Skip Menu |

This queue is for tickets about the Net-SMTP-SSL CPAN distribution.

Report information
The Basics
Id: 81594
Status: open
Priority: 0/
Queue: Net-SMTP-SSL

People
Owner: Nobody in particular
Requestors: geoperl [...] fenachrone.com
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: (no value)
Fixed in: (no value)



Subject: IO::Socket::SSL requires parameters to be functional
IO-Socket-SSL-1.79 in this commit: https://github.com/noxxi/p5-io-socket-ssl/commit/e3888257eda1ad9ba69a2334c2a415576876c6b8 now requires that the SSL_verify_mode is explicitly set to SSL_VERIFY_NONE, rather than default to that value. Net::SMTP has a hard-coded list of permitted options, and the SSL_* options are not included. By hacking Net::SMTP to pass SSL_verify_mode => 0 as one of the parameters, this can be made to work again, but there appears to be no path for end users to make this operational. Withtout this parameter, Net::SMTP::SSL->new( ... fails with the following error: ******************************************************************* Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client is depreciated! Please set SSL_verify_mode to SSL_VERIFY_PEER together with SSL_ca_file|SSL_ca_path for verification. If you really don't want to verify the certificate and keep the connection open to Man-In-The-Middle attacks please set SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application. ******************************************************************* A change in IO::Socket::SSL has broken Net::SMTP::SSL but I believe the fix is needed in Net::SMTP. I have no idea where this really needs to be reported. The Foswiki project has started to get reports from users about inoperational email after updating CPAN modules. To recreate, install Net::SMTP::SSL and (current) IO::Socket::SSL 1.80. Attempt a SSL email connection.
El Vie Nov 30 22:30:10 2012, geoaclark escribió: Show quoted text
> A change in IO::Socket::SSL has broken Net::SMTP::SSL but I believe > the > fix is needed in Net::SMTP. I have no idea where this really needs to > be reported. The Foswiki project has started to get reports from > users > about inoperational email after updating CPAN modules. > > To recreate, install Net::SMTP::SSL and (current) IO::Socket::SSL > 1.80. > Attempt a SSL email connection.
Workaround: https://rt.cpan.org/Ticket/Display.html?id=81710#txn-1173876 but, yes, it is needed report this at Net::SMTP module.