Add SSL peer verification to start_tls function

[barn]

No description provided.

[RoUS]

+1 on this functionality (which I have not tested)!

[barn]

We're using it in production and it seems to working out okay so far, but please test away.

[tarcieri]

It'd be nice if this supported using non-STARTTLS operation (i.e. talking to LDAPS directly on e.g. port 636)

[jch]

@barn there are active maintainers on this project again. Would you be interested in rebasing your changes against the latest master?

[tarcieri]

Note that we're using this patch successfully in production. I've even added integration tests using ruby-ldapserver. However I also modified the patch to work with :simple_tls in addition to :start_tls

[barn]

@jch Well I threw up a version that I think works at https://github.com/barn/ruby-net-ldap/tree/rebased-pull-87 and the tests pass, but it's not the finest code penned.

[tarcieri]

@barn I'm liking #161

[jch]

@barn thanks for taking the time to rebase, but #161 is further along and similar in concept. If you have time, I'd love an additional pair of 👀 to go over that PR.

[barn]

@jch Agree, that does look preferable.

I'll see if I can get round to testing it on something live, but the design looks much better.