From 3d4127ad47daf52cc1a8e914638e75f36341fd59 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Fri, 5 Jul 2019 14:41:55 +0200
Subject: [PATCH] - fix problem with tls version on STARTTLS in mail class

---
 interface/lib/classes/ispcmail.inc.php | 8 +++++++-
 server/lib/classes/ispcmail.inc.php    | 8 +++++++-
 2 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/interface/lib/classes/ispcmail.inc.php b/interface/lib/classes/ispcmail.inc.php
index b818e1e44a..522fd1a71b 100644
--- a/interface/lib/classes/ispcmail.inc.php
+++ b/interface/lib/classes/ispcmail.inc.php
@@ -599,10 +599,16 @@ class ispcmail {
 			fputs($this->_smtp_conn, 'STARTTLS' . $this->_crlf);
 			fgets($this->_smtp_conn, 515);
 			
+			$crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+
+			if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) {
+				$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
+				$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
+			}
 			stream_context_set_option($this->_smtp_conn, 'ssl', 'verify_host', false);
 			stream_context_set_option($this->_smtp_conn, 'ssl', 'verify_peer', false);
 			stream_context_set_option($this->_smtp_conn, 'ssl', 'allow_self_signed', true);
-			stream_socket_enable_crypto($this->_smtp_conn, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
+			stream_socket_enable_crypto($this->_smtp_conn, true, $crypto_method);
 		}
 
 		//AUTH LOGIN
diff --git a/server/lib/classes/ispcmail.inc.php b/server/lib/classes/ispcmail.inc.php
index 305b39f35b..cc83c74137 100644
--- a/server/lib/classes/ispcmail.inc.php
+++ b/server/lib/classes/ispcmail.inc.php
@@ -598,7 +598,13 @@ class ispcmail {
 		if($this->smtp_crypt == 'tls') {
 			fputs($this->_smtp_conn, 'STARTTLS' . $this->_crlf);
 			fgets($this->_smtp_conn, 515);
-			stream_socket_enable_crypto($this->_smtp_conn, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
+			$crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;
+
+			if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) {
+				$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
+				$crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
+			}
+			stream_socket_enable_crypto($this->_smtp_conn, true, $crypto_method);
 		}
 
 		//AUTH LOGIN
-- 
GitLab