From 82a310a9631fbf6b1aee0c4b47b620e920003fd7 Mon Sep 17 00:00:00 2001
From: aynsix <asr@esokia-webagency.com>
Date: Thu, 19 Oct 2023 17:28:07 +0300
Subject: [PATCH] tlsv1.2 by default

---
 lib/Alchemy/Phrasea/Application.php                         | 6 +++++-
 .../Phrasea/Core/Configuration/RegistryFormManipulator.php  | 2 +-
 lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php    | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/lib/Alchemy/Phrasea/Application.php b/lib/Alchemy/Phrasea/Application.php
index ed9ed95242..7eab7c6592 100644
--- a/lib/Alchemy/Phrasea/Application.php
+++ b/lib/Alchemy/Phrasea/Application.php
@@ -689,13 +689,17 @@ private function setupSwiftMailer()
                 $encryption = null;
                 $secureMode = '';
 
-                if (in_array($app['conf']->get(['registry', 'email', 'smtp-secure-mode']), ['ssl', 'tlsv1.1', 'tlsv1.2'])) {
+                if (in_array($app['conf']->get(['registry', 'email', 'smtp-secure-mode']), ['ssl', 'tls', 'tlsv1.1', 'tlsv1.2'])) {
                     $secureMode = $app['conf']->get(['registry', 'email', 'smtp-secure-mode']);
 
                     if ($secureMode == 'ssl') {
                         $encryption = 'ssl';
                     } else {
                         $encryption = 'tls';
+                        if ($secureMode == 'tls') {
+                            // by default use tlsv1.2
+                            $secureMode = 'tlsv1.2';
+                        }
                     }
                 }
 
diff --git a/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php b/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php
index 8e861f7b07..b9b50172ef 100644
--- a/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php
+++ b/lib/Alchemy/Phrasea/Core/Configuration/RegistryFormManipulator.php
@@ -178,7 +178,7 @@ private function getDefaultData(array $config)
                 'smtp-auth-enabled' => false,
                 'smtp-host' => null,
                 'smtp-port' => null,
-                'smtp-secure-mode' => 'tlsv1.1',
+                'smtp-secure-mode' => 'tlsv1.2',
                 'smtp-user' => null,
                 'smtp-password' => isset($config['email']['smtp-password']) ? $config['email']['smtp-password'] : null,
             ],
diff --git a/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php b/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php
index 03df53939c..468b4ffb00 100644
--- a/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php
+++ b/lib/Alchemy/Phrasea/Form/Configuration/EmailFormType.php
@@ -42,7 +42,7 @@ public function buildForm(FormBuilderInterface $builder, array $options)
         ]);
         $builder->add('smtp-secure-mode', ChoiceType::class, [
             'label'        => 'SMTP encryption',
-            'choices'      => ['none' => 'None', 'ssl' => 'SSL', 'tlsv1.1' => 'TLS1.1', 'tlsv1.2' => 'TLS1.2'],
+            'choices'      => ['none' => 'None', 'ssl' => 'SSL', 'tlsv1.1' => 'TLSV1.1', 'tlsv1.2' => 'TLSV1.2'],
         ]);
         $builder->add('smtp-user', TextType::class, [
             'label'        => 'SMTP user',