+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28)
+--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forumdisplay.php?fid=30)
+--- Thread: Is there a good reason CI is slipping behind the times? (/showthread.php?tid=87190)
Is there a good reason CI is slipping behind the times? - Gary - 03-23-2023
Having recently rebuilt my email server, I've found that all my CI-based applications that make use of this service started having their attempts to authenticate rejected.
The fix was pretty simple... either have the server relax its minimum requirements on the encryption protocol... OR make changes in CI to facilitate using more up-to-date protocols.
As there are other users that use the email server, all successfully (in spite of now being restricted to nothing less than TLSv1.3)... I'd prefer to leave the server's minimum protocol as it currently stands at TLSv1.3, and change the CI applications to bring them in line with the rest of the user's capabilities.
The changes to CI, unfortunately, are easiest made in the CI system files... and only involve a trivial modification to ./system/Email/Email.php (line 1886 in v4.3.1, see the bit added in red):
1886: STREAM_CRYPTO_METHOD_TLSv1_0_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_1_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT
So my question is: is there some good reason that I can't think of as to why TLSv1.3 has been excluded from the protocols that CI supports (given that it's been supported since PHP 7.4.0 - see: https://prototype.php.net/manual/en/function.stream-socket-enable-crypto.php)... that I need to consider before I go live with the above hack to the CI system files?
RE: Is there a good reason CI is slipping behind the times? - kilishan - 03-23-2023
None that I'm aware. The real world answer is that we hadn't noticed, yet, and no had submitted a bug report or PR.
Would you mind submitting a PR so that it will be fixed in future versions?
RE: Is there a good reason CI is slipping behind the times? - kenjis - 03-23-2023
See https://github.com/codeigniter4/CodeIgniter4/blob/develop/system/Email/Email.php#L1883-L1890
RE: Is there a good reason CI is slipping behind the times? - Gary - 03-29-2023
Great, thank you Kilishan.
It's already in the latest revision code?!... nice! Thanks Kenjis.
RE: Is there a good reason CI is slipping behind the times? - kenjis - 03-29-2023
Yes, it is included in v4.3.3.
See https://codeigniter.com/user_guide/changelogs/v4.3.3.html#security