From 575504ede088667352509e01b749b1eae6744a72 Mon Sep 17 00:00:00 2001
From: "James D. Forrester" <jforrester@wikimedia.org>
Date: Thu, 24 May 2018 13:03:18 -0700
Subject: [PATCH] PhpHttpRequest: Drop back-compat code for PHP 5.5 and before

Change-Id: Ic2b144e333639dfeff0a86b14e4b4927e9bf6db0
---
 includes/http/PhpHttpRequest.php | 21 +--------------------
 1 file changed, 1 insertion(+), 20 deletions(-)

diff --git a/includes/http/PhpHttpRequest.php b/includes/http/PhpHttpRequest.php
index 0f499c2302..30ab181e1d 100644
--- a/includes/http/PhpHttpRequest.php
+++ b/includes/http/PhpHttpRequest.php
@@ -137,13 +137,7 @@ class PhpHttpRequest extends MWHttpRequest {
 		}
 
 		if ( $this->sslVerifyHost ) {
-			// PHP 5.6.0 deprecates CN_match, in favour of peer_name which
-			// actually checks SubjectAltName properly.
-			if ( version_compare( PHP_VERSION, '5.6.0', '>=' ) ) {
-				$options['ssl']['peer_name'] = $this->parsedUrl['host'];
-			} else {
-				$options['ssl']['CN_match'] = $this->parsedUrl['host'];
-			}
+			$options['ssl']['peer_name'] = $this->parsedUrl['host'];
 		}
 
 		$options['ssl'] += $this->getCertOptions();
@@ -169,19 +163,6 @@ class PhpHttpRequest extends MWHttpRequest {
 			restore_error_handler();
 
 			if ( !$fh ) {
-				// HACK for instant commons.
-				// If we are contacting (commons|upload).wikimedia.org
-				// try again with CN_match for en.wikipedia.org
-				// as php does not handle SubjectAltName properly
-				// prior to "peer_name" option in php 5.6
-				if ( isset( $options['ssl']['CN_match'] )
-					&& ( $options['ssl']['CN_match'] === 'commons.wikimedia.org'
-						|| $options['ssl']['CN_match'] === 'upload.wikimedia.org' )
-				) {
-					$options['ssl']['CN_match'] = 'en.wikipedia.org';
-					$context = stream_context_create( $options );
-					continue;
-				}
 				break;
 			}
 
-- 
2.20.1