Menu
▾
▴
Re: userpassword
|
From: Graham B. <gb...@po...> - 2001-07-04 09:05:32
|
On Wed, Jul 04, 2001 at 09:58:37AM +0100, Chris Ridd wrote: > Graham Barr <gb...@po...> wrote: > > On Wed, Jul 04, 2001 at 09:12:01AM +0100, Chris Ridd wrote: > >> If the server is storing hashed passwords, you should be > >> binding/comparing with the plain text passwords. Consider using LDAPS or > >> LDAPv3 startTLS if you want to prevent people from sniffing those > >> passwords on your network. > > > > This reminds me. What needs to be done for Net::LDAP to support startTLS ? > > > > Graham. > > IIRC, IO::Socket::SSL needs to support send() and recv(), which I imagined > would mean it (and by extension Net::SSLeay) needed rewriting to use > openssl's non-blocking I/O. Is this because Net::LDAP currently uses send() and recv() ? If so I am planning to change that so that Net::LDAPS does not need its own _sendmesg. I am also going to split the actual connect out out new(), so Net::LDAPS will not need to duplicate that, but just provide a connect sub. Is the Net::LDAPS in CVS upto date ? Graham. |
