From 37e602dd28316482e860b52c4280575b6815e6c0 Mon Sep 17 00:00:00 2001
From: Olivier Dolbeau <github@a.bbnt.me>
Date: Mon, 7 Jun 2021 17:25:08 +0200
Subject: [PATCH] Remove TLS related options when not using TLS

---
 .../Amqp/Tests/Transport/ConnectionTest.php   | 21 +++++++++++++++++++
 .../Bridge/Amqp/Transport/Connection.php      |  4 ++++
 2 files changed, 25 insertions(+)

diff --git a/src/Symfony/Component/Messenger/Bridge/Amqp/Tests/Transport/ConnectionTest.php b/src/Symfony/Component/Messenger/Bridge/Amqp/Tests/Transport/ConnectionTest.php
index d1c43898a6270..93444dec1bf35 100644
--- a/src/Symfony/Component/Messenger/Bridge/Amqp/Tests/Transport/ConnectionTest.php
+++ b/src/Symfony/Component/Messenger/Bridge/Amqp/Tests/Transport/ConnectionTest.php
@@ -748,6 +748,27 @@ public function testItCanPublishAndWaitForConfirmation()
         $connection = Connection::fromDsn('amqp://localhost?confirm_timeout=0.5', [], $factory);
         $connection->publish('body');
     }
+
+    public function testItCanBeConstructedWithTLSOptionsAndNonTLSDsn()
+    {
+        $this->assertEquals(
+            new Connection([
+                'host' => 'localhost',
+                'port' => 5672,
+                'vhost' => '/',
+            ], [
+                'name' => self::DEFAULT_EXCHANGE_NAME,
+            ], [
+                self::DEFAULT_EXCHANGE_NAME => [],
+            ]),
+            Connection::fromDsn('amqp://', [
+                'cacert' => 'foobar',
+                'cert' => 'foobar',
+                'key' => 'foobar',
+                'verify' => false,
+            ])
+        );
+    }
 }
 
 class TestAmqpFactory extends AmqpFactory
diff --git a/src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php b/src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php
index 4aed8831b57bc..94a573c0ccc95 100644
--- a/src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php
+++ b/src/Symfony/Component/Messenger/Bridge/Amqp/Transport/Connection.php
@@ -219,6 +219,10 @@ public static function fromDsn(string $dsn, array $options = [], AmqpFactory $am
             return $queueOptions;
         }, $queuesOptions);
 
+        if (!$useAmqps) {
+            unset($amqpOptions['cacert'], $amqpOptions['cert'], $amqpOptions['key'], $amqpOptions['verify']);
+        }
+
         if ($useAmqps && !self::hasCaCertConfigured($amqpOptions)) {
             throw new InvalidArgumentException('No CA certificate has been provided. Set "amqp.cacert" in your php.ini or pass the "cacert" parameter in the DSN to use SSL. Alternatively, you can use amqp:// to use without SSL.');
         }