From b2dd6628177904d9fe118da13df373e59be61b31 Mon Sep 17 00:00:00 2001
From: Jay Patel <japatel@paypal.com>
Date: Wed, 9 Dec 2015 11:55:30 -0600
Subject: [PATCH] Enabled Checks for TLSv1.2 support.

- Update your configurations to use `tls` instead of `sandbox` to verify server support
---
 CHANGELOG.md                                            | 3 +++
 README.md                                               | 5 +++++
 lib/PayPal/Service/PayPalAPIInterfaceServiceService.php | 2 +-
 samples/Configuration.php                               | 4 ++++
 4 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bb459217..374d4f1f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,8 @@
 ### CHANGELOG
 
+####Version 3.9.1 - Dec 9, 2015
+   - Added TLSv1.2 Endpoint support
+
 ####Version 3.9.0 - Sep 22, 2015
    - Updated IPN Endpoint
 
diff --git a/README.md b/README.md
index 99558382..d1673ebe 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,11 @@
 
    The merchant SDK can be used for integrating with the Express Checkout, Mass Pay, Web Payments Pro APIs.
 
+## TLSv1.2 Update
+> **The [PCIv3.1 DSS (PDF)](https://www.pcisecuritystandards.org/documents/PCI_DSS_v3-1.pdf) mandates (p.46) that TLSv1.0 be retired from service by June 30, 2016. All organizations that handle credit card information are required to comply with this standard. As part of this obligation, PayPal is updating it's services to require TLSv1.2 for all HTTPS connections. [Click here](https://github.paypal.com/SDK-R/tls-update) for more information**
+
+> A new `mode` has been created to test if your server/machine handles TLSv1.2 connections. Please use `tls` mode instead of `sandbox` to verify. You can return back to `sandbox` mode once you have verified. Please have a look at this [Sample Configuration](https://github.com/paypal/merchant-sdk-php/blob/namespace-php5.3/samples/Configuration.php#L10-15).
+
 ## POODLE Update
 - Because of the Poodle vulnerability, PayPal has disabled SSLv3. 
 - To enable TLS encryption, the changes were made to [PPHttpConfig.php](https://github.com/paypal/sdk-core-php/blob/namespace-5.3/lib/PayPal/Core/PPHttpConfig.php#L11) in [SDK Core](https://github.com/paypal/sdk-core-php/tree/namespace-5.3) to use a cipher list specific to TLS encryption.
diff --git a/lib/PayPal/Service/PayPalAPIInterfaceServiceService.php b/lib/PayPal/Service/PayPalAPIInterfaceServiceService.php
index acb05026..22d01406 100644
--- a/lib/PayPal/Service/PayPalAPIInterfaceServiceService.php
+++ b/lib/PayPal/Service/PayPalAPIInterfaceServiceService.php
@@ -71,7 +71,7 @@ class PayPalAPIInterfaceServiceService extends PPBaseService {
 	protected static $SDK_NAME = "merchant-php-sdk";
 
 	// SDK Version
-	protected static $SDK_VERSION = "3.9.0";
+	protected static $SDK_VERSION = "3.9.1";
 
     /**
     * @param $config - Dynamic config map. This takes the higher precedence if config file is also present.
diff --git a/samples/Configuration.php b/samples/Configuration.php
index 3951ea83..cd99a4cd 100644
--- a/samples/Configuration.php
+++ b/samples/Configuration.php
@@ -7,7 +7,11 @@ public static function getConfig()
 		$config = array(
 				// values: 'sandbox' for testing
 				//		   'live' for production
+                //         'tls' for testing if your server supports TLSv1.2
 				"mode" => "sandbox",
+                // TLSv1.2 Check: Comment the above line, and switch the mode to tls as shown below
+                // "mode" => "tls"
+
                 'log.LogEnabled' => true,
                 'log.FileName' => '../PayPal.log',
                 'log.LogLevel' => 'FINE'