openssl: close_notify on the FTP data connection doesn't mean closure

For FTPS transfers, curl gets close_notify on the data connection
without that being a signal to close the control connection!

Regression since 3f5da4e59a556fc (7.65.0)

Reported-by: Zenju on github
Reviewed-by: Jay Satiro
Fixes #4329
Closes #4340

diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c
index 385f28179360f313070252d52941e90309b7830d..216ed9fc59e8d564893bf3670db7d23e023fa9a3 100644 (file)
--- a/lib/vtls/openssl.c
+++ b/lib/vtls/openssl.c
@@ -3878,7 +3878,10 @@ static ssize_t ossl_recv(struct connectdata *conn, /* connection data */
       break;
     case SSL_ERROR_ZERO_RETURN: /* no more data */
       /* close_notify alert */
-      connclose(conn, "TLS close_notify");
+      if(num == FIRSTSOCKET)
+        /* mark the connection for close if it is indeed the control
+           connection */
+        connclose(conn, "TLS close_notify");
       break;
     case SSL_ERROR_WANT_READ:
     case SSL_ERROR_WANT_WRITE: