From 2bbe40cf8802bbc3bbf83d454cc294080ebaf241 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Tue, 11 Feb 2014 23:01:29 +0100
Subject: HTTPClient: correctly abort a proxy connection

if a needed CONNECT tunnel fails
---
 inc/HTTPClient.php | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

(limited to 'inc/HTTPClient.php')

diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php
index 96954fb47..2226103b3 100644
--- a/inc/HTTPClient.php
+++ b/inc/HTTPClient.php
@@ -304,11 +304,18 @@ class HTTPClient {
             }
 
             // try establish a CONNECT tunnel for SSL
-            if($this->_ssltunnel($socket, $request_url)){
-                // no keep alive for tunnels
-                $this->keep_alive = false;
-                // tunnel is authed already
-                if(isset($headers['Proxy-Authentication'])) unset($headers['Proxy-Authentication']);
+            try {
+                if($this->_ssltunnel($socket, $request_url)){
+                    // no keep alive for tunnels
+                    $this->keep_alive = false;
+                    // tunnel is authed already
+                    if(isset($headers['Proxy-Authentication'])) unset($headers['Proxy-Authentication']);
+                }
+            } catch (HTTPClientException $e) {
+                $this->status = $e->getCode();
+                $this->error = $e->getMessage();
+                fclose($socket);
+                return false;
             }
 
             // keep alive?
@@ -363,7 +370,7 @@ class HTTPClient {
 
             // get Status
             if (!preg_match('/^HTTP\/(\d\.\d)\s*(\d+).*?\n/', $r_headers, $m))
-                throw new HTTPClientException('Server returned bad answer');
+                throw new HTTPClientException('Server returned bad answer '.$r_headers);
 
             $this->status = $m[2];
 
@@ -526,6 +533,7 @@ class HTTPClient {
      *
      * @param resource &$socket
      * @param string   &$requesturl
+     * @throws HTTPClientException when a tunnel is needed but could not be established
      * @return bool true if a tunnel was established
      */
     function _ssltunnel(&$socket, &$requesturl){
@@ -559,7 +567,8 @@ class HTTPClient {
                 return true;
             }
         }
-        return false;
+
+        throw new HTTPClientException('Failed to establish secure proxy connection', -150);
     }
 
     /**
-- 
cgit v1.2.3


From 350eada6c66014c2bfb20902742120b7568ec576 Mon Sep 17 00:00:00 2001
From: Andreas Gohr <gohr@cosmocode.de>
Date: Thu, 13 Feb 2014 14:43:33 +0100
Subject: make HTTPclient check for SSL support

---
 inc/HTTPClient.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'inc/HTTPClient.php')

diff --git a/inc/HTTPClient.php b/inc/HTTPClient.php
index 2226103b3..de3a16830 100644
--- a/inc/HTTPClient.php
+++ b/inc/HTTPClient.php
@@ -254,7 +254,13 @@ class HTTPClient {
         }
 
         // add SSL stream prefix if needed - needs SSL support in PHP
-        if($port == 443 || $this->proxy_ssl) $server = 'ssl://'.$server;
+        if($port == 443 || $this->proxy_ssl) {
+            if(!in_array('ssl', stream_get_transports())) {
+                $this->status = -200;
+                $this->error = 'This PHP version does not support SSL - cannot connect to server';
+            }
+            $server = 'ssl://'.$server;
+        }
 
         // prepare headers
         $headers               = $this->headers;
-- 
cgit v1.2.3