Bug#573596: [rt.cpan.org #58478] SASL-related host canonicalisation misfeature

Russ Allbery rra at debian.org
Sat Jun 19 18:06:58 UTC 2010


Russ Allbery <rra at debian.org> writes:

> What makes this bug particularly nasty is that, with a GSS-API
> implementation that doesn't do this lookup for you, there's no way to
> work around the bug without surgery on the Net::LDAP module.  If you
> really don't believe me that the code is incorrect as written, please at
> least add some way for the caller to override the remote hostname for
> SASL authentication so that at least we can work around this bug without
> having to maintain a forked version of Net::LDAP.

Which, of course, is exactly what you did in the first message of this
thread.  Aie.  I'm really sorry about that -- I can only plead that it's
been a very long week.

That will let us work around the issue, which will be okay.  I do still
disagree with your decision on the canonicalization code, but that will
let us use the module without patching it, which is, at the end of the
day, the goal.

I'm sorry for not having thought through the entire thread and paid
attention before responding further.

-- 
Russ Allbery (rra at debian.org)               <http://www.eyrie.org/~eagle/>





More information about the pkg-perl-maintainers mailing list