Skip Menu |
 

This queue is for tickets about the IO-Socket-SSL CPAN distribution.

Report information
The Basics
Id: 76310
Status: resolved
Priority: 0/
Queue: IO-Socket-SSL

People
Owner: Nobody in particular
Requestors: DOHERTY [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Download (untitled) / with headers
text/plain 499b
Perhaps IO::Socket::SSL is smarter than the documentation indicates. In the documentation for start_SSL: "Using PeerHost or PeerAddr works only if you create the connection directly with IO::Socket::SSL->new, if an IO::Socket::INET object is upgraded with start_SSL the name has to be given in SSL_verifycn_name." Well, I don't see that HTTP::Tiny provides SSL_verifycn_name in the start_SSL call that upgrades the IO::Socket::INET object - but I also don't notice any problems because of it.
Download (untitled) / with headers
text/plain 458b
Show quoted text
> Well, I don't see that HTTP::Tiny provides SSL_verifycn_name in the > start_SSL call that upgrades the IO::Socket::INET object - but I also > don't notice any problems because of it.
HTTP::Tiny does not use start_SSL to check the certificate, but calls verify_hostname by hand after establishing the connection - and it provides a hostname when calling verify_hostname. I've tried to make this behavior more clear with updated documentation for 1.64


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.