Jay Satiro

I take issue with "too easy" being a bad thing. My thinking is if the user has made a choice to enable curl debug builds then why would we not...

> @jay: This patch now makes `ENABLE_DEBUG=ON` honor this request and enables curl debug feature regardless of compiler debug flags. Before this patch it required a cmake `Debug` build. Do...

> What we could do, is setting ENABLE_DEBUG to ON by default when the Debug configuration is selected. That seems like a natural fit for CMake and also matches what...

I would think the secrets are probably still in memory somewhere. I'd want to hear from some security experts to know whether this is really worth it for us and...

I'm seeing some strangeness when i test this, data->conn->writesockfd is -1 for the first call, and more if i step through it in the debugger `curl -v --tls-max 1.2 https://example.com`...

> I wish we could drop the distinction completely and just use one of them. I can't remember the difference, I don't think anyone uses them separately. Am I wrong?...

I can see UNITTESTS being dependent on DEBUGBUILD but not the other way around

for the failed tests it looks as though stunnel server is sending a tls alert of bad certificate. (it's not clear to me if it's sending or receiving the alert)...

Would this always be true of impersonation? Is it possible the reporter is impersonating without the appropriate permissions in the token which is why winsock consistently returns WSATRY_AGAIN?

> And the other way around: isn't there a risk that it returns WSATRY_AGAIN even when not impersonating? Possibly but I don't think that's something we need to address. According...