Preferred bug tracker

Please visit the preferred bug tracker to report your issue.

This queue is for tickets about the perl-ldap CPAN distribution.

Report information
The Basics
Id:
131045
Status:
new
Priority:
Low/Low
Queue:

People
Owner:
Nobody in particular
Requestors:
ppisar [...] redhat.com
Cc:
COUDOT [...] cpan.org
AdminCc:

BugTracker
Severity:
(no value)
Broken in:
0.66
Fixed in:
(no value)



Subject: Net::LDAPS does not verify peer certificate by default
This simple ldaps client does not verify server certificate: #!/usr/bin/perl use Net::LDAPS; my $conn = Net::LDAPS->new('localhost', version => 3, port => 2000, raw => qr/^$/ ) || die "$@\n"; $conn->disconnect(); I can see Net::LDAP does document a default value of the "verify" option. It seems to be 0 (none). Would it be possible to change the default to 3 (required) and document it? I believe it is a nowadays assumed behavior that TLS-secured clinets verify peer's certificate by default.


This service runs on Request Tracker, is sponsored by The Perl Foundation, and maintained by Best Practical Solutions.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.