diff -Naur IO-Socket-SSL-1.15/SSL.pm IO-Socket-SSL-1.15.oden/SSL.pm
--- IO-Socket-SSL-1.15/SSL.pm	2008-08-28 15:56:53.000000000 -0400
+++ IO-Socket-SSL-1.15.oden/SSL.pm	2009-09-30 14:22:09.000000000 -0400
@@ -1036,7 +1036,7 @@
 			$ip4 = inet_aton( $identity ) or croak "'$identity' is not IPv4, but neither IPv6 nor hostname";
 		} else {
 			# assume hostname
-			if ( $identity !~m{^[a-zA-Z0-9-_\.]+$} ) {
+			if ( $identity !~m{^[\w\-\.]+$} ) {
 				$identity = idn_to_ascii($identity) or
 					croak "Warning: Given name '$identity' could not be converted to IDNA!";
 			}
@@ -1058,7 +1058,7 @@
 			} elsif ( $wtyp eq 'leftmost' and $name =~m{^\*(\..+)$} ) {
 				$pattern = qr{^[\w\-]*\Q$1\E$}i;
 			} else {
-				$pattern = qr{^\Q$name}i;
+				$pattern = qr{^\Q$name\E$}i;
 			}
 			return $identity =~ $pattern;
 		};
diff -Naur IO-Socket-SSL-1.15/t/verify_hostname.t IO-Socket-SSL-1.15.oden/t/verify_hostname.t
--- IO-Socket-SSL-1.15/t/verify_hostname.t	2008-02-22 03:26:04.000000000 -0500
+++ IO-Socket-SSL-1.15.oden/t/verify_hostname.t	2009-09-30 14:22:00.000000000 -0400
@@ -25,7 +25,7 @@
 	( eval { require Net::LibIDN } || eval { require Net::IDN::Encode } );
 
 $|=1;
-my $max = 37;
+my $max = 40;
 $max+=3 if $can_idn;
 print "1..$max\n";
 
@@ -88,6 +88,7 @@
 		'www-13.lala.other.local' => [],
 		'smtp.mydomain.local' => [qw(smtp ldap www)],
 		'xn--lwe-sna.idntest.local' => [qw(smtp ldap www)],
+		'smtp.mydomain.localizing.useless.local' => [],
 	);
 	if ( $can_idn ) {
 		# check IDN handling