[Bug 1094442] perl-libwww-perl: incorrect handling of SSL certificate verification [fedora-all]
bugzilla at redhat.com
bugzilla at redhat.com
Mon May 26 10:36:38 UTC 2014
https://bugzilla.redhat.com/show_bug.cgi?id=1094442
--- Comment #9 from Petr Pisar <ppisar at redhat.com> ---
Thank you for the report. However there are two mistakes:
(1) The IO::Socket::SSL::new option is "SSL_verifycn_scheme", not
"SSL_verifycn_schema". Thus you could not find it in the documentation.
(2) The 6.04-3 behavior was flawed. As you can read in the upstream bug report,
the "SSL_verify_mode" option is about checking hostname. It's not intended to
control certificate validation. The same applies to
"PERL_LWP_SSL_VERIFY_HOSTNAME" environment variable. 6.04-4 has restored the
behavior which presented before 6.04.
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=z3nyxxuAUo&a=cc_unsubscribe
More information about the perl-devel
mailing list