From c67b1dab2eb1fb3d9409f48a27977b6f7f6723dd Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Mon, 11 Apr 2016 12:24:50 +0200
Subject: [PATCH] URI scheme is only relevant for TLS if not proxy connection
 #1526

This should fix the test problems errors in #1527. When requesting a
HTTPS URI from a HTTP only proxy, the initial connection is *not* TLS
secured. The URI scheme is only relevant when directly connecting.

This also changes the (wrong) assumption that everything on port 443 is
always TLS secured. Only the URI scheme should decide that.
---
 inc/HTTPClient.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php
index e87ce741a..49bb5d1a7 100644
--- a/inc/HTTPClient.php
+++ b/inc/HTTPClient.php
@@ -272,13 +272,15 @@ class HTTPClient {
             $server      = $this->proxy_host;
             $port        = $this->proxy_port;
             if (empty($port)) $port = 8080;
+            $use_tls     = $this->proxy_ssl;
         }else{
             $request_url = $path;
             if (!isset($port)) $port = ($uri['scheme'] == 'https') ? 443 : 80;
+            $use_tls     = ($uri['scheme'] == 'https');
         }
 
         // add SSL stream prefix if needed - needs SSL support in PHP
-        if($port == 443 || $this->proxy_ssl || $uri['scheme'] == 'https') {
+        if($use_tls) {
             if(!in_array('ssl', stream_get_transports())) {
                 $this->status = -200;
                 $this->error = 'This PHP version does not support SSL - cannot connect to server';
-- 
GitLab