From 4475cc06fd36017632ced497fc22ab01bd87f5d2 Mon Sep 17 00:00:00 2001
From: mark_story <mark@mark-story.com>
Date: Tue, 4 Apr 2017 23:17:30 -0400
Subject: [PATCH] Update tls_client and tls_server to include newer TLS
 versions.

Refs #10445
---
 lib/Cake/Network/CakeSocket.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lib/Cake/Network/CakeSocket.php b/lib/Cake/Network/CakeSocket.php
index 7a9d27588..461ce31a5 100644
--- a/lib/Cake/Network/CakeSocket.php
+++ b/lib/Cake/Network/CakeSocket.php
@@ -131,6 +131,18 @@ class CakeSocket {
 				$this->_encryptMethods[$key] = constant($const);
 			}
 		}
+
+		// As of PHP5.6.6, STREAM_CRYPTO_METHOD_TLS_CLIENT does not include
+		// TLS1.1 or 1.2. If we have TLS1.2 support we need to update the method map.
+		//
+		// See https://bugs.php.net/bug.php?id=69195 &
+		// https://github.com/php/php-src/commit/10bc5fd4c4c8e1dd57bd911b086e9872a56300a0
+		if (isset($this->_encryptMethods['tlsv1_2_client'])) {
+			$this->_encryptMethods['tls_client'] = STREAM_CRYPTO_METHOD_TLS_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
+		}
+		if (isset($this->_encryptMethods['tlsv1_2_server'])) {
+			$this->_encryptMethods['tls_server'] = STREAM_CRYPTO_METHOD_TLS_SERVER | STREAM_CRYPTO_METHOD_TLSv1_1_SERVER | STREAM_CRYPTO_METHOD_TLSv1_2_SERVER;
+		}
 	}
 
 /**