Dear Users,
I have just released a new version of stunnel. Here is the ChangeLog entry:
Version 4.20, 2006.11.30, urgency: MEDIUM:
* Release notes
- The new transfer() function has been well tested.
I recommend upgrading any previous version with this one.
* Bugfixes
- Fixed support for encrypted passphases (broken in 4.19).
- Reduced amount of debug logs.
- A minor man page update.
Home page/download: http://stunnel.mirt.net/
sha1sum for stunnel-4.20.tar.gz fie:
a9a449b28a4f34ab22f6b4bfaa81c1904a5883c4
Best regards,
Mike
Dear Users,
A new version of stunnel has just been released.
Version 4.19, 2006.11.11, urgency: LOW/EXPERIMENTAL:
* Release notes
- There are a lot of new features in this version. I recommend
to test it well before upgrading your mission-critical systems.
* New features
- New service-level option to specify OCSP server flag:
OCSPflag = <flag>
- "protocolCredentials" option changed to "protocolUsername"
and "protocolPassword"
- NTLM support to be enabled with the new service-level option:
protocolAuthentication = NTLM
- imap protocol negotiation support added.
- Passphrase cache was added so the user does not need to reenter
the same passphrase for each defined service any more.
- New service-level option to retry connect+exec section:
retry = yes|no
- Local IP and port is logged for each established connection.
- Win32 DLLs for OpenSSL 0.9.8d.
* Bugfixes
- Serious problem with SSL_WANT_* retries fixed.
The new code requires extensive testing!
Homepage: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
sha1sum for stunnel-4.19.tar.gz:
d58da8117278d71598279c77935585de81b74394
Best regards,
Mike
Dear Users,
I want you to know how much grateful I am for all your donations.
Thank you very much. Some day stunnel may be full-time job. 8-)
Even now sponsored features make a substantial addition to my budget.
BTW: I have updated currency to USD. I hope it's more convenient.
http://stunnel.mirt.net/
Best regards,
Mike
Dear Users,
Since PayPal finally decided to provide full support for users
in Poland I've added a donation button on the web page.
http://stunnel.mirt.net/
I really appreciate each donation. 8-)
Best regards,
Mike
Version 4.18, 2006.09.26, urgency: MEDIUM:
* Bugfixes
- GPF on entering private key pass phrase on Win32 fixed.
- Updated Win32 OpenSSL DLLs.
- Minor configure script update.
Home page: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
sha1sum for stunnel-4.18.tar.gz:
3ed3eaefae91d80fcfcbb29dd285d0f773756397
Best regards,
Mike
This is a bugfix release. Upgrade is recommended.
Version 4.17, 2006.09.10, urgency: MEDIUM:
* New features
- Win32 DLLs for OpenSSL 0.9.8c.
* Bugfixes
- Problem with detecting getaddrinfo() in ./configure fixed.
- Compilation problem due to misplaced #endif in ssl.c fixed.
- Duplicate 220 in smtp_server() function in protocol.c fixed.
- Minor os2.mak update.
- Minor update of safestring()/safename() macros.
sha1sum for stunnel-4.17.tar.gz file:
7a0ea800935e798bf938756000b57d002a99c280
Homepage and download: http://stunnel.mirt.net/
Best regards,
Mike
A new version of stunnel has been released.
Version 4.16, 2006.08.31, urgency: MEDIUM:
* New features sponsored by Hewlett-Packard
- A new global option to control engine:
engineCtrl = <command>[:<parameter>]
- A new service-level option to select engine to read private key:
engineNum = <engine number>
- OCSP support:
ocsp = <URL>
* New features
- A new option to select version of SSL protocol:
sslVersion = all|SSLv2|SSLv3|TLSv1
- Visual Studio vc.mak by David Gillingham <dgillingham(a)gmail.com>.
- OS2 support by Paul Smedley (http://smedley.info)
* Bugfixes
- An ordinary user can install stunnel again.
- Compilation problem with --enable-dh fixed.
- Some minor compilation warnings fixed.
- Service-level CRL cert store implemented.
- GPF on protocol negotiations fixed.
- Problem detecting addrinfo() on Tru64 fixed.
- Default group is now detected by configure script.
- Check for maximum number of defined services added.
- OpenSSL_add_all_algorithms() added to SSL initialization.
- configure script sections reordered to detect pthread library funcions.
- RFC 2487 autodetection improved (thx to Hans Werner Strube). High
resolution s_poll_wait() not currently supported by UCONTEXT threading.
- More precise description of cert directory file names (thx to Muhammad
Muquit).
* Other changes
- Maximum number of services increased from 64 to 256 when poll() is used.
Homepage: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
sha1 hash for stunnel-4.16.tar.gz file:
6772e0c7f26c2596564ba66978597db8cd229a72
Best regards,
Mike
Version 4.15, 2006.03.11, urgency: LOW:
* Release notes
- There are a lot of new features in this version. I recommend
to test it well before upgrading your mission-critical systems.
* Bugfixes
- Fix for pthreads on Solaris 10 (thx to Hans Werner Strube
<strube(a)physik3.gwdg.de>).
- Attempt to autodetect socklen_t type in configure script.
- Default threading model changed to pthread for better portability.
- DH parameters are not included in the certificate by default.
* New features sponsored by Software House http://www.swhouse.com/
- Most SSL-related options (including client, cert, key) are now
available on service level, so it is possible to have an SSL
client and an SSL server in a single stunnel process.
- Windows CE (version 3.0 and higher) support.
* New features
- Client mode CONNECT protocol support (RFC 2817 section 5.2).
http://www.ietf.org/rfc/rfc2817.txt
- Retrying exec+connect services added.
* File locations are more compliant to Filesystem Hierarchy Standard 2.3
- configuration and certificates are in $prefix/etc/stunnel/
- binaries are in $prefix/sbin/
- default pid file is $prefix/var/run/stunnel.pid
- manual is $prefix/man/man8/stunnel.8
- other docs are in $prefix/share/doc/stunnel/
- libstunnel is in $prefix/lib
- chroot directory is setup in $prefix/var/lib/stunnel/
this directory is chmoded 1770 and group nogroup
sha1sum for stunnel-4.15.tar.gz:
735406c1ca94904581158a434214e1f6568539d0
Home page: http://stunnel.mirt.net/
Download: ftp://stunnel.mirt.net/stunnel/
Best regards,
Mike
Dear Users,
The stable version of my VPN for stunnel/Linux
is ready for download here:
ftp://ftp.mirt.net/tappipe/
AFAIK it's the shortest (only 356 lines in C language)
and probably one of the easiest to setup VPNs ever.
Here is the ChangeLog entry:
* version 1.02 2006.03.03, status: functional, stable
- retransmission rate limiting algoritm improved
- some minor bugfixes
Could someone contribute a manual page? 8-)
Best regards,
Mike
Here is the ChangeLog entry:
* version 1.01 2006.02.04, status: functional, not proven to be stable
- TUN changed to TAP (project renamed from tunpipe to tappipe)
- TCP-over-TCP meltdown problem fixed
http://sites.inka.de/sites/bigred/devel/tcp-tcp.html
- important bugfixes
Download site:
ftp://stunnel.mirt.net/tappipe/
Best regards,
Mike
