Does Perch or a Perch dependency dictate the version of TLS being used?

  • My email sending service (Postmark) has dropped support for TLSv1.0, so I need to work out where to enforce sending over TLSv1.1 or above. Is this something I need to do in Perch (something to do with PHP Mailer that's baked in)?


    I've had a poke through the code and this block in core/lib/PHPMailer.class.php suggests the TLS version isn't something to do with Perch:


    ```

    /**

    * Initiate a TLS (encrypted) session.

    * @access public

    * @return boolean

    */

    public function startTLS()

    {

    if (!$this->sendCommand('STARTTLS', 'STARTTLS', 220)) {

    return false;

    }


    //Allow the best TLS version(s) we can

    $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;


    //PHP 5.6.7 dropped inclusion of TLS 1.1 and 1.2 in STREAM_CRYPTO_METHOD_TLS_CLIENT

    //so add them back in manually if we can

    if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) {

    $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;

    $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;

    }


    // Begin encrypted connection

    if (!stream_socket_enable_crypto(

    $this->smtp_conn,

    true,

    $crypto_method

    )) {

    return false;

    }

    return true;

    }

    ```


    If indeed it is outside of Perch, any pointers for updating my TLS version to v1.1 or v1.2 would be very much appreciated.


    Thanks!


    Martin.

  • drewm

    Approved the thread.