Add SNI settings for SSL URLs that are proxied, fixes #3204

src/Composer/Util/StreamContextFactory.php

@@ -93,6 +93,14 @@ final class StreamContextFactory
                     break;
             }
 
+            // add SNI opts for https URLs
+            if ('https' === parse_url($url, PHP_URL_SCHEME)) {
+                $options['ssl']['SNI_enabled'] = true;
+                if (version_compare(PHP_VERSION, '5.6.0', '<')) {
+                    $options['ssl']['SNI_server_name'] = parse_url($url, PHP_URL_HOST);
+                }
+            }
+
             // handle proxy auth if present
             if (isset($proxy['user'])) {
                 $auth = urldecode($proxy['user']);

tests/Composer/Test/Util/StreamContextFactoryTest.php

@@ -133,14 +133,23 @@ class StreamContextFactoryTest extends \PHPUnit_Framework_TestCase
         $context = StreamContextFactory::getContext('https://example.org', array('http' => array('method' => 'GET')));
         $options = stream_context_get_options($context);
 
-        $this->assertEquals(array('http' => array(
-            'proxy' => 'tcp://proxyserver.net:80',
-            'request_fulluri' => true,
-            'method' => 'GET',
-            'header' => array("Proxy-Authorization: Basic " . base64_encode('username:password')),
-            'max_redirects' => 20,
-            'follow_location' => 1,
-        )), $options);
+        $expected = array(
+            'http' => array(
+                'proxy' => 'tcp://proxyserver.net:80',
+                'request_fulluri' => true,
+                'method' => 'GET',
+                'header' => array("Proxy-Authorization: Basic " . base64_encode('username:password')),
+                'max_redirects' => 20,
+                'follow_location' => 1,
+            ), 'ssl' => array(
+                'SNI_enabled' => true,
+                'SNI_server_name' => 'example.org'
+            )
+        );
+        if (version_compare(PHP_VERSION, '5.6.0', '>=')) {
+            unset($expected['ssl']['SNI_server_name']);
+        }
+        $this->assertEquals($expected, $options);
     }
 
     public function testHttpsProxyOverride()
@@ -151,13 +160,22 @@ class StreamContextFactoryTest extends \PHPUnit_Framework_TestCase
         $context = StreamContextFactory::getContext('https://example.org', array('http' => array('method' => 'GET')));
         $options = stream_context_get_options($context);
 
-        $this->assertEquals(array('http' => array(
-            'proxy' => 'ssl://woopproxy.net:443',
-            'request_fulluri' => true,
-            'method' => 'GET',
-            'max_redirects' => 20,
-            'follow_location' => 1,
-        )), $options);
+        $expected = array(
+            'http' => array(
+                'proxy' => 'ssl://woopproxy.net:443',
+                'request_fulluri' => true,
+                'method' => 'GET',
+                'max_redirects' => 20,
+                'follow_location' => 1,
+            ), 'ssl' => array(
+                'SNI_enabled' => true,
+                'SNI_server_name' => 'example.org'
+            )
+        );
+        if (version_compare(PHP_VERSION, '5.6.0', '>=')) {
+            unset($expected['ssl']['SNI_server_name']);
+        }
+        $this->assertEquals($expected, $options);
     }
 
     /**