Commits on Oct 2, 2011
  1. base Net::LDAP::FilterList on Net::LDAP::Filter

    marschap committed Oct 1, 2011
    This is not yet 100% correct: Net::LDAP::Filter's _encode
    differ's from what we need by adding a dnAttributes key to the
    hash ref returned.  This is not allowed for Net::LDAP::FilterList.
  2. add MatchdValues control (RFC 3876)

    marschap committed Oct 1, 2011
    This comprises the packages
    * Net::LDAP::Control::MatchedValues
    * Net::LDAP::FilterList
    which are both contained in the file lib/Net/LDAP/Control/
  3. a bit of refactoring for Net::LDAP::Filter

    marschap committed Oct 1, 2011
    * make _encode resonsible for all simple filter items
    * remove unused variable
    * update comments
  4. fixes for the ProxyAuthorization control

    marschap committed Oct 1, 2011
    * better documentation
      - mention RFC
      - tell the purpose of the control
    * fix name of the control:  LDAP_CONTROL_PROXYAUTHORIZATION
      Keep the old, wrong name in N:L::Constant for compatibility reasons
  5. make sure to call the correct as_string()

    marschap committed Oct 1, 2011
    As $f is not an object, calling $f->as_string fails.
    Tell Perl where to find the as_string we want.
    While I'm at it, make some minor changes to the documentation.
Commits on Sep 23, 2011
  1. fix copy & paste typo

    gbarr committed Sep 23, 2011
  2. Revert "Verify hostnames in TLS connections"

    gbarr committed Sep 23, 2011
    This reverts commit 4dc845e.
Commits on Sep 8, 2011
Commits on Sep 7, 2011
  1. implement Asserticon Control

    marschap committed Sep 7, 2011
  2. fix typos

    marschap committed Sep 7, 2011
  3. un-break certificate verification

    marschap committed Sep 7, 2011
    Commit 041d540 "Specify that we want to use the 'ldap' scheme to verify
    certificates" unconditionally set IO:Socket::SSL's SSL_verify_cn_scheme
    In principle this is a good thing: it allows to verify whether the name of
    the host we connect to matches the host name in the certificate presented.
    But doing it unconditionally led to some trouble:
    * it broke $ldap->start_tls() completely.
      see SSL_verifycn_name in IO::Socket::SSL(3) for why
    * in the case of sslverify = 'none' it created a warning
      on every connect.
    This commit fixes both issues.
Commits on Sep 5, 2011
  1. Verify hostnames in TLS connections

    chrisridd committed with gbarr Apr 5, 2010
    This is done in connect_ldaps() and start_tls(), and calls
    IO::Socket::SSL's verify_hostname method.
    The default (for backwards compatibility?) is to not check, but pass
    check => 1 if you want checking.
  2. fix POD spelling errors

    marschap committed with gbarr Sep 4, 2011
    provided by Jonathan Yu <> for Debian's package
Commits on Sep 4, 2011
  1. fix POD spelling errors

    marschap committed Sep 4, 2011
    provided by Jonathan Yu <> for Debian's package
Commits on Sep 3, 2011
  1. Release 0.43

    gbarr committed Sep 3, 2011
  2. Release 0.42

    gbarr committed Sep 3, 2011
  3. Release 0.41

    gbarr committed Sep 3, 2011
Commits on Apr 28, 2011
  1. Merged pull request #1 from cmikk/master.

    gbarr committed Apr 28, 2011
    ldapi:// + SASL authentication fix.
  2. Check whether LDAP socket object has a peerhost() method defined

    Chris Mikkelson committed Apr 28, 2011
    before calling it. This fixes SASL authentication over UNIX domain
    (ldapi://) sockets.
Commits on Jan 22, 2011
  1. extend Net::LDAP::Entry->update() to take LDIF objects

    marschap committed with gbarr Jan 9, 2011
    Extend's update() method so that it can take
    Net::LDAP::LDIF objects as handles too, and append the entry's
    data to the LDIF.
    For LDIF arguments also return a Net::LDAP::Message argument:
    on success return LDAP_SUCCESS, on error return LDAP_OTHER.
    One might argue that tis is against the standards, but
    Net::LDAP::Entry->update() is not covered in any standard.
    The big plus is, it allows clients to have one common code path for
    directory servers and LDIF files (except for startup/shutdown)
    which makes using LDIF as "dry-run" output for servers really simple.
    Especially for the result value, it s a lot more convenient than any other
    combination of Net::LDAP::entry->update() and Net::LDAP::Entry->ldif().
    Signed-off-by: Peter Marschall <>
  2. Entry.pod: fix typos

    marschap committed with gbarr Jul 2, 2010
    Signed-off-by: Peter Marschall <>
Commits on Jun 28, 2010
  1. Added cn,o,ou to the default set of case-insensitive attributes

    kartiksubbarao committed with gbarr Jun 26, 2010
    Signed-off-by: Kartik Subbarao <>
  2. [PATCH] use of non-localised $_ in Net::LDAP::Constant causes prolems…

    real-dam committed with gbarr Apr 19, 2010
    … in lemonldap-ng
    [perl-ldap 0.4001; perl 5.10.1]
    Please find attached a patch that fixes a problem when requiring
    Net::LDAP in certain environments. The problem can be demonstrated by
    perl -we'require Net::LDAP for (1,2)'
    Similar code is used in lemonldap-ng's test suite since a long time,
    and with perl-ldap 0.4001, tests suddenly fail. There is a bug report
    in Debian about this at
    I hope the patch is OK and you would incorporate it in a future
    perl-ldap release.
Commits on Mar 24, 2010
  1. Release 0.4001

    gbarr committed Mar 24, 2010
Commits on Mar 12, 2010
  1. Release 0.40

    gbarr committed Mar 12, 2010