There's definitely code to make the link to the login page have a return_url that includes http://... when redirecting to a https login page from a http page.
Please file this in the bug-tracker.
/Lars