On Sep 7, 2011, at 09:26 , Peter Marschall wrote: > Hi Graham, > > please consider pulling the commits in my pull request > https://github.com/gbarr/perl-ldap/pull/3 > into master and release version 0.44 of perl-ldap really soon. > > Reasons: > * 0.43 has a serious regression: commit 041d540 broke start_tls completely > and led to warnings being generated at every encrypted connection with > sslverify='none'. > This is fixed by commit a3c4f7f "un-break certificate verification" > > BTW: this commit does The Right Thing(tm) and obsoletes commit 4dc845e > "Verify hostnames in TLS connections" in the next branch.
Chris, as that commit is yours. Do you agree with this comment ? Graham. > > In my opinion we should not add additional compatibility flags for bug fixes: > not checking the host name in the sslverify != ' none' cases was definitely > a bug (allowing MITM attacks to go unnoticed) > Instead, I propose a note in the ChangeLog, > > * lots of typo fixes in documentation > > * extended documentation for Pre-Read & Post-Read controls > > As bonus: > * Assertion Control implemented > * new control LDAP_CONTROL_PERMISSIVEMODIFY > > Thanks > Peter > > > -- > Peter Marschall > pe...@adpm.de >
