Menu
▾
▴
Re: userpassword
|
From: Chris R. <chr...@me...> - 2001-07-04 08:58:54
|
Graham Barr <gb...@po...> wrote: > On Wed, Jul 04, 2001 at 09:12:01AM +0100, Chris Ridd wrote: >> If the server is storing hashed passwords, you should be >> binding/comparing with the plain text passwords. Consider using LDAPS or >> LDAPv3 startTLS if you want to prevent people from sniffing those >> passwords on your network. > > This reminds me. What needs to be done for Net::LDAP to support startTLS ? > > Graham. IIRC, IO::Socket::SSL needs to support send() and recv(), which I imagined would mean it (and by extension Net::SSLeay) needed rewriting to use openssl's non-blocking I/O. Cheers, Chris |
