prepare next release
In a mail conversation with Paul Evans, the author of IO::Socket::IP, I learned that IO::Socket::IP does indeed support the Timeout option. Hence, this note, added in commit d547b96, is wrong and needs to be removed.
Check whether IO::Socket::IP 0.20 or higher exists, and if it does use it to create IPv6 & IPv4 sockets. Otherwise, check for IO::Socket::INET6 and use it when it is available for both, IPv4 & IPv6 socketr In all other cases, support IPv4 only using IO::socket::INET.
prepare for next release
Make the Authen::SASL object associated with an LDAP connection available via a documented method.
Allow it to return either the SASL layer object or the base object underneath. The logic used may look strange at first, but it guarantees compatibility with previous versions of perl-ldap.
Make it more easily readable, like the previously existing version.
Set net_ldap_rawsocket centrally once in new() instead in the various connect_ldap*() methods.
According to the RFC, if we are using a SASL security layer, then we rebind and negotiate a new security layer, the new layer replaces the old. If, on the other hand, the rebind doesn't negotiate a security layer, then the old layer remains in place. Previously Net::LDAP was attempting to apply the new layer (if any) on top of the old layer, which is incorrect. Rebind was also failing if a security layer had previously been negotiated since the security-layer filehandle doesn't support socket operations. Since we now need to keep the raw (TCP or SSL) filehandle around anyway, we can do the socket operations on that instead.
Simplify the 'changetype: modify' case in _write_entry.
Only use it when necessary, as otherwise it slows down reading by an unacceptable factor of 4.