Skip Menu |

This queue is for tickets about the libnet CPAN distribution.

Report information
The Basics
Id: 123923
Status: new
Priority: 0/
Queue: libnet

People
Owner: Nobody in particular
Requestors: gortan [...] cpan.org
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: 3.11
Fixed in: (no value)



Subject: Net::FTP: `starttls` doesn't pass on the error message of SSL_connect
Calling the Net::FTP method starttls returns boolean on whether the TLS upgrade succeeded or not. Internally, two actions are performed: AUTH TLS is sent, and the SSL connect is performed. If the former fails, `$ftp->message` will hold the error string. However, when the TLS upgrade fails during the `connect_SSL` phase, the error of IO::Socket::SSL is *not* passed on to the calling code by setting `message` accordingly. So if the calling code looks like this: $ftp->starttls or die $ftp->message; The "error" message will be "Using authentication type TLS" if the SSL connect failed, e.g. with "SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed". In my opinion, starttls should either throw (which would break backwards-compatibility), or set $ftp->message to $IO::Socket::SSL::SSL_ERROR if SSL_connect failed...