From fb847c84360230ca8534a53605f99dddbb546a82 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Wed, 11 May 2022 16:13:20 +0200
Subject: [PATCH] Remove the https to http downgrade fallback in
 PackageUpdateDispatcher

---
 .../package/PackageUpdateDispatcher.class.php | 20 +++----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php b/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php
index 5eabe7d71a..ed32ce6af8 100644
--- a/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php
+++ b/wcfsetup/install/files/lib/system/package/PackageUpdateDispatcher.class.php
@@ -141,11 +141,10 @@ class PackageUpdateDispatcher extends SingletonFactory
      * Fetches the package_update.xml from an update server.
      *
      * @param PackageUpdateServer $updateServer
-     * @param bool $forceHTTP
      * @throws  PackageUpdateUnauthorizedException
      * @throws  SystemException
      */
-    protected function getPackageUpdateXML(PackageUpdateServer $updateServer, $forceHTTP = false)
+    protected function getPackageUpdateXML(PackageUpdateServer $updateServer)
     {
         $settings = [];
         $authData = $updateServer->getAuthData();
@@ -154,11 +153,11 @@ class PackageUpdateDispatcher extends SingletonFactory
         }
 
         $secureConnection = $updateServer->attemptSecureConnection();
-        if ($secureConnection && !$forceHTTP) {
+        if ($secureConnection) {
             $settings['timeout'] = 5;
         }
 
-        $request = new HTTPRequest($updateServer->getListURL($forceHTTP), $settings);
+        $request = new HTTPRequest($updateServer->getListURL(), $settings);
 
         $requestedVersion = \wcf\getMinorVersion();
         if (PackageUpdateServer::isUpgradeOverrideEnabled()) {
@@ -196,19 +195,6 @@ class PackageUpdateDispatcher extends SingletonFactory
             $reply = $request->getReply();
 
             $statusCode = \is_array($reply['statusCode']) ? \reset($reply['statusCode']) : $reply['statusCode'];
-            // status code 0 is a connection timeout
-            if (!$statusCode && $secureConnection) {
-                if (\preg_match('~https?://(?:update|store)\.woltlab\.com\/~', $updateServer->serverURL)) {
-                    // woltlab.com servers are most likely to be available,
-                    // thus we assume that SSL connections are dropped
-                    RemoteFile::disableSSL();
-                }
-
-                // retry via http
-                $this->getPackageUpdateXML($updateServer, true);
-
-                return;
-            }
 
             throw new SystemException(
                 WCF::getLanguage()->get('wcf.acp.package.update.error.listNotFound') . ' (' . $statusCode . ')'
-- 
2.20.1