Only fetch channel binding data if conn using SSL

curl · Apr 23, 2024 · 5b8c0eb · 5b8c0eb
1 parent 0449ec7
commit 5b8c0eb
Showing 1 changed file with 9 additions and 6 deletions.
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
@@ -107,13 +107,16 @@ CURLcode Curl_input_negotiate(struct Curl_easy *data, struct connectdata *conn,
 #if defined(USE_WINDOWS_SSPI) && defined(SECPKG_ATTR_ENDPOINT_BINDINGS)
  neg_ctx->sslContext = conn->sslContext;
 #endif
+ /* Check if the connection is using SSL and get the channel binding data */
 #ifdef HAVE_GSSAPI
- result = Curl_ssl_get_tls_server_end_point(
- data, FIRSTSOCKET, &neg_ctx->channel_binding_data,
- &neg_ctx->channel_binding_data_len);
- if(result) {
- Curl_http_auth_cleanup_negotiate(conn);
- return result;
+ if(conn->handler->flags & PROTOPT_SSL) {
+ result = Curl_ssl_get_tls_server_end_point(
+ data, FIRSTSOCKET, &neg_ctx->channel_binding_data,
+ &neg_ctx->channel_binding_data_len);
+ if(result) {
+ Curl_http_auth_cleanup_negotiate(conn);
+ return result;
+ }
  }
 #endif