From 2cc9b6a857869a2ece283fc31d35729e13bd0f7f Mon Sep 17 00:00:00 2001
From: rxu <rxu@mail.ru>
Date: Sat, 18 Mar 2017 01:11:32 +0700
Subject: [PATCH] [ticket/13558] Make SSL context specific options more SMTP
 general

PHPBB3-13558
---
 phpBB/includes/functions_messenger.php | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/phpBB/includes/functions_messenger.php b/phpBB/includes/functions_messenger.php
index 8f9163f85f..23a81ae3e8 100644
--- a/phpBB/includes/functions_messenger.php
+++ b/phpBB/includes/functions_messenger.php
@@ -1046,7 +1046,18 @@ function smtpmail($addresses, $subject, $message, &$err_msg, $headers = false)
 	}
 	$collector = new \phpbb\error_collector;
 	$collector->install();
-	$smtp->socket = fsockopen($config['smtp_host'], $config['smtp_port'], $errno, $errstr, 20);
+
+	$options = array();
+	$verify_peer = (bool) $config['ssl_verify_peer'];
+	$verify_peer_name = (bool) $config['ssl_verify_peer_name'];
+	$allow_self_signed = (bool) $config['ssl_allow_self_signed'];
+	$remote_socket = $config['smtp_host'] . ':' . $config['smtp_port'];
+
+	// Set ssl context options, see http://php.net/manual/en/context.ssl.php
+	$options['ssl'] = array('verify_peer' => $verify_peer, 'verify_peer_name' => $verify_peer_name, 'allow_self_signed' => $allow_self_signed);
+	$socket_context = stream_context_create($options);
+
+	$smtp->socket = stream_socket_client($remote_socket, $errno, $errstr, 20, STREAM_CLIENT_CONNECT, $socket_context);
 	$collector->uninstall();
 	$error_contents = $collector->format_errors();
 
@@ -1467,17 +1478,6 @@ class smtp_class
 
 		if (socket_set_blocking($this->socket, 1))
 		{
-			global $config;
-
-			$options = array();
-			$verify_peer = (bool) $config['ssl_verify_peer'];
-			$verify_peer_name = (bool) $config['ssl_verify_peer_name'];
-			$allow_self_signed = (bool) $config['ssl_allow_self_signed'];
-
-			// Set ssl context options, see http://php.net/manual/en/context.ssl.php
-			$options['ssl'] = array('verify_peer' => $verify_peer, 'verify_peer_name' => $verify_peer_name, 'allow_self_signed' => $allow_self_signed);
-			stream_context_set_option($this->socket, $options);
-
 			$result = stream_socket_enable_crypto($this->socket, true, STREAM_CRYPTO_METHOD_TLS_CLIENT);
 			socket_set_blocking($this->socket, (int) $stream_meta['blocked']);
 		}