http_client.c: check expected content type only if HTTP status code is 200 (OK)

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/18204)

crypto/http/http_client.c

diff --git a/crypto/http/http_client.c b/crypto/http/http_client.c
index 8fcc9c3..088b6cd 100644
--- a/crypto/http/http_client.c
+++ b/crypto/http/http_client.c
@@ -669,7 +669,7 @@
                 rctx->redirection_url = value;
                 return 0;
             }
-            if (rctx->expected_ct != NULL
+            if (rctx->state == OHS_HEADERS && rctx->expected_ct != NULL
                     && OPENSSL_strcasecmp(key, "Content-Type") == 0) {
                 if (OPENSSL_strcasecmp(rctx->expected_ct, value) != 0) {
                     ERR_raise_data(ERR_LIB_HTTP, HTTP_R_UNEXPECTED_CONTENT_TYPE,