Skip Menu |

This queue is for tickets about the Net-IMAP-Simple CPAN distribution.

Report information
The Basics
Id: 122679
Status: open
Priority: 0/
Queue: Net-IMAP-Simple
People
Owner: Nobody in particular
Requestors: tlhackque [...] yahoo.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Tue Aug 01 21:34:11 2017 tlhackque [...] yahoo.com - Ticket created
Subject: starttls doesn't seem to take ssl_version or other SSL options
Suppose I want to use starttls. The default versions are: SSL_v3 is dead, and TLSv1 is deprecated (v12 is prefered). If I specify ssl_version, use_ssl is forced on. But the host wants starttls. Further, ssl_options aren't saved unless use_ssl is set. starttls doesn't take any arguments. So how does one use starttls with custom ssl_options (e.g. trusted certs, host verification, etc)? It doesn't seem possible. Also, the greeting doesn't seem to be saved - how do I know that the host supports (demands) starttls? See Net::SMTP for one approach to an API that works with starttls...note that it saves the SSL options at new, and applies them with starttls.
  Thu Aug 10 14:31:47 2017 jettero [...] cpan.org - Correspondence added
I think you're right on all counts. When I wrote those sections, there were no concerns at all about ssl versions and the defaults were perfectly fine (circa 2005 or so I imagine). Yeah, git blame shows it was introduced around then, but with patches as late as 2009 -- when I probably should have thought about it more. I'll have to introduce options for it I suppose. On Tue Aug 01 21:34:11 2017, tlhackque wrote: Show quoted text
> Suppose I want to use starttls. > > The default versions are: SSL_v3 is dead, and TLSv1 is deprecated (v12 > is prefered). > > If I specify ssl_version, use_ssl is forced on. But the host wants > starttls. > > Further, ssl_options aren't saved unless use_ssl is set. > > starttls doesn't take any arguments. > > So how does one use starttls with custom ssl_options (e.g. trusted > certs, host verification, etc)? > > It doesn't seem possible. > > Also, the greeting doesn't seem to be saved - how do I know that the > host supports (demands) starttls? > > See Net::SMTP for one approach to an API that works with > starttls...note that it saves the SSL options at new, and applies them > with starttls.
-- If riding in an airplane is flying, then riding in a boat is swimming. 116 jumps, 48.6 minutes of freefall, 92.9 freefall miles.
  Thu Aug 10 14:31:47 2017 The RT System itself - Status changed from 'new' to 'open'