Newsgroups: perl.ldap
Path: g2news1.google.com!news2.google.com!goblin1!goblin.stu.neva.ru!newsfeed.straub-nv.de!de-l.enfer-du-nord.net!feeder2.enfer-du-nord.net!nntp.develooper.com!nntp.perl.org
Return-Path: <pe...@adpm.de>
Mailing-List: contact perl-ldap-h...@perl.org; run by ezmlm
Delivered-To: mailing list perl-l...@perl.org
Received: (qmail 19541 invoked from network); 7 Sep 2011 16:26:35 -0000
Received: from x1.develooper.com (207.171.7.70)
by x6.develooper.com with SMTP; 7 Sep 2011 16:26:35 -0000
Received: (qmail 19733 invoked by uid 225); 7 Sep 2011 16:26:35 -0000
Delivered-To: perl-l...@perl.org
Received: (qmail 19729 invoked by alias); 7 Sep 2011 16:26:34 -0000
X-Spam-Status: No, hits=0.0 required=8.0
tests=
X-Spam-Check-By: la.mx.develooper.com
Received: from kw04.serverdomain.org (HELO kw04.serverdomain.org) (89.107.184.29)
by la.mx.develooper.com (qpsmtpd/0.28) with ESMTP; Wed, 07 Sep 2011 09:26:31 -0700
Received: from tsetse.adpm.de (dslb-088-067-215-057.pools.arcor-ip.net [88.67.215.57])
(Authenticated sender: ww4455p1)
by kw04.serverdomain.org (kw04.serverdomain.org) with ESMTPA id B5F5630018DF0;
Wed, 7 Sep 2011 18:26:14 +0200 (CEST)
Received: from localhost (localhost [127.0.0.1])
by tsetse.adpm.de (Postfix) with ESMTP id BFB5B293CE;
Wed, 7 Sep 2011 18:26:11 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at adpm.de
Received: from tsetse.adpm.de ([127.0.0.1])
by localhost (tsetse.adpm.de [127.0.0.1]) (amavisd-new, port 10024)
with LMTP id 7WgQc06pLkdQ; Wed, 7 Sep 2011 18:25:47 +0200 (CEST)
Received: from moth.localnet (moth.adpm.de [10.250.2.3])
by tsetse.adpm.de (Postfix) with ESMTP id 8B008293CA;
Wed, 7 Sep 2011 18:25:46 +0200 (CEST)
Organization: ADPM
To: Graham Barr <gb...@pobox.com>,
perl-l...@perl.org
Subject: critical fixes for perl-ldap 0.43
Date: Wed, 7 Sep 2011 18:26:04 +0200
User-Agent: KMail/1.13.7 (Linux/3.0.0-1-amd64; KDE/4.6.5; x86_64; ; )
MIME-Version: 1.0
Content-Type: Text/Plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <201109071826.04778.peter@adpm.de>
Approved: n...@nntp.perl.org
From: pe...@adpm.de (Peter Marschall)
Hi Graham,
please consider pulling the commits in my pull request
https://github.com/gbarr/perl-ldap/pull/3
into master and release version 0.44 of perl-ldap really soon.
Reasons:
* 0.43 has a serious regression: commit 041d540 broke start_tls completely
and led to warnings being generated at every encrypted connection with
sslverify='none'.
This is fixed by commit a3c4f7f "un-break certificate verification"
BTW: this commit does The Right Thing(tm) and obsoletes commit 4dc845e
"Verify hostnames in TLS connections" in the next branch.
In my opinion we should not add additional compatibility flags for bug fixes:
not checking the host name in the sslverify != ' none' cases was definitely
a bug (allowing MITM attacks to go unnoticed)
Instead, I propose a note in the ChangeLog,
* lots of typo fixes in documentation
* extended documentation for Pre-Read & Post-Read controls
As bonus:
* Assertion Control implemented
* new control LDAP_CONTROL_PERMISSIVEMODIFY
Thanks
Peter
--
Peter Marschall
pe...@adpm.de
Message from discussion critical fixes for perl-ldap 0.43
| Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy |
| ©2013 Google |