diff -Naur IO-Socket-SSL-1.15/SSL.pm IO-Socket-SSL-1.15.oden/SSL.pm --- IO-Socket-SSL-1.15/SSL.pm 2008-08-28 15:56:53.000000000 -0400 +++ IO-Socket-SSL-1.15.oden/SSL.pm 2009-09-30 14:22:09.000000000 -0400 @@ -1036,7 +1036,7 @@ $ip4 = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname"; } else { # assume hostname - if ( $identity !~m{^[a-zA-Z0-9-_\.]+$} ) { + if ( $identity !~m{^[\w\-\.]+$} ) { $identity = idn_to_ascii($identity) or croak "Warning: Given name '$identity' could not be converted to IDNA!"; } @@ -1058,7 +1058,7 @@ } elsif ( $wtyp eq 'leftmost' and $name =~m{^\*(\..+)$} ) { $pattern = qr{^[\w\-]*\Q$1\E$}i; } else { - $pattern = qr{^\Q$name}i; + $pattern = qr{^\Q$name\E$}i; } return $identity =~ $pattern; }; diff -Naur IO-Socket-SSL-1.15/t/verify_hostname.t IO-Socket-SSL-1.15.oden/t/verify_hostname.t --- IO-Socket-SSL-1.15/t/verify_hostname.t 2008-02-22 03:26:04.000000000 -0500 +++ IO-Socket-SSL-1.15.oden/t/verify_hostname.t 2009-09-30 14:22:00.000000000 -0400 @@ -25,7 +25,7 @@ ( eval { require Net::LibIDN } || eval { require Net::IDN::Encode } ); $|=1; -my $max = 37; +my $max = 40; $max+=3 if $can_idn; print "1..$max\n"; @@ -88,6 +88,7 @@ 'www-13.lala.other.local' => [], 'smtp.mydomain.local' => [qw(smtp ldap www)], 'xn--lwe-sna.idntest.local' => [qw(smtp ldap www)], + 'smtp.mydomain.localizing.useless.local' => [], ); if ( $can_idn ) { # check IDN handling