From: Kevan Carstensen Date: Thu, 28 Jul 2011 14:32:41 -0700 Subject: [PATCH] Specify that we want to use the 'ldap' scheme to verify certificates. --- lib/Net/LDAP.pm | 23 ++++++++++++----------- 1 files changed, 12 insertions(+), 11 deletions(-) diff --git a/lib/Net/LDAP.pm b/lib/Net/LDAP.pm index 42fe946..f47c905 100644 --- a/lib/Net/LDAP.pm +++ b/lib/Net/LDAP.pm @@ -219,17 +219,18 @@ sub _SSL_context_init_args { } ( - SSL_cipher_list => defined $arg->{'ciphers'} ? $arg->{'ciphers'} : 'ALL', - SSL_ca_file => exists $arg->{'cafile'} ? $arg->{'cafile'} : '', - SSL_ca_path => exists $arg->{'capath'} ? $arg->{'capath'} : '', - SSL_key_file => $clientcert ? $clientkey : undef, - SSL_passwd_cb => $passwdcb, - SSL_check_crl => $arg->{'checkcrl'} ? 1 : 0, - SSL_use_cert => $clientcert ? 1 : 0, - SSL_cert_file => $clientcert, - SSL_verify_mode => $verify, - SSL_version => defined $arg->{'sslversion'} ? $arg->{'sslversion'} : - 'sslv2/3', + SSL_cipher_list => defined $arg->{'ciphers'} ? $arg->{'ciphers'} : 'ALL', + SSL_ca_file => exists $arg->{'cafile'} ? $arg->{'cafile'} : '', + SSL_ca_path => exists $arg->{'capath'} ? $arg->{'capath'} : '', + SSL_key_file => $clientcert ? $clientkey : undef, + SSL_passwd_cb => $passwdcb, + SSL_check_crl => $arg->{'checkcrl'} ? 1 : 0, + SSL_use_cert => $clientcert ? 1 : 0, + SSL_cert_file => $clientcert, + SSL_verify_mode => $verify, + SSL_version => defined $arg->{'sslversion'} ? $arg->{'sslversion'} : + 'sslv2/3', + SSL_verifycn_scheme => "ldap", ); } -- 1.7.6 From: Kevan Carstensen Date: Mon, 8 Aug 2011 08:23:27 -0700 Subject: [PATCH] Require a more recent version of IO::Socket::SSL. --- Makefile.PL | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/Makefile.PL b/Makefile.PL index d8a8571..2bbe6fa 100644 --- a/Makefile.PL +++ b/Makefile.PL @@ -39,7 +39,7 @@ features( ], 'LDAPS' => [ -default => 0, - 'IO::Socket::SSL' => 0.93, + 'IO::Socket::SSL' => 1.26, ], 'Read/Write DSML files' => [ -default => 0, -- 1.7.6