projects / squirrelmail.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Sync configtest with core
[squirrelmail.git] / src / configtest.php
diff --git a/src/configtest.php b/src/configtest.php
index 8356ebebe3da9bc0bbadec8bf6f5e669a768e8d2..92a50484da709ce2acc3ac58c1aa8af9534e563a 100644 (file)
--- a/src/configtest.php
+++ b/src/configtest.php
@@ -632,7 +632,10 @@ if($useSendmail) {
 
     echo $IND . "sendmail OK<br />\n";
 } else {
 
     echo $IND . "sendmail OK<br />\n";
 } else {
-    $stream = fsockopen( ($use_smtp_tls==1?'tls://':'').$smtpServerAddress, $smtpPort,
+    // NB: Using "ssl://" ensures the highest possible TLS version
+    // will be negotiated with the server (whereas "tls://" only
+    // uses TLS version 1.0)
+    $stream = fsockopen( ($use_smtp_tls==1?'ssl://':'').$smtpServerAddress, $smtpPort,
             $errorNumber, $errorString);
     if(!$stream) {
         do_err("Error connecting to SMTP server \"$smtpServerAddress:$smtpPort\".".
             $errorNumber, $errorString);
     if(!$stream) {
         do_err("Error connecting to SMTP server \"$smtpServerAddress:$smtpPort\".".
@@ -736,7 +739,10 @@ if($useSendmail) {
 echo "Checking IMAP service....<br />\n";
 
 /** Can we open a connection? */
 echo "Checking IMAP service....<br />\n";
 
 /** Can we open a connection? */
-$stream = fsockopen( ($use_imap_tls==1?'tls://':'').$imapServerAddress, $imapPort,
+// NB: Using "ssl://" ensures the highest possible TLS version
+// will be negotiated with the server (whereas "tls://" only
+// uses TLS version 1.0)
+$stream = fsockopen( ($use_imap_tls==1?'ssl://':'').$imapServerAddress, $imapPort,
         $errorNumber, $errorString);
 if(!$stream) {
     do_err("Error connecting to IMAP server \"$imapServerAddress:$imapPort\".".
         $errorNumber, $errorString);
 if(!$stream) {
     do_err("Error connecting to IMAP server \"$imapServerAddress:$imapPort\".".
Unnamed repository; edit this file 'description' to name the repository.