Menu
▾
▴
Re: start_tls
|
From: Chris R. <chr...@me...> - 2001-07-06 11:12:26
|
Graham Barr <gb...@po...> wrote:
> On Fri, Jul 06, 2001 at 10:23:44AM +0100, Chris Ridd wrote:
>> I've committed additional changes to LDAPS.pm, LDAP.pm and LDAP.pod. I
>> just copied the documentation across because I thought it was still
>> useful to see directly on the LDAPS page.
>
> I see you have overridded start_tls in LDAPS with a croak.
>
> I want to avoid croaks if we can. We could just return a sucess
> as afterall we are already using SSL.
>
> This check really needs to go into Net::LDAP, as what should happen
> if start_tls is called twice ?
>
> I suggest we add a check in start_tls for $sock->isa('IO::Socket::SSL')
>
> Graham.
>
That makes more sense. Does the attached patch look any better?
It also changes the default values for cafile and capath to '', which is
required for versions of IO::Socket::SSL since 0.78. I've tested using both
cafile and capath options, and without this change using capath fails.
(We should incidentally require at least this version of IO::Socket::SSL in
Makefile.PL.)
Cheers,
Chris |
