Dear Users,
I have just released version 4.38 of stunnel.
The ChangeLog entry:
Version 4.38, 2011.06.28, urgency: MEDIUM:
* New features
- Server-side SNI implemented (RFC 3546 section 3.1) with a new
service-level option "nsi".
- "socket" option also accepts "yes" and "no" for flags.
- Nagle's algorithm is now disabled by default for improved
interactivity.
* Bugfixes
- A compilation fix was added for OpenSSL version < 1.0.0.
- Signal pipe set to non-blocking mode. This bug caused hangs of
stunnel
features based on signals, e.g. local mode, FORK threading, or
configuration file reload on Unix. Win32 platform was not
affected.
Home page: http://www.stunnel.org/
Download: ftp://ftp.stunnel.org/stunnel/
SHA-256 hash for stunnel-4.38.tar.gz:
aa49012195fde4dc3e4bed2bb25283cb40a6e0ad8295a47e730652f611e2268c
Best regards,
Mike
Dear Users,
I have just released version 4.37 of stunnel. This release is mainly
intended to fix bugs and portability issues introduced in versions
4.35 and 4.36.
This version also provides new security defaults, updated to better
match current best practices in cryptographic applications.
The ChangeLog entry:
Version 4.37, 2011.06.17, urgency: MEDIUM:
* New features
- Client-side SNI implemented (RFC 3546 section 3.1).
- Default "ciphers" changed from the OpenSSL default to a more secure
and faster "RC4-MD5:HIGH:!aNULL:!SSLv2".
A paranoid (and usually slower) setting would be "HIGH:!aNULL:!
SSLv2".
- Recommended "options = NO_SSLv2" added to the sample stunnel.conf
file.
- Default client method upgraded from SSLv3 to TLSv1.
To connect servers without TLS support use "sslVersion = SSLv3"
option.
- Improved --enable-fips and --disable-fips ./configure option
handling.
- On startup stunnel now compares the compiled version of OpenSSL
against
the running version of OpenSSL. A warning is logged on mismatch.
* Bugfixes
- Non-blocking socket handling in local mode fixed (Debian bug
#626856).
- UCONTEXT threading mode fixed.
- Removed the use of gcc Thread-Local Storage for improved
portability.
- va_copy macro defined for platforms that do not have it.
- Fixed "local" option parsing on IPv4 systems.
- Solaris compilation fix (redefinition of "STR").
Home page: http://www.stunnel.org/
Download: ftp://ftp.stunnel.org/stunnel/
SHA-256 hash for stunnel-4.37.tar.gz:
02ca30609ccb26f6e52ff7eb79a6778ea452a04432eaef7d959d19933f6fe109
Best regards,
Mike
