stunnel-announce

142 discussions

stunnel 5.22 released
by Michal Trojnara 30 Jul '15

30 Jul '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.22 of stunnel. The ChangeLog entry: Version 5.22, 2015.07.30, urgency: HIGH * New features - "OCSPaia = yes" added to the configuration file templates. - Improved double free detection. * Bugfixes - Fixed a number of OCSP bugs. The most severe of those bugs caused stunnel to treat OCSP responses that failed OCSP_basic_verify() checks as if they were successful. - Fixed the passive IPv6 resolver (broken in stunnel 5.21). Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 8ad628a6948153cdb2044283f6988384a30585ea7e14778c2ee616a6678cb83f stunnel-5.22.tar.gz 9b3fe70bcfeb64b013b7b926e475a7d100ef1fdf5ce352ad90ac1034f780ea2a stunnel-5.22-installer.exe 2f49313debe7af27feeab246a771dc513e5e368e1839e92fba4cfe0b2735aeba stunnel-5.22-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVufy2AAoJEC78f/DUFuAUHVYQAK+keyqWyllv3ky5hRi8DlXe LLtuUdTYTalI64Fg5/TYL6+fbrEjWoAWtGwg+X/muVNj7KW4twlKrakMtkDpSDNd 0xSh94/u/PCrPVThxCq7AUbTPLyrG6ox5RKYDkOKfyGQ3q5ix6yba0l6fQqHXPCr OAbaRuwn5U6u7lPxXa69ozwyY5JHIiGqhMfQJBRXwFoeNbWak3HM7+Pe5DZ0ACLa SRY0iCseR1aQ12pZaaNoknkAAL9kmHgRP+fuPFqKMkp8TgZ2469qg30s/Bzn7n0U h5GvAuhYkQdDDbC7ozWgqaNxRNpOe+3RZ50fpCueyAlZESe8agHcyXchoj4JUVx+ 5ihOms4WujamCtP4MzHrRo6eQpeoGbw1EZ2P//Q9TlxX4METgEfV0lzaR7n376jr y24xIFEMl2tnqJ81lKQZWlxAP4MiKZgr//GOueRewRCtYSSQcK/mHvxZMDFfHAc7 N2LUmzm+PpsHwto7VkUy1m4eEAb34Tr3QubzvrT1yD4YMQDR6tID+xkRmuJWjMhf qBcXecKetIQq70KuI+VVqJxdP3Ekgjb+xnNOSKelUP/TkHpvubjTViSIVPu+5DSb x2viDBKAbgWcER2aZsB6UWXfQwjT/apDhqu6XrwjAcFfBk0ul0QazmH0HMc9ouVd yziOHVATYgcXYcTIQvj9 =DTOg -----END PGP SIGNATURE-----

1 0

stunnel 5.21 released
by Michal Trojnara 27 Jul '15

27 Jul '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.21 of stunnel. The ChangeLog entry: Version 5.21, 2015.07.27, urgency: MEDIUM * New features - Signal names are displayed instead of numbers. - First resolve IPv4 addresses on passive resolver requests. This speeds up stunnel startup on Win32 with a slow/defunct DNS service. - The "make check" target was modified to only build Win32 executables when stunnel is built from a git repository (thx to Peter Pentchev). - More elaborate descriptions were added to the warning about using "verify = 2" without "checkHost" or "checkIP". - Performance optimization was performed on the debug code. * Bugfixes - Fixed the FORK and UCONTEXT threading support. - Fixed "failover=prio" (broken since stunnel 5.15). - Added a retry when sleep(3) was interrupted by a signal in the cron thread scheduler. Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 2aef568b1955f5e233f6a8e17ebce3d30755f1be44c813f5a48e621f785596e3 stunnel-5.21.tar.gz d5ec83140060af2b373a82abab0f7fd34c76a68c4f2990d46be460526b325de6 stunnel-5.21-installer.exe 2788d9e11b65dd4b111616bab1d7f09943916c924ba023cc3ad4260ac1f6f6d7 stunnel-5.21-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVtfz2AAoJEC78f/DUFuAUey4P/0tQ8yj3Yt7K5yLIorDGu9lI w95Vs2MtyOvFQyoX24dPKrDULKmxE28Dg8RJt51ZuT9q8mIfPdBA+jphyfjbpzl0 BeNQNbzEfN36dhOa2+dvr4+fcna/lnRpNMQg6sP/z4KHDLoI72lAg9vVwv5VX/4X JAMAaTxbrOXuXOmVPLSdHBeug7Y/0Q/+jPg9tSEslMtBaJvMd4CcHs4q8dCW9OQv AUWLtOiSsubfCvQ9rwGODObFJCA3BINrmh3a9EyhKJTov+8JKHlJY02r4zGJYMC4 PIVAVZWit9mEFefG6BuEWwOw4gohAInDXpsN2X9BNNDfUAVlUtp6OoxATcGv/H45 Uf25Dz2Bu8WtKIuuCIhN79PBfqSG8f2mSwNsec8OcYNOTzkAHKoFQQfKbJ1FUD5+ lTBhOFfo/B5haQA1EHNf0z8JxDulnsL7JsQQo4hF3ShSiCZpEAVvSkixpwCjm2kR WCtQ0w5eLccD/CnfjNrcOp3QKGLacZ+PCm9MH+cQDQvnmhAaelWK+OL67L9FKwBf hbJMA2RwwjN7efwEeUlnzVTBiJS9fsPTJghh8CzYuDWlnhEEnB9WX2FI1yVZVxM+ 8tGifpdOkRCFhpQSQkj0pWy/qf/cU8mL2uM31hBNcsRjCt6PfjQfKQ7jyMFvicmc rWJhvWvAfLAJXl+rgn5r =WvhQ -----END PGP SIGNATURE-----

1 0

stunnel 5.20 released
by Michal Trojnara 09 Jul '15

09 Jul '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.20 of stunnel. The ChangeLog entry: Version 5.20, 2015.07.09, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 1.0.2d. https://www.openssl.org/news/secadv_20150709.txt * New features - poll(2) re-enabled on MacOS X 10.5 and later. - Xcode SDK is automatically used on MacOS X if no other locally installed OpenSSL directory is found. - The SSL library detection algorithm was made a bit smarter. - Warnings about insecure authentication were modified to include the name of the affected service section. - A warning was added to stunnel.init if no pid file was specified in the configuration file (thx to Peter Pentchev). - Optional debugging symbols are included in the Win32 installer. - Documentation updates (closes Debian bug #781669). * Bugfixes - Signal pipe reinitialization added to prevent turning the main accepting thread into a busy wait loop when an external condition breaks the signal pipe. This bug was found to surface on Win32, but other platforms may also be affected. - Fixed removing the disabled taskbar icon. - Generated temporary DH parameters are used for configuration reload instead of the static defaults. - LSB compatibility fixes added to the stunnel.init script (thx to Peter Pentchev). - Fixed the manual page headers (thx to Gleydson Soares). Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 4a36a3729a7287d9d82c4b38bf72c4d3496346cb969b86129c5deac22b20292b stunnel-5.20.tar.gz 9d9d38241e972713cd0937e2cf66fdacf3adcb357fbea82d8e46648de4e26fa4 stunnel-5.20-installer.exe cfc1e94cb7c7bf14c832ac8799db4a3438ae7542aa04ec5e9c6695a1a3c3843d stunnel-5.20-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVnoXOAAoJEC78f/DUFuAUGvoP/1WQ2DliVyQQNGDYPkE2Rbqk BJ7lMEseYdPLjZVtkNPQIuH9PCc/qbWMrDFK1sJg+R7d0yyp+Ip+ucH4i5GCfW6o xIZQ00WVa/qV52AcEDGTZ+43EBPBIFNMkSeJlkwyj81ISZ+my0YpqPNSF77fZFdN IqGln9e+1n4gM+8SOgPnJs2XiR2EsbQzmwaZcTCOoKp56j6q2bLXlYC802B9KezJ ex2dmbGV2JEHmNarSUxWO45VnFdqhjhz4qHySm6KnLD2hoyS9Ex2XyynuuyIiIVx yU9M1zliZvgQSQ4RTpO3Ko2b9Qy2cYDECrFwk7i5rlwmiCw1zH5zWGh1rnAsLJHn 7SAxc5BfiB3VQl16CgoLM65no2mJ60f499ab3LA0uTNbt03PrPkc5cK8w+ec3YNU 6E59R4FXC6ae5T4iR7b9mBGifUHWtg53I1H7qbD6Pye/EH5QciSSPizEHeORYlPy fC3jOMEIUDlXjqI7k/XMGVPJ7SSKFkBNiqHKTKoM12QhiZXLLh4Ig3aQJgqX5IBQ VdML1/W9MdBlZNAHYaUBrkSls99aVbIsHJ5yAE0gsF5Lgi6hK6zDkXiKoVEozN5A N6MtfQHs/JS2nvlmCbtGWrK66EXKxW409f0JS3AJG6tjOquuSZYmR944EPzQD+zA WPivIUH2TVk63kULw/ui =Uw+D -----END PGP SIGNATURE-----

1 0

stunnel 5.19 release
by Michal Trojnara 16 Jun '15

16 Jun '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.19 of stunnel. The ChangeLog entry: Version 5.19, 2015.06.16, urgency: MEDIUM: * New features - OpenSSL DLLs updated to version 1.0.2c. - Added a runtime check whether COMP_zlib() method is implemented in order to improve compatibility with the Debian OpenSSL build. * Bugfixes - Improved socket error handling. - Cron thread priority on Win32 platform changed to THREAD_PRIORITY_LOWEST to improve portability. - Makefile bugfixes for stunnel 5.18 regressions. - Fixed some typos in docs and scripts (thx to Peter Pentchev). - Fixed a log level check condition (thx to Peter Pentchev). Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 0b543242cf26649acfdd9f00de564c3e8de7ac2237d53935ffdc7eb24f4d556d stunnel-5.19.tar.gz 310fb015c3884dd19a1905ed84d5fbcd1579507c98ee2ba43955aa45311bc056 stunnel-5.19-installer.exe 990e636a869f4de8a55c43e7f2fa24ebbf81c1c221473106e8e6b5d89d720627 stunnel-5.19-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVgCeVAAoJEC78f/DUFuAUi98P/1cPUAg1ehgZkDXIxwIxTt/t sxYOWEmX/ajmimornRygim9HHGPB4HzDMFu1B1qCT01GE4uR+ogYZMYJAdZ+LRua J0wuDawuKgnJvWpdDGnX4Mfz/zUcV8L4T4iJvBnC8xXTQeto7+qU9YTmbYhms4xy u1CPpAXUHnwrNMkI5nqBtB8TSIEeHgmfS456/7oe9Kl+0F8hq7FkZ+1/IYxQOAPC 0drl8A8tfUroBiw+aI2aWJAq2gUoQFVpyAYi7IUBXnmGZ7H1CMcO+KpG+33L0glH oz5DxsuzHyYZYWD1NiKfre4QxMHrT9xXWoNQIHkwgEjDlQXTAqd5rhz9b13TjMmn hiHG3XtF+FvSwFJeTNk/yVYe8ZvjbXUS3BWS65HqTiRKx0iEtkkf2Z1VsieVMUGO LiWvxztz9Z4OSIUWxOFcC8WLTlIDTcIqMM79JLC33o22YSwIRqsE7u5mGiG6yZBN s78ILkqXauxQ1MSDXPArOIZr6iJIqHtuAJbnZvmAQwSKbks/gnzY4WAX0SAw9M64 hhbEnr+zsiRSq30uGrU7fxFHr4MynagEiNaAbNG2kQEJ4nSgHoY0W59dXAuVVYFM UtYgsEeMnPlaBij+ecgmk/xfpEZDQ/phaHtTKzTQUE3JWLkB/VsLz1gwZO1poH8e dOuvm5RULY29YlHcEoM+ =V456 -----END PGP SIGNATURE-----

1 0

stunnel 5.18 release
by Michal Trojnara 12 Jun '15

12 Jun '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.18 of stunnel. The ChangeLog entry: Version 5.18, 2015.06.12, urgency: MEDIUM: * New features - OpenSSL DLLs updated to version 1.0.2b. https://www.openssl.org/news/secadv_20150611.txt - Added "include" configuration file option to include all configuration file parts located in a specified directory. - Log file is reopened every 24 hours. With "log = overwrite" this feature can be used to prevent filling up disk space. - Temporary DH parameters are refreshed every 24 hours, unless static DH parameters were provided in the certificate file. - Unique initial DH parameters are distributed with each release. - Warnings are logged on potentially insecure authentication. - Improved compatibility with the current OpenSSL 1.1.0-dev tree: removed RLE compression support, etc. - Updated stunnel.spec (thx to Bill Quayle). * Bugfixes - Fixed handling of dynamic connect targets. - Fixed handling of trailing whitespaces in the Content-Length header of the NTLM authentication. - Fixed --sysconfdir and --localstatedir handling (thx to Dagobert Michelsen). Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 0532c0a2f8de3da1ab625e384146501ce5936fac63d01561c3a9bf652b692317 stunnel-5.18.tar.gz 9b9a64f30d4dc72f19a2f6482f5bcf76bb67cf3dd859bdd615e0345e1bb8dd41 stunnel-5.18-installer.exe a73befed476f423dee0ff25f38449570fb9f6a07ab90321d9c38e3962f833939 stunnel-5.18-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVeuE3AAoJEC78f/DUFuAU88wP/jfyOCsCBwCcIxNoQhEU5k4d mczXvWtaw0gBrOivrzgBZS0w621D66DGoXt6yMwMp1suWY9spTWZ+VjQJM8oFCul iFwYWyFyxiTOGRFXGCPEff8f4OGbGoxHfDaIrHR5AGvTzguznKTDXzM7cjixqWF9 vL/t08ZjoDWOZIVJuN8M9sVQWn7gzPnyJpvpW2D240aITBx348ZWt/QGqX4yOSzL tQCojXRO6W+rOq0WUdeDFp7CAMB7IZgZsZljqOUn4Q0wHgzuar0Kq1ZLQEkgoX5V lGJ99yZ74/H1RUDcVKGrdksX0atuf6SfzbTvZ/Osp0z7/NlWzhbCt6emYpSLxyzr 2IMX4T8Y593rDovT6AjOb2D4W0sJqAMfUMrs7+T43lYvEbQY8CoEBOH2St5h6X7Y 2ZIa1XMvMmaN08/QyUq6WqxEz0se9BPtUCC+oFjDlGw0oWrqKs1zzJAIpg0HHPOy j1NpBVPnuZz1WlTT/oGLIIVm6w8wATSKthIXstNtofXpSvJ1J94UntC3+0xga7KD SzaOm9w9kpDEtD0EwArLwak5cSevzdXQR4xfmU5OK/UohsdyTLBOab6iY3htmokk JOWIKZztATN7dq8YGvMfJvIiM1ij8Eg14wsahlwfwMZ+eGSvS5lTWvYsSirnnNFi XTrCfpnrKgrfLkUXhbtH =CdmE -----END PGP SIGNATURE-----

1 0

Authentication methods
by Michal Trojnara 15 May '15

15 May '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, While reading various 3rd party stunnel tutorials I noticed that they either don't configure authentication, or they recommend insecure configurations. I wrote a short overview of authentication methods available in stunnel: https://www.stunnel.org/auth.html Proper authentication is essential to TLS security. Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJVVXk5AAoJEC78f/DUFuAUN/QP/3m4HX4zWS8SehukDNWw54AB ySAT+XmT8SEo/iuGer/CRYbUWoMDpmwaI9x+whXMg+EBsxGd+nmyE9fkFiFSqOsV vnXc14zuMkQYorWbGtduXdnQ0/jQzWPDOIeKgpyXIsN/OvEhx1A6med9Go/SqaFz couW55wysqpJ9a+3YMtxIjLoCMzIGOZ8TKIHWJiZaBcgp93YCABeoE5hKR4RlxVj OrgHhuyA8yz1EIYUPKTEMuJwqnCl9Mk3FVskKIXgfEcxBzism2n/xJpEIYAWVPRW N8JaaZDojk6dt5oMiMzXUeobigZ82SKuV9MG3aQjuxXAP7IX2vuOa6rQ/85T1OFI PMZMKENM1aAcOVpiq/4OMNKhIG+OuhDm/dla5NC8lsfxDuJ3YESVp/Z0VeW1EWYA BFHxjGw8OA65izTYcvJKl1j7flfSgRELOCf1SMakR+VIUhkWlPQjdHWuW2V5NKgv 5aU0fwPGEpudKdsLFzgaYzhVPjTNfavl8k+xUWHOQyrNvEM9SNbOTyorxY7QA2aQ uyAOrUF8whboBTX59/3gXYI9vaepvT00ktCtQEz3XelkYT9SzCRYV+I+mUqquBd+ 0JQdiSMvOzfNraxT03rzYA6h/Iey9+tj9WnffpmYU5eyTt2bCp+xavzCyEmdQZlq 4LfAPgFYII9+59444dY2 =m51O -----END PGP SIGNATURE-----

1 0

stunnel 5.17 release
by Michal Trojnara 29 Apr '15

29 Apr '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.17 of stunnel. The ChangeLog entry: Version 5.17, 2015.04.29, urgency: HIGH: * Bugfixes - Fixed a NULL pointer dereference causing the service to crash. This bug was introduced in stunnel 5.15. Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: c3e79e582621a0827125e35e1c00450190104fc02dc3c5274cb02b05859fd472 stunnel-5.17.tar.gz 07a508de3807663f71e4793fd5edb4c57b6c82b4c9008753f8f6c85a17acbeea stunnel-5.17-installer.exe 49d2cc11aefe2062576a0bbfafa3beb5ae541683d90972c6ed457b19a455c346 stunnel-5.17-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVQSIlAAoJEC78f/DUFuAU5XEP/R2d2gXCeKk7d/466dOYF//A YlXC6oDbs7OB8qEHH3u5u5hl8WIZJOmbPb79APSJKd7ESREoRk97UBJZYoH+QuEB CHOs0czty5IE2QyMibHJZ4Zed23q/QHrTRL9GpZd8EPkmiRG/dq7M+vC0gJJuF+N 4CPCNj464ATtjFB3mPju+wQinnWj8s57kNAazifAQNvM/jhdJOMH+BOvXIGEwUlt iZ8MBwO707j81UWkSFANxn1GMTOoJY2pTTAmJr/eKun9sLbuN7v4ec8Mtwdcj16P 5CeXD1g7gOK5q2FizIUWfBD38nPRVBXMqfSAkjtezwqZJb1K4bfa505E4SY3bKzL CJstbH206rQriqhpV4hrsuGVmb6M7lt57zAJZ746NQtlRm1gLdf/56JclsHqmkqo Z6zAuXRAiarkn88OsERp8r84Y4l8q/D8dkZwYPObSCT+SAMimPzLxhu9sjIKsb1I lSFNS2P9sEw/MhM9yQGfyC0GKzQWrQIONFHP2iCS8+ySEc+6/1b9tB9oiOcsAL1c edWV3m5SQzG7TbsbtApRy6Pvb30O7/5zAJOiBN6Yf5OQ8OyjL4M9+ZKd75qQxsQj IEZNJW/caVz9QwNWc2BQtaUVy7RC0CaTmbebsoQWlKQmzosXMU2QgC/WJ3jQdslz Vc3C3rKKvwGPw1DZLX95 =tC15 -----END PGP SIGNATURE-----

1 0

Fwd: Comments/questions to Debian patches
by Michal Trojnara 21 Apr '15

21 Apr '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, Peter Pentchev, the Debian package maintainer for the "stunnel4" package, does not reply to my emails. I hope he is still alive and well, just too busy to maintain the package. I decided to share with you my comments to the patches that are applied to the Debian package. Hopefully, someone will find them useful. Mike - -------- Forwarded Message -------- Subject: Comments/questions to Debian patches Date: Tue, 28 Oct 2014 21:13:25 +0100 From: Michal Trojnara <Michal.Trojnara(a)mirt.net> To: Peter Pentchev <roam(a)ringlet.net> Hi Peter, Just a few comments/questions to improve the quality of Debian package. I'll be glad to discuss if you disagree with my opinions. 01-fix-paths.patch The patch description is quite outdated. Translation from sbin to bin was performed upstream in stunnel 4.21 released 27 Oct 2007. 8-) I guess: /usr/bin/stunnel -fd 10 \ should be: /usr/bin/stunnel4 -fd 10 \ Probably this should be added to the next patch: 02-rename-binary.patch 05-logrotate-warning-in-sample-conf.patch Good idea. I'll add it to stunnel 5.07. 08-client-example.patch I've already added this example in stunnel 5.02. Your patch adds it once again. Just remove it. 10-no-zlib-compression.patch I'm completely confused by this patch. According to my tests it only makes stunnel reporting different errors when a user tries to enable compression on Debian. Why would anyone need this patch? 11-no-rle-compression.patch IMHO OpenSSL bugs should be fixed in OpenSSL, and not in stunnel. YMMV 12-restore-pidfile-default.patch I strongly disagree with this approach, as it breaks configuration file compatibility with the upstream. Debian should instead rewrite stunnel.conf when upgrading from stunnel 4.xx. 14-lsb-init-functions.patch 8-) 15-upstream-systemd-libs.patch This (and more) will be included in stunnel 5.07. 16-upstream-sslv23-method.patch This will be included in stunnel 5.07. Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJVNsCAAAoJEC78f/DUFuAUpfUP/j13koMgtnVLfsACIqUEaZw3 1uADOP/Dugqbn/QcwSqWAlcTrf7So98AQrB88xAhN8C3fwP375GmcNmPgJx4RRme fU/Wo0aFaCq0JOReiQkNiyj3pqf+J2NxZlZM5ZpzzpA80x8AlyLqBwPfBAtxgYNJ rb5AyIoGPkzfXM8OSz8YJXZtgXT4lrSCE5djlWHHBqy9ioUZCEuyVXeT5Y90sXOg wOA/EX3fTKEJZckoiNoTPAh9pLZ9M29lLM7wLEu5BFWwh/TtHk0ZFADo3Kzi/+4G Q6h9236DmH1NHA/FzMfFbKEYz/0yeOUMfet8LsRNNRRrFJEp+miMemSYajGMA3IT UVW4UNOa+CppVgkRpVMGfl/Lw53GP63xbLIRuZs17py03hNBHz2pyZneWWKTJEun xJQC4QJ3Z3YYXd71jpHIKjcDBXmIzcG8Z9QylaTywk8MBBBpjuRTXkIAlWWj2Iyk LVRsAgtooUKlQzUoAoseRygDv+Wbp/qVNL1Zogy7PmfORmqZOz08jRpDlXFgjPjR evGztgApTR+FSMO9f052z/Sql0chb5mhtdAtdBKpRE3CgtIrCHfcalSOyeCleHJK NMEbqfed9Oq2WA0/W89ilGtJWRH4v0GnYCfbYhbSoXp9DytdHPbhRUsiJL8LO34b 1cuMSsQ9LjF+3WyRie4m =SrZs -----END PGP SIGNATURE-----

1 0

stunnel 5.16 release
by Michal Trojnara 19 Apr '15

19 Apr '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.16 of stunnel. This release only fixes a compilation issue with old versions of gcc. The Win32/Android binaries are basically the same as for version 5.15. The ChangeLog entry: Version 5.16, 2015.04.19, urgency: MEDIUM: * Bugfixes - Fixed compilation with old versions of gcc. Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: b6b7e93fb2626eaabae1c8474e1dfa23962cfde8fa35c8602289fcaa4f53608d stunnel-5.16.tar.gz a701e6421c3020cc832ecb0e3a897c427a3838e0e180999ed8d905a9283fbb97 stunnel-5.16-installer.exe 2e559cc300b678fb2d05c2d2d3dc13d16cb44915f0165bea6290f741fccaa54c stunnel-5.16-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVM7KGAAoJEC78f/DUFuAUWwoQAJUnjUpyNLhjUQxRwScKjgNx AJ5OPZHXwVjX+xvtSSOjlkK/pk5l4SaEbNtq6hwMGliDpowXXDGXeYwNbmACXGuM sZWzdTUC69WKLQcwfTmn5BmsPQtczaCDQdyBVGSII4qg0mFIU4e1GYT0t8od7OcU n17nnRCLEaS2xlDwR5ImMuRjD+BdpEgZdiRXqtJkyjX8+aSRsEtSVjDBJ5wtsYNN 9pyMp8xU+7+sxX5GiLQ8+IcqcUq+W53nMJQZmN5vQ8O2ShxuBeZYdvembPhybvlE NrnfmjvDtl6A0iFs8ZhRRPTJZTKqj88UGhn49g3eQBH+CbNK08GalWCwR/uX8yFb +Z801mNIxJQrPnSlSaWLDPGNQ9GBqxliui1IR+Biv1KpmcPWBDAOI+Y7Hqyy1/5r MUDT9GB4HLZTC6aWtR0IyG30w3CvUmNr+sENu91ewvl0I1Z04yWyK+wQ3L3CbWyk aVBaNmt09pR8zgU9nvw8aAE2MLJ5oCgoangGpO6rEL0frh7TZhzD9sOMMVefKZDY rPPApyOiphH+3nnh9EiM357S9saXJMFe8/gNh6+lNXmYJ0ngMcPybz9mNV+RbbZU P1itA5RYBAwDTEJcpvATEj8ni9YPdDdFVmMrvC7ay5KZo0HWHxH23ryShBN9XYjC diuX4vtV2LMVYV5dlmAj =Eer2 -----END PGP SIGNATURE-----

1 0

stunnel 5.15 release
by Michal Trojnara 16 Apr '15

16 Apr '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear Users, I have released version 5.15 of stunnel. The ChangeLog entry: Version 5.15, 2015.04.16, urgency: LOW: * New features - Added new service-level options "checkHost", "checkEmail" and "checkIP" for additional checks of the peer certificate subject. These options require OpenSSL version 1.0.2 or higher. - Win32 binary distribution now ships with the Mozilla root CA bundle. This bundle is intended be used together with the new "checkHost" option to validate server certs accepted by Mozilla. - New commandline options "-reload" to reload the configuration file and "-reopen" to reopen the log file of stunnel running as a Windows service (thx to Marc McLaughlin). - Added session persistence based on negotiated TLS sessions. https://en.wikipedia.org/wiki/Load_balancing_%28computing%29#Persistence The current implementation does not support external TLS session caching with sessiond. - MEDIUM ciphers (currently SEED and RC4) are removed from the default cipher list. - The "redirect" option was improved to not only redirect sessions established with an untrusted certificate, but also sessions established without a client certificate. - OpenSSL version checking modified to distinguish FIPS and non-FIPS builds. - Improved compatibility with the current OpenSSL 1.1.0-dev tree. - Removed support for OpenSSL versions older than 0.9.7. The final update for the OpenSSL 0.9.6 branch was 17 Mar 2004. - "sessiond" support improved to also work in OpenSSL 0.9.7. - Randomize the initial value of the round-robin counter. - New stunnel.conf templates are provided for Windows and Unix. * Bugfixes - Fixed compilation against old versions of OpenSSL. - Fixed memory leaks in certificate verification. Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 58ff4645eb5d6bd64e6ddedaa683534302f75625c531e8a6364badcac0541cba stunnel-5.15.tar.gz 08316dc39f72f10f7b28a67e25ddf90f3f189208b09562c12d81478c6ca2e782 stunnel-5.15-installer.exe db96edbe66f1c3524e51f21b47cc541953d1659e746765a43d0272cfe60712b0 stunnel-5.15-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJVL7wqAAoJEC78f/DUFuAU+30P/Ar197tSUJC0+sLBXwddWkm4 J7d9lFThQFECDDSIqaFYfCuecIgGHk8LUVq8nQHh21H1tvpPp7SnYHkzOLsb2w/y G7rLdA+a8BgRTUF3rMxTyghL78Yor88OLI8J93U7pkQkl0bIZpiITn838R5x9/NP +nGTgqy3U5tNoXALBQ/tLZCNML/XaEyxfrbdStOslV5Ay3m23RPw9wqgD4tJoWqe 5x52sMmLh0nhE5lX3xAKxzabVcioAaqVlBEgK1/ZKJj709Olcv14HZcOWzWhWkka MR0ItrZMkYf3lLk/StDm3s2BakKRraRustxlK8wAV4ci7t/IBnWshIpYIij9Nzct HNOT10GjWpN6pwwixNcMBUn7/wDNjiRVw/1n/keL84qSYry54Czo1LpBra1lMCmg 8WENkpJbaNFHvXI4rEzZkiPdlG16tXHF33CcYxwrT8bCXa+Uk4i8c98TJ2jfOaUv VFVLWxFtK4ydoppgOo2eRuymVPNK4HbLZnLPL874xPlHpYjRl5ndClLeDpkDzgJv 8y6zdYwJLFbinWGGHTZIVlyQQfKzB1NDCfXxknsbxtCpZt5Ja0Ka+oS6kcOMZz6f CjYpmd52wjEtAoxxxsjGGrYsO3q0sn0UU3Kc97lGGS/MsgbXFYDnSGqP+p8lzDoq urHG9EjMxXNMcnmKp9JQ =XLyZ -----END PGP SIGNATURE-----

1 0

← Newer
1
2
3
4
5
6
7
8
...
15
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

stunnel-announce