diff --git a/_test/tests/inc/httpclient_http_proxy.test.php b/_test/tests/inc/httpclient_http_proxy.test.php
index 61228ad94535196a0bceb62be727bd06977d0ab5..c44dc7ed71215d82bf1da682a49b973e9c685826 100644
--- a/_test/tests/inc/httpclient_http_proxy.test.php
+++ b/_test/tests/inc/httpclient_http_proxy.test.php
@@ -18,5 +18,4 @@ class httpclient_http_proxy_test extends DokuWikiTest {
$this->assertFalse($data === false, 'HTTP response '.$http->error);
$this->assertTrue(strpos($data,'DokuWiki') !== false, 'response content');
}
-
}
\ No newline at end of file
diff --git a/_test/tests/inc/httpclient_https_proxy.test.php b/_test/tests/inc/httpclient_https_proxy.test.php
index aca3b3be28bbd8de6c20cce8de3eb67bdce0fa5c..9402e91af5464c55690615b44712c8c73b743d3d 100644
--- a/_test/tests/inc/httpclient_https_proxy.test.php
+++ b/_test/tests/inc/httpclient_https_proxy.test.php
@@ -12,4 +12,19 @@ class httpclient_https_proxy_test extends httpclient_http_proxy_test {
}
parent::setUp();
}
+
+ /**
+ * @group internet
+ */
+ function test_connectfail(){
+ $http = new HTTPMockClient();
+ // proxy provided by Andrwe Lord Weber <dokuwiki@andrwe.org>
+ $http->proxy_host = 'proxy.andrwe.org';
+ $http->proxy_port = 8080;
+
+ // the proxy accepts connections to dokuwiki.org only - the connect call should fail
+ $data = $http->get('https://www.google.com');
+ $this->assertFalse($data);
+ $this->assertEquals(-150, $http->status);
+ }
}
\ No newline at end of file
diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php
index 96954fb473dc23aceb3f0ca45b80fdf05fb11b14..2226103b3fd7c19c29a53ebad24dae0d622014d4 100644
--- a/inc/HTTPClient.php
+++ b/inc/HTTPClient.php
@@ -304,11 +304,18 @@ class HTTPClient {
}
// try establish a CONNECT tunnel for SSL
- if($this->_ssltunnel($socket, $request_url)){
- // no keep alive for tunnels
- $this->keep_alive = false;
- // tunnel is authed already
- if(isset($headers['Proxy-Authentication'])) unset($headers['Proxy-Authentication']);
+ try {
+ if($this->_ssltunnel($socket, $request_url)){
+ // no keep alive for tunnels
+ $this->keep_alive = false;
+ // tunnel is authed already
+ if(isset($headers['Proxy-Authentication'])) unset($headers['Proxy-Authentication']);
+ }
+ } catch (HTTPClientException $e) {
+ $this->status = $e->getCode();
+ $this->error = $e->getMessage();
+ fclose($socket);
+ return false;
}
// keep alive?
@@ -363,7 +370,7 @@ class HTTPClient {
// get Status
if (!preg_match('/^HTTP\/(\d\.\d)\s*(\d+).*?\n/', $r_headers, $m))
- throw new HTTPClientException('Server returned bad answer');
+ throw new HTTPClientException('Server returned bad answer '.$r_headers);
$this->status = $m[2];
@@ -526,6 +533,7 @@ class HTTPClient {
*
* @param resource &$socket
* @param string &$requesturl
+ * @throws HTTPClientException when a tunnel is needed but could not be established
* @return bool true if a tunnel was established
*/
function _ssltunnel(&$socket, &$requesturl){
@@ -559,7 +567,8 @@ class HTTPClient {
return true;
}
}
- return false;
+
+ throw new HTTPClientException('Failed to establish secure proxy connection', -150);
}
/**