Need option to disable TLS 1.0 and 1.1 and enable TLS 1.3

[alexhenrie]

SMTP.php currently has the following code:

        //Allow the best TLS version(s) we can
        $crypto_method = STREAM_CRYPTO_METHOD_TLS_CLIENT;

        //PHP 5.6.7 dropped inclusion of TLS 1.1 and 1.2 in STREAM_CRYPTO_METHOD_TLS_CLIENT
        //so add them back in manually if we can
        if (defined('STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT')) {
            $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT;
            $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT;
        }

For security reasons, I need to be able to disable TLS 1.0 and 1.1 and enable TLS 1.3. Unfortunately, PHPMailer is hardcoded to accept TLS 1.0 through 1.2 and reject TLS 1.3.

[Synchro]

That's not what that code does. The PHPMailer config does not disable TLSv1.3. Bear in mind that PHPMailer is a client, not a server, so if you connect to server that support 1.3, it will use 1.3 (assuming your PHP version supports it). It's not in a position to dictate what versions a server supports.

[alexhenrie]

What I mean is, I want PHPMailer to fail if the supplied SMTP server does not support TLS 1.2 or 1.3. I would rather have an error than have it continue with an insecure TLS version.

[Synchro]

You may be able to do that by passing a crypto_method element to the SSLOptions.ssl property.

$mail->SMTPOptions = [
    'ssl' => [
        'crypto_method' => STREAM_CRYPTO_METHOD_TLS_CLIENT ^ STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT ^ STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT,
    ],
];

Failing that, you can achieve it by injecting a subclass of the SMTP class which overrides that method and sets the same settings directly.

[alexhenrie]

OK, that's an option, thank you.

There's still the question of whether or not PHPMailer should allow TLS 1.3 by default. As far as I can tell, if stream_socket_enable_crypto is passed a $crypto_method argument (which it is), it will not allow TLS 1.3 as a method unless $crypto_method includes STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT (which PHPMailer does not set). Could we at least add something like:

        if (defined('STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT')) {
            $crypto_method |= STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT;
        }

[Synchro]

This is not true. PHPMailer does not need to set that flag because it's already included in STREAM_CRYPTO_METHOD_TLS_CLIENT by default. Look at how it's defined in the PHP source, where you can see that the STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT flag to enable TLS 1.3 (1 << 6) is included in the definition of STREAM_CRYPTO_METHOD_TLS_CLIENT, so 1.3 is enabled by default. Historically that bit may not have been set, but only because older builds did not have that flag available to do so, or the underlying openssl support for 1.3 was missing.

The reason that we have to do any twiddling with these constants at all is because prior to PHP 7.2, their definitions were a bit of mess.

[alexhenrie]

Ah, I didn't know that the meaning of STREAM_CRYPTO_METHOD_TLS_CLIENT changed in PHP 7.2 from "TLS 1.0 only" to "any version of TLS", sorry. Thank you for the explanation.