diff options
| author | Andreas Gohr <andi@splitbrain.org> | 2014-12-11 23:39:21 +0100 |
|---|---|---|
| committer | Andreas Gohr <andi@splitbrain.org> | 2014-12-11 23:39:21 +0100 |
| commit | 4343d40d6272b3148e99369d2f16d60f90c835a5 (patch) | |
| tree | 359fb9f4d30ff3560a1e3976e9020997799dd461 | |
| parent | dc193bd914e6c9cd3d0d1df7e171d38e8da407e5 (diff) | |
| download | rpg-4343d40d6272b3148e99369d2f16d60f90c835a5.tar.gz rpg-4343d40d6272b3148e99369d2f16d60f90c835a5.tar.bz2 | |
set correct peer name when connecting through a SSL tunnel proxy
| -rw-r--r-- | inc/HTTPClient.php | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php index 4112932c4..c791b7f4a 100644 --- a/inc/HTTPClient.php +++ b/inc/HTTPClient.php @@ -589,6 +589,9 @@ class HTTPClient { $this->_debug('SSL Tunnel Response',$r_headers); if(preg_match('/^HTTP\/1\.[01] 200/i',$r_headers)){ + // set correct peer name for verification (enabled since PHP 5.6) + stream_context_set_option($socket, 'ssl', 'peer_name', $requestinfo['host']); + // Try a TLS connection first if (@stream_socket_enable_crypto($socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) { $requesturl = $requestinfo['path']; |