auth_client connection fails with libcurl/GnuTLS
It seems that it's just not sending the client certificate. Running the pam checks against the test_integration.py server:
FAIL: auth_client_test
======================
[==========] Running 4 tests from 2 test cases.
[----------] Global test environment set-up.
[----------] 1 test from AuthClientCurlInterface
[ RUN ] AuthClientCurlInterface.ErrorConversion
[ OK ] AuthClientCurlInterface.ErrorConversion (0 ms)
[----------] 1 test from AuthClientCurlInterface (0 ms total)
[----------] 3 tests from AuthClient
[ RUN ] AuthClient.NewAndFree
|<2>| p11: loaded provider 'p11-kit-trust' with 1 slots
|<2>| p11: loaded provider 'gnome-keyring' with 0 slots
[ OK ] AuthClient.NewAndFree (2 ms)
[ RUN ] AuthClient.CertSetupFailsWithoutCA
[ OK ] AuthClient.CertSetupFailsWithoutCA (0 ms)
[ RUN ] AuthClient.AuthOK
* Adding handle: conn: 0x22ae140
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x22ae140) send_pipe: 1, recv_pipe: 0
* About to connect() to localhost port 63127 (#0)
* Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 63127 (#0)
* found 1 certificates in ../authserv/test/testca/ca.pem
|<2>| ASSERT: x509_b64.c:453
|<2>| Could not find '-----BEGIN RSA PRIVATE KEY'
|<2>| ASSERT: x509_b64.c:453
|<2>| Could not find '-----BEGIN DSA PRIVATE KEY'
|<2>| ASSERT: privkey.c:387
|<2>| Falling back to PKCS #8 key decoding
|<2>| ASSERT: gnutls_constate.c:695
|<2>| EXT[0x22b0ed0]: Sending extension SERVER NAME (14 bytes)
|<2>| EXT[0x22b0ed0]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<2>| EXT[SIGA]: sent signature algo (4.2) DSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (4.1) RSA-SHA256
|<2>| EXT[SIGA]: sent signature algo (2.1) RSA-SHA1
|<2>| EXT[SIGA]: sent signature algo (2.2) DSA-SHA1
|<2>| EXT[0x22b0ed0]: Sending extension SIGNATURE ALGORITHMS (10 bytes)
|<2>| EXT[0x22b0ed0]: Parsing extension 'SAFE RENEGOTIATION/65281' (1 bytes)
|<2>| ASSERT: ext_signature.c:393
|<2>| ASSERT: ext_signature.c:393
|<2>| ASSERT: auth_cert.c:237
|<2>| errno: 104
|<2>| ASSERT: gnutls_buffers.c:431
|<2>| ASSERT: gnutls_buffers.c:755
|<2>| ASSERT: gnutls_handshake.c:2902
|<2>| ASSERT: gnutls_handshake.c:3122
* gnutls_handshake() failed: Error in the push function.
* Closing connection 0
|<2>| ASSERT: gnutls_record.c:276
auth_client_test.cc:69: Failure
Value of: result
Actual: -135
Expected: 0
authenticate() error: SSL connect error, server=localhost:63127
[ FAILED ] AuthClient.AuthOK (36 ms)
[----------] 3 tests from AuthClient (38 ms total)
[----------] Global test environment tear-down
[==========] 4 tests from 2 test cases ran. (38 ms total)
[ PASSED ] 3 tests.
[ FAILED ] 1 test, listed below:
[ FAILED ] AuthClient.AuthOK
1 FAILED TEST