> Test 311 failing caused 312 and 313 to fail. I'm looking into replacing the 0h
> server cert with 127.0.0.1, but need to learn DER first. Even after that,
> however, I'm expecting 313 to fail. It's a Certificate Revocation List (CRL) test
> and axtls.c hasn't yet added support for it.
>
Okay, test 311 was a "wrong alternate name" test, so instead of using "localhost\0h," I used a different incorrect name, regenerated the cert, concatenated it to stunnel.pem and the test passed. Test 312 then also passed. Test 313 failed as expected. Tests in the range 314-399 all passed.

Tests outside this range that failed were 405, 1112 and 2033. If I run test 405 or 1112 with -g and set breakpoints inside axtls.c, none of them are ever hit. I think valgrind gets hung up somewhere. Test 2033 looks to me like it should have NTLM listed as a feature in the "client" section (I've added this in the attached patch).

So, it looks to me like the content of the patch doesn't cause any regressions. I've attached an updated patch that applies cleanly over commit a4decb49, which introduced conflicting changes to axtls.c.

Some problems I noted with a4decb49 are that axtls.c does not compile (an infof message is incomplete) and it also causes test 311 to return 52 (CURLE_GOT_NOTHING) instead of 51 (CURLE_PEER_FAILED_VERIFICATION). I'm not really sure if this is correct or not, so I left it as is.

Cheers,
Eric

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html