From 778926d3c5572bde442789b1f5aba9c352dc1b73 Mon Sep 17 00:00:00 2001 From: "mahlon@martini.nu" Date: Tue, 6 Sep 2011 22:59:04 +0000 Subject: [PATCH] Exit with a nicer error message if IO::Socket::SSL isn't installed, but the user is requesting SSL/TLS. (this is normally required by Net::LDAP.) FossilOrigin-Name: ae25e363ef83020513510190bab0c2c75b879b4afae7cf2ef304d171f7c3bb0e --- shelldap | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/shelldap b/shelldap index 509bf39..8bfc681 100755 --- a/shelldap +++ b/shelldap @@ -444,6 +444,16 @@ sub ldap # fill in potentially missing info die "No server specified.\n" unless $conf->{'server'}; + + # Emit a nicer error message if IO::Socket::SSL is + # not installed and Net::LDAP decides it is required. + # + if ( $conf->{'tls'} || $conf->{'server'} =~ m|ldaps://| ) { + eval 'use IO::Socket::SSL'; + die qq{IO::Socket::SSL not installed, but is required for SSL or TLS connections. +You may try connecting insecurely, or install the module and try again.\n} if $@; + } + if ( $conf->{'binddn'} && ! $conf->{'bindpass'} ) { print "Bind password: "; Term::ReadKey::ReadMode 2; @@ -457,7 +467,8 @@ sub ldap or die "Unable to connect to LDAP server '$conf->{'server'}': $!\n"; # secure connection options - if ( $conf->{'tls'} ) { + # + if ( $conf->{'tls'} ) { if ( $conf->{'tls_key'} ) { $ldap->start_tls( verify => 'require', @@ -494,7 +505,7 @@ sub ldap my $err = $rv->error(); if ( $rv->code() ) { - $err .= " (forgot the --tls flag?)" + $err .= " (try the --tls flag?)" if $err =~ /confidentiality required/i; die "LDAP bind error: $err\n"; } @@ -503,6 +514,7 @@ sub ldap # if we enter this conditional, we have successfully # authed with the server (non anonymous), and # we haven't cached anything in the past. + # if ( $conf->{'binddn'} && ! -e $conf->{'confpath'} ) { print "Would you like to cache your connection information? [Y/n]: "; chomp( my $response = );