After scouring the net I've found several isolated discussions regarding stunnel hostname validation. And also some patches that seem to implement hostname validation:
https://www.stunnel.org/pipermail/stunnel-users/2010-March/002613.html
I have a requirement to have stunnel (4.56) validate client certificates and their identity by comparing the its CNAME against the source address.
I recall reading one response (which I can't find at the moment) from Marzena Trojnara indicating that this feature won't be supported. If so, can you explain the rational?
Are there sanctioned patches out there today?
Regards, -Fred