ldap.rb in net-ldap-0.7.0

- old
+ new

@@ -1158,18 +1158,28 @@
     def getbyte
       getc.ord
     end
   end
 
+  module FixSSLSocketSyncClose
+    def close
+      super
+      io.close
+    end
+  end
+
   def self.wrap_with_ssl(io)
     raise Net::LDAP::LdapError, "OpenSSL is unavailable" unless Net::LDAP::HasOpenSSL
     ctx = OpenSSL::SSL::SSLContext.new
     conn = OpenSSL::SSL::SSLSocket.new(io, ctx)
     conn.connect
-    conn.sync_close = true
 
+    # Doesn't work:
+    # conn.sync_close = true
+
     conn.extend(GetbyteForSSLSocket) unless conn.respond_to?(:getbyte)
+    conn.extend(FixSSLSocketSyncClose)
 
     conn
   end
 
   #--
@@ -1204,10 +1214,10 @@
       @conn = self.class.wrap_with_ssl(@conn)
       # additional branches requiring server validation and peer certs, etc.
       # go here.
     when :start_tls
       msgid = next_msgid.to_ber
-      request = [Net::LDAP::StartTlsOid.to_ber].to_ber_appsequence(Net::LDAP::PDU::ExtendedRequest)
+      request = [Net::LDAP::StartTlsOid.to_ber_contextspecific(0)].to_ber_appsequence(Net::LDAP::PDU::ExtendedRequest)
       request_pkt = [msgid, request].to_ber_sequence
       @conn.write request_pkt
       be = @conn.read_ber(Net::LDAP::AsnSyntax)
       raise Net::LDAP::LdapError, "no start_tls result" if be.nil?
       pdu = Net::LDAP::PDU.new(be)