From 4321d0eddb91c7f29d3f98e7117ab3c4b9c2b9f0 Mon Sep 17 00:00:00 2001
From: aynsix <asr@esokia-webagency.com>
Date: Mon, 2 Oct 2023 17:14:37 +0300
Subject: [PATCH] add tls 1.1 and 1.2 option

---
 lib/Alchemy/Phrasea/Application.php                 | 13 ++++++++++---
 .../Core/Configuration/RegistryFormManipulator.php  |  2 +-
 .../Phrasea/Form/Configuration/EmailFormType.php    |  2 +-
 3 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/lib/Alchemy/Phrasea/Application.php b/lib/Alchemy/Phrasea/Application.php
index d0c8855011..ed9ed95242 100644
--- a/lib/Alchemy/Phrasea/Application.php
+++ b/lib/Alchemy/Phrasea/Application.php
@@ -687,9 +687,16 @@ private function setupSwiftMailer()
                 );
 
                 $encryption = null;
+                $secureMode = '';
 
-                if (in_array($app['conf']->get(['registry', 'email', 'smtp-secure-mode']), ['ssl', 'tls'])) {
-                    $encryption = $app['conf']->get(['registry', 'email', 'smtp-secure-mode']);
+                if (in_array($app['conf']->get(['registry', 'email', 'smtp-secure-mode']), ['ssl', 'tlsv1.1', 'tlsv1.2'])) {
+                    $secureMode = $app['conf']->get(['registry', 'email', 'smtp-secure-mode']);
+
+                    if ($secureMode == 'ssl') {
+                        $encryption = 'ssl';
+                    } else {
+                        $encryption = 'tls';
+                    }
                 }
 
                 $options = $app['swiftmailer.options'] = array_replace([
@@ -707,7 +714,7 @@ private function setupSwiftMailer()
                 $transport->setEncryption($options['encryption']);
 
                 if ($options['encryption'] == 'tls') {
-                    $transport->setStreamOptions(['ssl' =>['tlsv1.2' => true]]);
+                    $transport->setStreamOptions(['ssl' =>[$secureMode => true]]);
                 }
 
                 if ($app['conf']->get(['registry', 'email', 'smtp-auth-enabled'])) {
diff --git a/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php b/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php
index f832bbbdc0..8e861f7b07 100644
--- a/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php
+++ b/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php
@@ -178,7 +178,7 @@ private function getDefaultData(array $config)
                 'smtp-auth-enabled' => false,
                 'smtp-host' => null,
                 'smtp-port' => null,
-                'smtp-secure-mode' => 'tls',
+                'smtp-secure-mode' => 'tlsv1.1',
                 'smtp-user' => null,
                 'smtp-password' => isset($config['email']['smtp-password']) ? $config['email']['smtp-password'] : null,
             ],
diff --git a/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php b/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php
index 37eadd1478..03df53939c 100644
--- a/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php
+++ b/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php
@@ -42,7 +42,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
         ]);
         $builder->add('smtp-secure-mode', ChoiceType::class, [
             'label'        => 'SMTP encryption',
-            'choices'      => ['none' => 'None', 'ssl' => 'SSL', 'tls' => 'TLS'],
+            'choices'      => ['none' => 'None', 'ssl' => 'SSL', 'tlsv1.1' => 'TLS1.1', 'tlsv1.2' => 'TLS1.2'],
         ]);
         $builder->add('smtp-user', TextType::class, [
             'label'        => 'SMTP user',