Dear Users,
Since PayPal finally decided to provide full support for users
in Poland I've added a donation button on the web page.
http://stunnel.mirt.net/
I really appreciate each donation. 8-)
Best regards,
Mike
Version 4.18, 2006.09.26, urgency: MEDIUM:
* Bugfixes
- GPF on entering private key pass phrase on Win32 fixed.
- Updated Win32 OpenSSL DLLs.
- Minor configure script update.
Home page: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
sha1sum for stunnel-4.18.tar.gz:
3ed3eaefae91d80fcfcbb29dd285d0f773756397
Best regards,
Mike
This is a bugfix release. Upgrade is recommended.
Version 4.17, 2006.09.10, urgency: MEDIUM:
* New features
- Win32 DLLs for OpenSSL 0.9.8c.
* Bugfixes
- Problem with detecting getaddrinfo() in ./configure fixed.
- Compilation problem due to misplaced #endif in ssl.c fixed.
- Duplicate 220 in smtp_server() function in protocol.c fixed.
- Minor os2.mak update.
- Minor update of safestring()/safename() macros.
sha1sum for stunnel-4.17.tar.gz file:
7a0ea800935e798bf938756000b57d002a99c280
Homepage and download: http://stunnel.mirt.net/
Best regards,
Mike
A new version of stunnel has been released.
Version 4.16, 2006.08.31, urgency: MEDIUM:
* New features sponsored by Hewlett-Packard
- A new global option to control engine:
engineCtrl = <command>[:<parameter>]
- A new service-level option to select engine to read private key:
engineNum = <engine number>
- OCSP support:
ocsp = <URL>
* New features
- A new option to select version of SSL protocol:
sslVersion = all|SSLv2|SSLv3|TLSv1
- Visual Studio vc.mak by David Gillingham <dgillingham(a)gmail.com>.
- OS2 support by Paul Smedley (http://smedley.info)
* Bugfixes
- An ordinary user can install stunnel again.
- Compilation problem with --enable-dh fixed.
- Some minor compilation warnings fixed.
- Service-level CRL cert store implemented.
- GPF on protocol negotiations fixed.
- Problem detecting addrinfo() on Tru64 fixed.
- Default group is now detected by configure script.
- Check for maximum number of defined services added.
- OpenSSL_add_all_algorithms() added to SSL initialization.
- configure script sections reordered to detect pthread library funcions.
- RFC 2487 autodetection improved (thx to Hans Werner Strube). High
resolution s_poll_wait() not currently supported by UCONTEXT threading.
- More precise description of cert directory file names (thx to Muhammad
Muquit).
* Other changes
- Maximum number of services increased from 64 to 256 when poll() is used.
Homepage: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
sha1 hash for stunnel-4.16.tar.gz file:
6772e0c7f26c2596564ba66978597db8cd229a72
Best regards,
Mike
Version 4.15, 2006.03.11, urgency: LOW:
* Release notes
- There are a lot of new features in this version. I recommend
to test it well before upgrading your mission-critical systems.
* Bugfixes
- Fix for pthreads on Solaris 10 (thx to Hans Werner Strube
<strube(a)physik3.gwdg.de>).
- Attempt to autodetect socklen_t type in configure script.
- Default threading model changed to pthread for better portability.
- DH parameters are not included in the certificate by default.
* New features sponsored by Software House http://www.swhouse.com/
- Most SSL-related options (including client, cert, key) are now
available on service level, so it is possible to have an SSL
client and an SSL server in a single stunnel process.
- Windows CE (version 3.0 and higher) support.
* New features
- Client mode CONNECT protocol support (RFC 2817 section 5.2).
http://www.ietf.org/rfc/rfc2817.txt
- Retrying exec+connect services added.
* File locations are more compliant to Filesystem Hierarchy Standard 2.3
- configuration and certificates are in $prefix/etc/stunnel/
- binaries are in $prefix/sbin/
- default pid file is $prefix/var/run/stunnel.pid
- manual is $prefix/man/man8/stunnel.8
- other docs are in $prefix/share/doc/stunnel/
- libstunnel is in $prefix/lib
- chroot directory is setup in $prefix/var/lib/stunnel/
this directory is chmoded 1770 and group nogroup
sha1sum for stunnel-4.15.tar.gz:
735406c1ca94904581158a434214e1f6568539d0
Home page: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
Best regards,
Mike
Dear Users,
The stable version of my VPN for stunnel/Linux
is ready for download here:
ftp://ftp.mirt.net/tappipe/
AFAIK it's the shortest (only 356 lines in C language)
and probably one of the easiest to setup VPNs ever.
Here is the ChangeLog entry:
* version 1.02 2006.03.03, status: functional, stable
- retransmission rate limiting algoritm improved
- some minor bugfixes
Could someone contribute a manual page? 8-)
Best regards,
Mike
Here is the ChangeLog entry:
* version 1.01 2006.02.04, status: functional, not proven to be stable
- TUN changed to TAP (project renamed from tunpipe to tappipe)
- TCP-over-TCP meltdown problem fixed
http://sites.inka.de/sites/bigred/devel/tcp-tcp.html
- important bugfixes
Download site:
ftp://stunnel.mirt.net/tappipe/
Best regards,
Mike
Dear Users,
For the last two days I was working on a VPN solution for stunnel.
The early alpha version is ready for download here:
ftp://stunnel.mirt.net/tunpipe/
Advantages:
- based on proven strength of SSL encryption (much better than IPSec or any proprietary encryption protocol),
- very clean and lightweight design,
- very easy to configure.
Disadvantages:
- only works on GNU/Linux (can be ported to some other Unixes),
- use of TCP is the main performance limitation.
Aternative solutions:
http://www.math.ucla.edu/~jimc/documents/vpn.html
Suggestions and comments are welcome.
Best regards,
Mike
Hi,
I hope you don't mind this time I'll use stunnel mailing lists for
something personal.
I've just updated my Resume:
http://mike.mirt.net/cv-en.pdf
Do you know of interesting job openings?
Possibly as an architect or in a similar position.
Best regards,
Mike
