(conn);
+  else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
+    /* We don't have a SSL/TLS connection yet, but SSL is requested */
+    if(pop3c->tls_supported)
+      /* Switch to TLS connection now */
+      result = pop3_state_starttls(conn);
+    else if(data->set.use_ssl == CURLUSESSL_TRY)
+      /* Fallback and carry on with authentication */
+      result = pop3_authenticate(conn);
+    else {
+      failf(data, "STLS not supported.");
+      result = CURLE_USE_SSL_FAILED;
+    }
+  }
+  else
+    result = pop3_authenticate(conn);
+
+  return result;
+}
+
 /* For STARTTLS responses */
 static CURLcode pop3_state_starttls_resp(struct connectdata *conn,
                                          int pop3code,
@@ -630,37 +662,6 @@ static CURLcode pop3_state_upgrade_tls(struct connectdata *conn)
   return result;
 }
 
-/* For CAPA responses */
-static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
-                                     pop3state instate)
-{
-  CURLcode result = CURLE_OK;
-  struct SessionHandle *data = conn->data;
-  struct pop3_conn *pop3c = &conn->proto.pop3c;
-
-  (void)instate; /* no use for this yet */
-
-  if(pop3code != '+')
-    result = pop3_state_user(conn);
-  else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
-    /* We don't have a SSL/TLS connection yet, but SSL is requested */
-    if(pop3c->tls_supported)
-      /* Switch to TLS connection now */
-      result = pop3_state_starttls(conn);
-    else if(data->set.use_ssl == CURLUSESSL_TRY)
-      /* Fallback and carry on with authentication */
-      result = pop3_authenticate(conn);
-    else {
-      failf(data, "STLS not supported.");
-      result = CURLE_USE_SSL_FAILED;
-    }
-  }
-  else
-    result = pop3_authenticate(conn);
-
-  return result;
-}
-
 /* For AUTH PLAIN responses */
 static CURLcode pop3_state_auth_plain_resp(struct connectdata *conn,
                                            int pop3code,