High priority features. They will likely be supported some day. A sponsor could allocate my time to get them faster.
- Add 'leastconn' failover strategy to order defined 'connect' targets by the number of active connections.
- Perform protocol negotiations after SSL negotiations if possible.
- Command-line server control interface on both Unix and Windows.
- Separate GUI process running as current user on Windows.
- Optional line-buffering of the log file.
- etc/stunnel/conf.d/* files automatically processed while reading etc/stunnel/stunnel.conf
- Android GUI.
- Indirect CRL support (RFC 3280, section 5).
- Configuration file option to limit the number of concurrent connections.
- SOCKS 4 protocol support. http://archive.socks.permeo.com/protocol/socks4.protocol
Low priority features. They will unlikely ever be supported.
- Support static FIPS-enabled build.
- Provide 64-bit Windows builds (besides 32-bit builds). This requires either Microsoft Visual Studio Standard Edition or Microsoft Visual Studio Professional Edition in order to retain FIPS compliance.
- Service-level logging configuration (separate verbosity and destination).
- Enforce key renegotiation (re-handshake) for long connections.
- Logging to NT EventLog on Windows.
- Internationalization of logged messages (i18n).
- Generic scripting engine instead or static protocol.c.
Features I won't support, unless convinced otherwise by a wealthy sponsor.
- Protocol support *after* SSL is negotiated:
- Support for adding X-Forwarded-For to HTTP request headers. This feature is less useful since PROXY protocol support is available.
- Support for adding X-Forwarded-For to SMTP email headers. This feature is most likely to be implemented as a separate proxy.
- Additional certificate checks (including wildcard comparison) based on:
- CN (Common Name);
- SAN (Subject Alternative Name);
- O (Organization), and
- OU (Organizational Unit).
- Set processes title that appear on the ps(1) and top(1) commands. I could not find a portable *and* non-copyleft library for it.