In the context of an embedded project, I have developed a lightweight, PolarSSL-based TLS-PSK client running on an Arduino board.

Now I am looking for a generic server-side solution to connect the TLK-PSK client to a few Web services living in various app servers (Node.JS, IIS, and others). Since PSK support is not widespread, I am thinking about using stunnel as a generic front-end to these services.

I have done a quick-and-dirty POC of adding PSK support to stunnel and it looks like this could be done with minor modifications, e.g. adding a call to SSL_CTX_set_psk_server_callback and the corresponding callback to ctx.c. Right now the psk_key and psk_identity values are hard-coded, so of course those need to be added to the configuration file.

Is the community interested in further work in that area? Or is PSK support already in the stunnel roadmap?

Cheers,