After scouring the net I've found several isolated discussions regarding stunnel hostname validation.
And also some patches that seem to implement hostname validation:

https://www.stunnel.org/pipermail/stunnel-users/2010-March/002613.html

I have a requirement to have stunnel (4.56) validate client certificates and their identity by comparing the its CNAME against the source address.

I recall reading one response (which I can't find at the moment) from Marzena Trojnara indicating that this feature won't be supported.
If so, can you explain the rational?

Are there sanctioned patches out there today?


Regards,
-Fred