=== modified file 'src/client_side_request.cc'
--- src/client_side_request.cc	2012-05-08 18:14:08 +0000
+++ src/client_side_request.cc	2012-07-11 02:55:06 +0000
@@ -1281,6 +1281,13 @@
 {
     if (http->request->method == METHOD_CONNECT &&
             Config.accessList.ssl_bump && http->getConn()->port->sslBump) {
+        // check that Upgrade header is a) not present, or b) contains "TLS/n.n" before bothering with bumping
+        if (http->request->header.has(HDR_UPGRADE) && http->request->header.getStr(HDR_UPGRADE).cmp("TLS/", 4)) {
+            debugs(85, 5, HERE << "SslBump not possible. HTTP specifies Upgrade: " << http->request->header.getStr(HDR_UPGRADE));
+            http->sslBumpNeeded(false);
+            return false;
+        }
+
         debugs(85, 5, HERE << "SslBump possible, checking ACL");
 
         ACLFilledChecklist *acl_checklist = clientAclChecklistCreate(Config.accessList.ssl_bump, http);

