]> git.mxchange.org Git - quix0rs-gnu-social.git/blobdiff - lib/httpclient.php
projects / quix0rs-gnu-social.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Partial fix for ticket #2489 -- problems with SNI SSL virtual host certificate valida...
[quix0rs-gnu-social.git] / lib / httpclient.php
diff --git a/lib/httpclient.php b/lib/httpclient.php
index b69f718e5f01c3b6e0f2d90f5876b5ecadab95c3..514a5afeb2a91810544252aec7dc0e03b7f4d88d 100644 (file)
--- a/lib/httpclient.php
+++ b/lib/httpclient.php
@@ -145,6 +145,10 @@ class HTTPClient extends HTTP_Request2
             $this->config['ssl_verify_peer'] = false;
         }
 
+        if (common_config('http', 'curl') && extension_loaded('curl')) {
+            $this->config['adapter'] = 'HTTP_Request2_Adapter_Curl';
+        }
+
         parent::__construct($url, $method, $config);
         $this->setHeader('User-Agent', $this->userAgent());
     }
@@ -204,6 +208,15 @@ class HTTPClient extends HTTP_Request2
     protected function doRequest($url, $method, $headers)
     {
         $this->setUrl($url);
+
+        // Workaround for HTTP_Request2 not setting up SNI in socket contexts;
+        // This fixes cert validation for SSL virtual hosts using SNI.
+        // Requires PHP 5.3.2 or later and OpenSSL with SNI support.
+        if ($this->url->getScheme() == 'https' && defined('OPENSSL_TLSEXT_SERVER_NAME')) {
+            $this->config['ssl_SNI_enabled'] = true;
+            $this->config['ssl_SNI_server_name'] = $this->url->getHost();
+        }
+
         $this->setMethod($method);
         if ($headers) {
             foreach ($headers as $header) {
This is my personal clone from the wonderful software GNUSocial. I may fix or break things here, so use it on your own risk. :-)