From 07982ebe99c74642402c8065bb2479fb8a6ac13d Mon Sep 17 00:00:00 2001
From: "Dr. David von Oheimb" <David.von.Oheimb@siemens.com>
Date: Thu, 28 Apr 2022 15:35:13 +0200
Subject: [PATCH] http_client.c: check expected content type only if HTTP
 status code is 200 (OK)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18204)

(cherry picked from commit e3477d3e5ccd971da3d8a90a7d5096b47372d288)
---
 crypto/http/http_client.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c
index 8133a04936..59a3445813 100644
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@@ -670,7 +670,7 @@ int OSSL_HTTP_REQ_CTX_nbio(OSSL_HTTP_REQ_CTX *rctx)
                 rctx->redirection_url = value;
                 return 0;
             }
-            if (rctx->expected_ct != NULL
+            if (rctx->state == OHS_HEADERS && rctx->expected_ct != NULL
                     && OPENSSL_strcasecmp(key, "Content-Type") == 0) {
                 if (OPENSSL_strcasecmp(rctx->expected_ct, value) != 0) {
                     ERR_raise_data(ERR_LIB_HTTP, HTTP_R_UNEXPECTED_CONTENT_TYPE,