Re: LDAPS Documentation Correction

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Jim Dutton <ji...@du...> wrote:
> The documentation for the LDAPS (Perl-Ldap V0.24) module uses an IP
> hostname in its example of the HOST parameter. The underlying 'connect'
> subroutine, however, calls for an IP address (PeerAddr) instead.
> 
> The documentation for IO::Socket::SSL shows support for both "peeraddr"
> and "peerhost".
> 
> When using LDAPS with an IP hostname, the program fails. When using
> LDAPS with an IP address, the program succeeds.
> 
> 

That's curious. One of the changes in 0.24 is that some of the common code
between Net::LDAP and Net::LDAPS has been centralised, so possibly
something's gone AWOL during that cleanup, even though Graham and I both
tested the code.

So there's now a _connect routine in each module that does the dirty work
of creting the socket. The _connect code looks pretty similar in both
modules!

# Net::LDAP:
sub _connect {
  my ($ldap, $host, $arg) = @_;   $ldap->{net_ldap_socket} =
IO::Socket::INET->new(
    PeerAddr => $host,
    PeerPort => $arg->{port} || '389',
    Proto    => 'tcp',
    Timeout  => defined $arg->{timeout}
 ? $arg->{timeout}
 : 120
  );
}

# Net::LDAPS:
sub _connect {
  my ($ldap, $host, $arg) = @_;   $ldap->{'net_ldap_socket'} =
IO::Socket::SSL->new(
    PeerAddr     => $host,
    PeerPort     => $arg->{'port'} || '636',
    Proto        => 'tcp',
    Timeout      => defined $arg->{'timeout'} ? $arg->{'timeout'} : 120,
    SSL_context_init_args($arg)
  );
} 

Do you get the same connection problem with Net::LDAP? If so, could it be
an problem with whatever name resolution you're using locally - DNS etc?

Did you get the same problem before 0.24?

Cheers,

Chris