From 460836852e26282092a8600691d1542fbb353110 Mon Sep 17 00:00:00 2001 From: Molkobain Date: Tue, 14 Jan 2020 09:34:59 +0100 Subject: [PATCH] =?UTF-8?q?N=C2=B02696=20-=20Upgrade=20SwiftMailer=20to=20?= =?UTF-8?q?v5.4.12=20(Allow=20explicit=20tls1.0,=20tls1.1,=20tls1.2=20for?= =?UTF-8?q?=20startTLS)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- composer.json | 2 +- composer.lock | 12 ++++++------ lib/composer/installed.json | 12 ++++++------ lib/swiftmailer/swiftmailer/CHANGES | 15 +++++++++++++++ lib/swiftmailer/swiftmailer/VERSION | 2 +- .../lib/classes/Swift/Transport/StreamBuffer.php | 11 ++++++++++- 6 files changed, 39 insertions(+), 15 deletions(-) diff --git a/composer.json b/composer.json index 89f769240..38d6a93a8 100644 --- a/composer.json +++ b/composer.json @@ -15,7 +15,7 @@ "pear/archive_tar": "1.4.7", "pelago/emogrifier": "2.1.0", "scssphp/scssphp": "1.0.0", - "swiftmailer/swiftmailer": "5.4.9", + "swiftmailer/swiftmailer": "5.4.12", "symfony/console": "3.4.*", "symfony/dotenv": "3.4.*", "symfony/framework-bundle": "3.4.*", diff --git a/composer.lock b/composer.lock index f5f887d14..38bd72bb7 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "3e50fd37b5b556cc901aca65fedac985", + "content-hash": "fad30bc7d8ddf9c9cb9c70ab7c3ce385", "packages": [ { "name": "combodo/tcpdf", @@ -698,16 +698,16 @@ }, { "name": "swiftmailer/swiftmailer", - "version": "v5.4.9", + "version": "v5.4.12", "source": { "type": "git", "url": "https://github.com/swiftmailer/swiftmailer.git", - "reference": "7ffc1ea296ed14bf8260b6ef11b80208dbadba91" + "reference": "181b89f18a90f8925ef805f950d47a7190e9b950" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/7ffc1ea296ed14bf8260b6ef11b80208dbadba91", - "reference": "7ffc1ea296ed14bf8260b6ef11b80208dbadba91", + "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/181b89f18a90f8925ef805f950d47a7190e9b950", + "reference": "181b89f18a90f8925ef805f950d47a7190e9b950", "shasum": "" }, "require": { @@ -748,7 +748,7 @@ "mail", "mailer" ], - "time": "2018-01-23T07:37:21+00:00" + "time": "2018-07-31T09:26:32+00:00" }, { "name": "symfony/cache", diff --git a/lib/composer/installed.json b/lib/composer/installed.json index 70ed0fd01..b0d591ab4 100644 --- a/lib/composer/installed.json +++ b/lib/composer/installed.json @@ -717,17 +717,17 @@ }, { "name": "swiftmailer/swiftmailer", - "version": "v5.4.9", - "version_normalized": "5.4.9.0", + "version": "v5.4.12", + "version_normalized": "5.4.12.0", "source": { "type": "git", "url": "https://github.com/swiftmailer/swiftmailer.git", - "reference": "7ffc1ea296ed14bf8260b6ef11b80208dbadba91" + "reference": "181b89f18a90f8925ef805f950d47a7190e9b950" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/7ffc1ea296ed14bf8260b6ef11b80208dbadba91", - "reference": "7ffc1ea296ed14bf8260b6ef11b80208dbadba91", + "url": "https://api.github.com/repos/swiftmailer/swiftmailer/zipball/181b89f18a90f8925ef805f950d47a7190e9b950", + "reference": "181b89f18a90f8925ef805f950d47a7190e9b950", "shasum": "" }, "require": { @@ -737,7 +737,7 @@ "mockery/mockery": "~0.9.1", "symfony/phpunit-bridge": "~3.2" }, - "time": "2018-01-23T07:37:21+00:00", + "time": "2018-07-31T09:26:32+00:00", "type": "library", "extra": { "branch-alias": { diff --git a/lib/swiftmailer/swiftmailer/CHANGES b/lib/swiftmailer/swiftmailer/CHANGES index 07fa342bc..3532ec2dc 100644 --- a/lib/swiftmailer/swiftmailer/CHANGES +++ b/lib/swiftmailer/swiftmailer/CHANGES @@ -1,6 +1,21 @@ Changelog ========= +5.4.12 (2018-07-31) +------------------- + + * fixed typo + +5.4.11 (2018-07-31) +------------------- + + * fixed startTLS support for PHP 5.6- + +5.4.10 (2018-07-27) +------------------- + + * fixed startTLS only allowed tls1.0, now allowed: tls1.0, tls1.1, tls1.2 + 5.4.9 (2018-01-23) ------------------ diff --git a/lib/swiftmailer/swiftmailer/VERSION b/lib/swiftmailer/swiftmailer/VERSION index 1842f65a0..82a2d1d04 100644 --- a/lib/swiftmailer/swiftmailer/VERSION +++ b/lib/swiftmailer/swiftmailer/VERSION @@ -1 +1 @@ -Swift-5.4.9 +Swift-5.4.12 diff --git a/lib/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php b/lib/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php index 9f2fff4bf..3a9fe76b2 100644 --- a/lib/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php +++ b/lib/swiftmailer/swiftmailer/lib/classes/Swift/Transport/StreamBuffer.php @@ -91,7 +91,16 @@ class Swift_Transport_StreamBuffer extends Swift_ByteStream_AbstractFilterableIn public function startTLS() { - return stream_socket_enable_crypto($this->_stream, true, STREAM_CRYPTO_METHOD_TLS_CLIENT); + // STREAM_CRYPTO_METHOD_TLS_CLIENT only allow tls1.0 connections (some php versions) + // To support modern tls we allow explicit tls1.0, tls1.1, tls1.2 + // Ssl3 and older are not allowed because they are vulnerable + // @TODO make tls arguments configurable + $cryptoType = STREAM_CRYPTO_METHOD_TLS_CLIENT; + if (PHP_VERSION_ID >= 50600) { + $cryptoType = STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT; + } + + return stream_socket_enable_crypto($this->_stream, true, $cryptoType); } /**