diff options
| -rw-r--r-- | inc/HTTPClient.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php index 2e991b52f..c791b7f4a 100644 --- a/inc/HTTPClient.php +++ b/inc/HTTPClient.php @@ -589,7 +589,16 @@ class HTTPClient { $this->_debug('SSL Tunnel Response',$r_headers); if(preg_match('/^HTTP\/1\.[01] 200/i',$r_headers)){ - if (stream_socket_enable_crypto($socket, true, STREAM_CRYPTO_METHOD_SSLv3_CLIENT)) { + // set correct peer name for verification (enabled since PHP 5.6) + stream_context_set_option($socket, 'ssl', 'peer_name', $requestinfo['host']); + + // Try a TLS connection first + if (@stream_socket_enable_crypto($socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) { + $requesturl = $requestinfo['path']; + return true; + } + // Fall back to SSLv3 + if (@stream_socket_enable_crypto($socket, true, STREAM_CRYPTO_METHOD_SSLv3_CLIENT)) { $requesturl = $requestinfo['path']; return true; } |