On Mon, Jul 02, 2012 at 10:26:34PM +0200, Alexander Bluhm wrote:
> On Sat, Jun 30, 2012 at 07:59:22PM +0100, Mikolaj Kucharski wrote:
> > Currently Net::SMTP::TLS fails with:
> > invalid SSL_version specified at
> > /usr/local/libdata/perl5/site_perl/IO/Socket/SSL.pm line 308
>
> I am the OpenBSD port maintainer of p5-IO-Socket-SSL. Unfortunately
> the regression tests of p5-Net-SMTP-TLS do not catch this bug so I
> did not notice.
>
> During update of p5-IO-Socket-SSL to 1.74 the p5-ldap regression
> tests failed for a similar reason. I contacted the CPAN maintainer
> of IO::Socket::SSL and he thinks that his default 'SSLv23:!SSLv2'
> should be used. Having one policy for the SSL version is better
> than every module doing its own stuff.
>
> > ++ SSL_version => "TLSv1")){
>
> >From the IO::Socket::SSL SSL_version documentation:
> Setting the version instead to 'TLSv1' will probably break
> interaction with lots of clients which start with SSLv2 and then
> upgrade to TLSv1.
>
> So my suggestion is to remove this code: SSL_version => "SSLv3 TLSv1"
>
> bluhm
FWIW, this is also what smtp-cli's author is doing:
https://github.com/mludvig/smtp-cli/commit/5247e094ba8e86a82f5397f9e559ff7959f46e13
--
best regards
q#
