Update tls_client and tls_server to include newer TLS versions.

Refs #10445
2024-11-15 03:18:26 +00:00 · 2017-04-04 23:17:30 -04:00 · 2017-04-04 23:17:30 -04:00 · 4475cc06fd
commit 4475cc06fd
parent 7dbc71df8c
1 changed files with 12 additions and 0 deletions
--- a/lib/Cake/Network/CakeSocket.php
+++ b/lib/Cake/Network/CakeSocket.php
@ -131,6 +131,18 @@ class CakeSocket {
 				$this->_encryptMethods[$key] = constant($const);
 			}
 		}
+
+		// As of PHP5.6.6, STREAM_CRYPTO_METHOD_TLS_CLIENT does not include
+		// TLS1.1 or 1.2. If we have TLS1.2 support we need to update the method map.
+		//
+		// See https://bugs.php.net/bug.php?id=69195 &
+		// https://github.com/php/php-src/commit/10bc5fd4c4c8e1dd57bd911b086e9872a56300a0
+		if (isset($this->_encryptMethods['tlsv1_2_client'])) {
+			$this->_encryptMethods['tls_client'] = STREAM_CRYPTO_METHOD_TLS_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
+		}
+		if (isset($this->_encryptMethods['tlsv1_2_server'])) {
+			$this->_encryptMethods['tls_server'] = STREAM_CRYPTO_METHOD_TLS_SERVER | STREAM_CRYPTO_METHOD_TLSv1_1_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER;
+		}
 	}

 /**