On Sun, 3 May 2015 15:05:48 -0700 Ryan Tandy <r...@nardis.ca> wrote: > Control: tag -1 confirmed > > On Sun, May 03, 2015 at 11:39:05PM +0200, Christian Ospelkaus wrote: > >The perl module Net::LDAP in jessie fails to talk to an slapd on jessie using > >start_tls. Net::LDAP in jessie can, however, talk to an slapd running on > >wheezy. > > Thanks for the report. I confirm that behaviour and will take a closer > look as soon as I can. It looks like it does work if I don't set > olcTLSCipherSuite at all, so I wonder if the SECURE256 setting simply > has no ciphers in common with Net::LDAP's defaults?
Thanks for the quick reply. Sorry I filed the report using a local email address. Please use chanli...@googlemail.com >From the libnet-ldap-perl documentation: Net::LDAPS will by default use all the algorithms built into your copy of OpenSSL, except for ones considered to use "low" strength encryption, and those using export strength encryption. You can override this when you create the Net::LDAPS object using the 'ciphers' option. I briefly looked at it, but I could not see how it would select specific ciphers. Thanks, Christian -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
