[stunnel-users] stunnel 5.38 released

Michał Trojnara Michal.Trojnara at stunnel.org
Sun Nov 27 17:07:26 CET 2016

Hi Peter,

Yes, the src/dhparam.c file generated with OpenSSL older than 1.1.0 is
incompatible with OpenSSL 1.1.0.  I forgot to use OpenSSL 1.1.0 to
create the file with the new release.  Please just delete the file and
let OpenSSL 1.1.0 create a new one for you.

Best regards,

On 27.11.2016 02:29, Peter Pentchev wrote:
> On Sat, Nov 26, 2016 at 11:26:04PM +0100, Michał Trojnara wrote:
>> Dear Users,
>> I have released version 5.38 of stunnel.
> Hi,
> Thanks for your continuing work on stunnel!
> Unfortunately, 5.38 doesn't compile with OpenSSL 1.1, at least with
> the 1.1.0c version in Debian unstable.  It seems that the DH_set0_pqg()
> workaround was added with good reason - OpenSSL 1.1 wants us to treat
> a DH pointer as a pointer to an opaque structure, it hides the members.
> I'll apply the attached patch to the Debian package so that it'll
> build - it basically restores get_dh2048() to its 5.37 version.
> BTW, if you really want to remove the use of DH_set0_pqg(), it'd
> be a bit better to also remove the pre-1.1 implementation from
> src/ssl.c and the prototype in common.h.
> Thanks again for your time and work!
> G'luck,
> Peter

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20161127/a0b50016/attachment.sig>

More information about the stunnel-users mailing list