Skip to content
This repository
Browse code

Merge pull request #7 from marschap/next

RT#77180 use "sslv23" instead of "sslv2/3" for sslversion
  • Loading branch information...
commit a1155cdba713da6683ad6a4db40aea8bae57b12b 2 parents c579bc9 + ac9f603
Peter Marschall authored May 17, 2012
7  lib/Net/LDAP.pm
@@ -225,6 +225,11 @@ sub _SSL_context_init_args {
225 225
       $passwdcb = $arg->{'keydecrypt'};
226 226
   }
227 227
 
  228
+  # allow deprecated "sslv2/3" in addition to IO::Socket::SSL's "sslv23"
  229
+  if (defined $arg->{'sslversion'}) {
  230
+      $arg->{'sslversion'} =~ s:sslv2/3:sslv23:io;
  231
+  }
  232
+
228 233
   (
229 234
     SSL_cipher_list     => defined $arg->{'ciphers'} ? $arg->{'ciphers'} : 'ALL',
230 235
     SSL_ca_file         => exists  $arg->{'cafile'}  ? $arg->{'cafile'}  : '',
@@ -236,7 +241,7 @@ sub _SSL_context_init_args {
236 241
     SSL_cert_file       => $clientcert,
237 242
     SSL_verify_mode     => $verify,
238 243
     SSL_version         => defined $arg->{'sslversion'} ? $arg->{'sslversion'} :
239  
-                           'sslv2/3',
  244
+                           'sslv23',
240 245
     %verifycn_ctx,
241 246
   );
242 247
 }
4  lib/Net/LDAP.pod
Source Rendered
@@ -180,7 +180,7 @@ B<Example>
180 180
 
181 181
 LDAPS connections have some extra valid options, see the
182 182
 L<start_tls|/start_tls> method for details. Note the default value for
183  
-'sslversion' for LDAPS is 'sslv2/3', and the default port for LDAPS
  183
+'sslversion' for LDAPS is 'sslv23', and the default port for LDAPS
184 184
 is 636.
185 185
 
186 186
 For LDAPI connections, HOST is actually the location of a UNIX domain
@@ -755,7 +755,7 @@ The server must provide a certificate, and it must be valid.
755 755
 If you set verify to optional or require, you must also set either
756 756
 cafile or capath. The most secure option is B<require>.
757 757
 
758  
-=item sslversion =E<gt> 'sslv2' | 'sslv3' | 'sslv2/3' | 'tlsv1'
  758
+=item sslversion =E<gt> 'sslv2' | 'sslv3' | 'sslv23' | 'tlsv1'
759 759
 
760 760
 This defines the version of the SSL/TLS protocol to use. Defaults to
761 761
 B<'tlsv1'>.

0 notes on commit a1155cd

Please sign in to comment.
Something went wrong with that request. Please try again.