- stunnel-users - stunnel.org

Fwd: Stunnel log file format
by Jesús Alfredo Cambera 12 Jan '16

12 Jan '16

Hi everybody, I'm pretty new on stunnel and I'm still learning a lot through the documentation. One of the tasks that i need to accomplish is to consolidate all the log information using logstash and ELK. So far I had managed to figure out most of the log file format. Here is an example of my log file 2013.01.11 11:26:35 LOG5[13520:140223486400256]: stunnel3 accepted connection from 127.0.0.1:45939 2013.01.11 11:26:35 LOG6[13520:140223486400256]: connect_blocking: connecting 123.4.5.6:9130 2013.01.11 11:26:35 LOG5[13520:140223486498560]: connect_blocking: connected 7.8.9.10:9130 The first two fields are date and hour but I don't understand what do the next field means (LOG5, LOG6). Next is the pid, but I don't know anything about the next field. The last one is the error explanation. Is there documentation about log file format? I'd really appreciate your help. Greetings from Venezuela, Alfredo

2 1

Re: [stunnel-users] Help: sTunnel http to Apache https?
by Hathor27 12 Jan '16

12 Jan '16

Please everybody out there, can anybody tell me, if I can wrap a http-proxy request into http over ssl (https, with sTunnel) and receive it by an Apache https server (without sTunnel server)? Best regards Hathor27

1 0

stunnel 5.29 released
by Michal Trojnara 08 Jan '16

08 Jan '16

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear Users, I have released version 5.29 of stunnel. The ChangeLog entry: Version 5.29, 2016.01.08, urgency: LOW * New features - New WIN32 icons. - Performance improvement: rwlocks used for locking with pthreads. * Bugfixes - Compilation fix for *BSD. - Fixed configuration file reload for relative stunnel.conf path on Unix. - Fixed ignoring CRLfile unless CAfile was also specified (thx to Strukov Petr). Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 43909625403ea634fa7cb8399d58faf8e7f11c1b7b29097491469951f56df551 stunnel-5.29.tar.gz c92ccc98cc9eb0c5d95d9550af39ab502e7ea45ed4d9ccc821aa261856f958b1 stunnel-5.29-installer.exe f9db8676e8e2ec6db355bae41eb625eb8ebd45a836ad8cbf06ce60a3c305fde2 stunnel-5.29-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWj/AqAAoJEC78f/DUFuAUZagQAMbBLW8VSgB8x8WGK1ZueSun HJAqXQgCYFY3+Vdz/41gdGy4T8kMB0MHarCwUbI4Wuk/JEvJLIs7OtFzycm1pTBU vXOgk962OkKs/RGD6tygnzIMmYU+BjxPLcfuj0JZR8Z3/Skt2ssFh4RrgCwoFM7/ VxseTRf487dBTU8n2EduWS1naNSIZCN6MlM0Ql1NNenZIGUSYlOfpxXSYo2ZTbe9 At+oVJ5J23eZrv5Vd48cZY7ArfXqCFDkUsCVyBOjUoSSJQ3qZ7srr7tWj4AVY6Pp Nk4Q1w1o7vWpEMDovjEmiLJMUGY2AUiQMpKoZDyfTnDRdtEfEDb7+P9sa++sruSY uauMZ4IL2zjUhWh2RJVnYHgCYCvjAWVw3GeUoM092svR0NXqf0fnBqAGgXNA/uHg zXy2Ljp8yLSK73oR3z7BaSmM3+q1NS2fZBEfWOVpZoOdG+hoyCZvsvuvDpNXh+y8 7WBPiGMl+Umti8HxKDsF/HEiLoSRrBZFZ1t2jwmLM+kZAsA06j3s5ExttK+FNsSC s/yoISPBGIRJyM/xOwYugyO2mDI8xLm3w7YbJADlJ0R2UiaRFVRqJErITv1/i18c Xek1mhk6HgyhQSCns4gxjM/Xc3VuOGJCP6umwUuiXQvyHvP+oypAyYlgshxNmKD1 Ccn+1DCtt3jw83qNLrZE =yIQ7 -----END PGP SIGNATURE-----

1 0

Re: [stunnel-users] Help: sTunnel http to Apache https?
by Hathor27 05 Jan '16

05 Jan '16

Thank you for your fast response, Jhon. My target https-server is a Synology DS211+ with Apache 2.2(Unix). Its VirtualHost config looks like: <VirtualHost *:443> ServerName myhost.mydomain.com ServerAlias internal.name.local DocumentRoot /somepath/not/used/at/all/ SSLEngine On SSLProtocol all -SSLv2 -SSLv3 # TLSv1 or higher SSLProxyEngine On ProxyRequests On ProxyBadHeader Ignore ProxyVia Full AllowCONNECT myInternalPort <Proxy *> Order deny,allow Deny from all </Proxy> <ProxyMatch (internal\.name\.local)> Order allow,deny Allow from all </ProxyMatch> LogLevel debug ErrorLog /logpath/sshserver-proxy_error_log CustomLog /logpath/sshserver-proxy_request_log combined </VirtualHost> The sTunnel client config on Win7 is: debug = 7 log = overwrite output = C:\userpath\stunnel\stunnel.log socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 client = yes [http-2-ssl] accept = 127.0.0.1:80 connect = proxy.gateway:gwPort protocol = connect protocolHost = myhost.mydomain.com:443 retry = yes config = Protocol:ALL config = Protocol:-SSLv3 Finally still remains my initial question: Can I wrap my http-proxy request into http over ssl (https) and receive it on an Apache https server? If 'yes', how? Best regards Hathor27 Btw: Hopefully better posted

1 0

Upcoming stunnel 5.29 release
by Michal Trojnara 05 Jan '16

05 Jan '16

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Guys, This Friday I intend to release stunnel 5.29. The planned list of changes: * New features - New WIN32 icons. - Performance improvement: rwlocks used for locking with pthreads. * Bugfixes - Compilation fix for *BSD. - Fixed configuration file reload for relative stunnel.conf path on Unix. - Fixed ignoring CRLfile unless CAfile was also specified (thx to Strukov Petr). Feel free to try stunnel 5.29b3, so I can fix any discovered issues before the final release: https://www.stunnel.org/downloads.html Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJWit/iAAoJEC78f/DUFuAUtv8P/izyH0DIhUsDCWbYlyWRJDjr 2lwE1sYwmmMqtArM31N25QtRidEbZgTbuWQXaXY7/HALTnnI1VbDrbtAntVkovQr FDXGlVvkife2IuSDS92b8ezEuq5swCQoT6KoHJDj9yLBSTQdZNxGHv9GfbS90mmv fX3zcWmh+SklYnVgGrnc3GfgecaUS261KArdW1BTfA5ucydzse9z9X+2/iA7zl7i wwvSHkfH3+Q3VsmJaSmoHTiMqzRzvH0NpKnbm0J5OfOql/fT9Mfn57U5ZGnC5iWP bLlPmmP+fC7WLX8Cwl2DWESJ8kxPn2xEJbDGeCn9uzI0feKXMLwF/yrJopYVetIx fJDgts4iR8eFRcFcSIpBrnWxNoTi4RhCzuIj8U/zYOBsHJPs6gPcuDG9fYtPXhF8 D93e8HeOW7naNyi+mTDjBo8qdiGGh+/ITp1PkNonVgFCWkxLIpfS2k6iQ/DqNTXd szMU+uLeub5vt3ifRnSieTpIDTAsSbp0jarlXFRQNrUB0Cl8sgv/Ssl+ZYnDRyIa 2aTrK00eSc1nk+kZGJg5kTJM/t6PzfxtDUhVo5Pr6u9gwa94c34AHQ04W5dA7rTV 4pD4DxpFEk+2Syndjt6lncT/O2at3aYUkhyTZ/tN8/P22v1OWp+ci1WIpNXp/zVX z12IUAFfyQPIuvdwLzZr =CEXd -----END PGP SIGNATURE-----

2 4

Help: sTunnel http to Apache https?
by Hathor27 03 Jan '16

03 Jan '16

Dear List Members, I searched, tried and recovered for several days and found no solution that works. My topic is to establish an ssh remote session through a http-proxy (http connect). In case of port restrictions I can only use pure https (443). So I try to wrap my http-proxy request into http over ssl (https) and receive it on an Apache https server. I can establish a connection between sTunnel Client (Win7 Prof) and sTunnel Server (Synology, Linux), both on 443 - that works fine. But if I try to connect from sTunnel Client (443) to Apache Server https, they seem to speek not the same protocol. .are there any examples for that? - or are sTunnel and Apache two different things of SSL? I would be very glad to get some help here :) Best Regards Hathor27

1 0

Do Not Make Stunnel on El Capitan
by WATANABE Takeo 02 Jan '16

02 Jan '16

Dear all. Hi. My name is WATANABE, Takeo in Japan. There is a thing that is very troubled, it will post to this ML. It is in OS X El Capitan(10.11.x), it is stunnel of make it is that does not pass. The rootkill mechanism I think is causing, but tried again to disable this, even doing several times, not as make is. Even latest Stunnel, make will fail. Where everyone is, what you can well Build. If you have person there know what measures and successes such as a, please tell me. Warm Regards. Sincerely yours.

1 0

transfer: s_poll_wait: TIMEOUTclose exceeded: closing
by Michael Calder 29 Dec '15

29 Dec '15

Hi, I'm new to stunnel and I'm trying to troubleshoot why it currently isn't working. When I first set it up and tested it everything worked fine. I rebuilt everything to do it all again and now it's not working. I'm pretty sure I set everything up the same way. I'm trying to get it to work with AWS SES. Here is my stunnel config: ; Sample stunnel configuration file for Win32 by Michal Trojnara 2002-2015 ; Some options used here may be inadequate for your particular configuration ; This sample file does *not* represent stunnel.conf defaults ; Please consult the manual for detailed description of available options ; ************************************************************************** ; * Global options * ; ************************************************************************** ; Debugging stuff (may be useful for troubleshooting) debug = debug ;output = stunnel.log ; Enable FIPS 140-2 mode if needed for compliance ;fips = yes ; Microsoft CryptoAPI engine allows for authentication with private keys ; stored in the Windows certificate store ; Each section using this feature also needs the "engineId = capi" option ;engine = capi ; ************************************************************************** ; * Service defaults may also be specified in individual service sections * ; ************************************************************************** ; Enable support for the insecure SSLv3 protocol ;options = -NO_SSLv3 ; These options provide additional security at some performance degradation ;options = SINGLE_ECDH_USE ;options = SINGLE_DH_USE ; ************************************************************************** ; * Include all configuration file fragments from the specified folder * ; ************************************************************************** ;include = conf.d ; ************************************************************************** ; * Service definitions (at least one service has to be defined) * ; ************************************************************************** ; ***************************************** Example TLS client mode services [gmail-pop3] client = yes accept = 127.0.0.1:110 connect = pop.gmail.com:995 verify = 2 CAfile = ca-certs.pem checkHost = pop.gmail.com OCSPaia = yes [gmail-imap] client = yes accept = 127.0.0.1:143 connect = imap.gmail.com:993 verify = 2 CAfile = ca-certs.pem checkHost = imap.gmail.com OCSPaia = yes [gmail-smtp] client = yes accept = 127.0.0.1:25 connect = smtp.gmail.com:465 verify = 2 CAfile = ca-certs.pem checkHost = smtp.gmail.com OCSPaia = yes ; Encrypted HTTP proxy authenticated with a client certificate ; located in the Windows certificate store ;[example-proxy] ;client = yes ;accept = 127.0.0.1:8080 ;connect = example.com:8443 ;engineId = capi ; ***************************************** Example TLS server mode services ;[pop3s] ;accept = 995 ;connect = 110 ;cert = stunnel.pem ;[imaps] ;accept = 993 ;connect = 143 ;cert = stunnel.pem ;[ssmtp] ;accept = 465 ;connect = 25 ;cert = stunnel.pem ; TLS front-end to a web server ;[https] ;accept = 443 ;connect = 80 ;cert = stunnel.pem ; "TIMEOUTclose = 0" is a workaround for a design flaw in Microsoft SChannel ; Microsoft implementations do not use TLS close-notify alert and thus they ; are vulnerable to truncation attacks ;TIMEOUTclose = 0 ; Remote cmd.exe protected with PSK-authenticated TLS ; Create "secrets.txt" containing IDENTITY:KEY pairs ;[cmd] ;accept = 1337 ;exec = c:\windows\system32\cmd.exe ;execArgs = cmd.exe ;ciphers = PSK ;PSKsecrets = secrets.txt ; vim:ft=dosini [smtp-tls-wrapper] accept = 2525 client = yes connect = email-smtp.us-east-1.amazonaws.com:2465 delay = yes Here is the debug from the log file: 2015.12.29 17:42:38 LOG7[main]: No limit detected for the number of clients 2015.12.29 17:42:38 LOG5[main]: stunnel 5.28 on x86-pc-msvc-1500 platform 2015.12.29 17:42:38 LOG5[main]: Compiled/running with OpenSSL 1.0.2e-fips 3 Dec 2015 2015.12.29 17:42:38 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI 2015.12.29 17:42:38 LOG7[main]: errno: (*_errno()) 2015.12.29 17:42:38 LOG5[main]: Reading configuration from file stunnel.conf 2015.12.29 17:42:38 LOG5[main]: UTF-8 byte order mark detected 2015.12.29 17:42:38 LOG5[main]: FIPS mode disabled 2015.12.29 17:42:38 LOG7[main]: Compression disabled 2015.12.29 17:42:38 LOG7[main]: Snagged 64 random bytes from C:/.rnd 2015.12.29 17:42:38 LOG7[main]: Wrote 1024 new random bytes to C:/.rnd 2015.12.29 17:42:38 LOG7[main]: PRNG seeded successfully 2015.12.29 17:42:38 LOG6[main]: Initializing service [gmail-pop3] 2015.12.29 17:42:38 LOG7[ui]: GUI message loop initialized 2015.12.29 17:42:38 LOG7[cron]: Cron thread initialized 2015.12.29 17:42:38 LOG7[main]: No certificate or private key specified 2015.12.29 17:42:38 LOG7[main]: SSL options: 0x03000004 (+0x03000000, -0x00000000) 2015.12.29 17:42:38 LOG6[main]: Initializing service [gmail-imap] 2015.12.29 17:42:38 LOG7[main]: No certificate or private key specified 2015.12.29 17:42:38 LOG7[main]: SSL options: 0x03000004 (+0x03000000, -0x00000000) 2015.12.29 17:42:38 LOG6[main]: Initializing service [gmail-smtp] 2015.12.29 17:42:38 LOG7[main]: No certificate or private key specified 2015.12.29 17:42:38 LOG7[main]: SSL options: 0x03000004 (+0x03000000, -0x00000000) 2015.12.29 17:42:38 LOG6[main]: Initializing service [smtp-tls-wrapper] 2015.12.29 17:42:38 LOG7[main]: No certificate or private key specified 2015.12.29 17:42:38 LOG4[main]: Service [smtp-tls-wrapper] needs authentication to prevent MITM attacks 2015.12.29 17:42:38 LOG7[main]: SSL options: 0x03000004 (+0x03000000, -0x00000000) 2015.12.29 17:42:38 LOG5[main]: Configuration successful 2015.12.29 17:42:38 LOG7[main]: Listening file descriptor created (FD=372) 2015.12.29 17:42:38 LOG7[main]: Service [gmail-pop3] (FD=372) bound to 127.0.0.1:110 2015.12.29 17:42:38 LOG7[main]: Listening file descriptor created (FD=376) 2015.12.29 17:42:38 LOG7[main]: Service [gmail-imap] (FD=376) bound to 127.0.0.1:143 2015.12.29 17:42:38 LOG7[main]: Listening file descriptor created (FD=380) 2015.12.29 17:42:38 LOG7[main]: Service [gmail-smtp] (FD=380) bound to 127.0.0.1:25 2015.12.29 17:42:38 LOG7[main]: Listening file descriptor created (FD=384) 2015.12.29 17:42:38 LOG7[main]: Service [smtp-tls-wrapper] (FD=384) bound to 0.0.0.0:2525 2015.12.29 17:43:25 LOG7[main]: Found 1 ready file descriptor(s) 2015.12.29 17:43:25 LOG7[main]: FD=332 ifds=r-x ofds=--- 2015.12.29 17:43:25 LOG7[main]: FD=372 ifds=r-x ofds=--- 2015.12.29 17:43:25 LOG7[main]: FD=376 ifds=r-x ofds=--- 2015.12.29 17:43:25 LOG7[main]: FD=380 ifds=r-x ofds=--- 2015.12.29 17:43:25 LOG7[main]: Service [smtp-tls-wrapper] accepted (FD=444) from 127.0.0.1:49510 2015.12.29 17:43:25 LOG7[main]: Creating a new thread 2015.12.29 17:43:25 LOG7[main]: New thread created 2015.12.29 17:43:25 LOG7[0]: Service [smtp-tls-wrapper] started 2015.12.29 17:43:25 LOG5[0]: Service [smtp-tls-wrapper] accepted connection from 127.0.0.1:49510 2015.12.29 17:43:25 LOG6[0]: failover: round-robin, starting at entry #0 2015.12.29 17:43:25 LOG6[0]: s_connect: connecting 54.243.71.143:2465 2015.12.29 17:43:25 LOG7[0]: s_connect: s_poll_wait 54.243.71.143:2465: waiting 10 seconds 2015.12.29 17:43:25 LOG5[0]: s_connect: connected 54.243.71.143:2465 2015.12.29 17:43:25 LOG5[0]: Service [smtp-tls-wrapper] connected remote server from 172.31.49.212:49511 2015.12.29 17:43:25 LOG7[0]: Remote descriptor (FD=468) initialized 2015.12.29 17:43:25 LOG6[0]: SNI: sending servername: email-smtp.us-east-1.amazonaws.com 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): before/connect initialization 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv2/v3 write client hello A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 read server hello A 2015.12.29 17:43:25 LOG6[0]: Certificate verification disabled 2015.12.29 17:43:25 LOG6[0]: Certificate verification disabled 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 read server certificate A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 read server key exchange A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 read server done A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 write client key exchange A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 write change cipher spec A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 write finished A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 flush data 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 read server session ticket A 2015.12.29 17:43:25 LOG7[0]: SSL state (connect): SSLv3 read finished A 2015.12.29 17:43:25 LOG7[0]: 1 client connect(s) requested 2015.12.29 17:43:25 LOG7[0]: 1 client connect(s) succeeded 2015.12.29 17:43:25 LOG7[0]: 0 client renegotiation(s) requested 2015.12.29 17:43:25 LOG7[0]: 0 session reuse(s) 2015.12.29 17:43:25 LOG6[0]: SSL connected: new session negotiated 2015.12.29 17:43:25 LOG7[0]: Peer certificate was cached (3667 bytes) 2015.12.29 17:43:25 LOG6[0]: Negotiated TLSv1.2 ciphersuite ECDHE-RSA-AES128-GCM-SHA256 (128-bit encryption) 2015.12.29 17:43:25 LOG7[0]: Compression: null, expansion: null 2015.12.29 17:43:36 LOG7[0]: SSL alert (read): warning: close notify 2015.12.29 17:43:36 LOG6[0]: SSL closed (SSL_read) 2015.12.29 17:43:36 LOG7[0]: Sent socket write shutdown 2015.12.29 17:43:38 LOG6[cron]: Executing cron jobs 2015.12.29 17:43:38 LOG6[cron]: Cron jobs completed in 0 seconds 2015.12.29 17:43:38 LOG7[cron]: Waiting 86400 seconds 2015.12.29 17:44:36 LOG3[0]: transfer: s_poll_wait: TIMEOUTclose exceeded: closing 2015.12.29 17:44:36 LOG5[0]: Connection closed: 995 byte(s) sent to SSL, 397 byte(s) sent to socket 2015.12.29 17:44:36 LOG7[0]: Remote descriptor (FD=468) closed 2015.12.29 17:44:36 LOG7[0]: Local descriptor (FD=444) closed 2015.12.29 17:44:36 LOG7[0]: Service [smtp-tls-wrapper] finished (0 left) I've searched the web for that TIMEOUTclose message and haven't come up with a solution. I've also attached a packet capture. Any suggestions would be helpful. Thanks! Mike

1 0

stunnel 5.28 released
by Michal Trojnara 14 Dec '15

14 Dec '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Dear Users, I have released version 5.28 of stunnel. This is a bugfix release. I highly recommend upgrading your stunnel. The ChangeLog entry: Version 5.28, 2015.12.11, urgency: HIGH * New features - Build matrix (.travis.yml) extended with ./configure options. - mingw.mak updated to build tstunnel.exe (thx to Jose Alf.). * Bugfixes - Fixed incomplete initialization. - Fixed UCONTEXT threading on OSX. - Fixed exit codes for information requests (as in "stunnel -version" or "stunnel -help"). Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: 9a25b87b1ef0c08fa3d796edce07b4408e6a8acece23de2eb7ee9285b78852b5 stunnel-5.28.tar.gz 020b5bd8a97a1da91e9b379c0d2fa8a14606402e2b0c1eb9191fe99c7f4665f9 stunnel-5.28-installer.exe 0af65879343b37bcda89dbbde51f6cfde016a044a533f7bdec229f4e1ec25eb9 stunnel-5.28-android.zip Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJWarN7AAoJEC78f/DUFuAUKhcQAJ62DQW+GMpAmtggO42LhaEj NcAdpgYvCAJnemRnTj+YMHHAGGIn7MY7VQZVzIIHL0y4CS6yy8kg1WVQeDgxS7PM zil/CViLayNQUnEaUSpoD3yFlb5i6wqofPa5/ohObAvUwTejN/XtOlyT6OMTEovF ZWWLsqYnVTCkbrY1Usu9DNRlSWaCgGeqL5ZqhbiJHk7hDHIH5Yy8KXKw3dVuOxBZ 86uYNH0WW3qNHKJrI1z70cA+18c6Kab5/4NnzzmWG+TyYCVVLL8JVkahEHhCX5mc yBYcMyBrSkrUoS++IdEZtOKYjwxfiEFdre0junC1m5DqtbOc+vWcvqZRGUfCszHK bg4LlCoNs6VhaAFzY9dyXKWqFP+HvH1cqcVcagCaofcdAEaFrwP4dqwUUBKCT44z JNhEzyrI6+coGq92SZUeSiko2bj+rQWDf3s5pY+zWQVvUe12rTo427Mhbge3sBhQ QykwMsihtrP9s25YkDQHqlpBV85W3axq/O2veb15QlbETDM6eGfnMCFjqhxpBBMO sSgHOr9E1E4pxN4kcokPhwKizxSe0EHVQYM27qGfNXJkzVAvHE+mz0WR2kMPpjT5 N6th9lOMgrjXGo6aTBQO3DIEkw+BB0C9OVWnNXMWqmUnsKp80QVeZKZXgK5c2t1y Y8e0W7HH2xdaQemUQp+n =GrPO -----END PGP SIGNATURE-----

3 3

Upcoming stunnel 5.28 release
by Michal Trojnara 11 Dec '15

11 Dec '15

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi Guys, I have found a serious bug in stunnel 5.27. The bug results in incomplete (partial) service initialization. The bugfix 5.28 release is scheduled for tomorrow. Best regards, Mike -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJWac5NAAoJEC78f/DUFuAUcRUP/A1dOJW8Sag4YRfxnOZfW6bt SouaKMkFQDkQkLrZzQkUhkOFL35DNmesvA+HgCSp+StO/TagcLA34ZrpR355qcZ7 QjEXYftagy85c7DjDek4CU9vfb9u3J3kTcvhtpy6l5CPYV0TWCjApk438xk+saOn xItijYRVcpHbSUof0/E99Gb9mZ3qiI4AVkdSHT4qw3GV8GCdo9R66cHBNDKsYQy1 XWe7VJCEmXw9n0bmj2Soi1TWlU39Q2GcostWK2GuH9fzFyGqnde7RbMHeJ9KYvY/ oSnMjCRblJtoRn4Ucw/1FuOdEZSalpRuPSarmhKCkgc+tKgkK6mvhSbILUbwOMLL hO2nWbMrOhLOlu4UnM32A1djWQCiVRxTO87IAkd5jTTz8sNLCoJHqzcirug68Kjy ljuNf/A/LhkimkfCvZtY5ErMP6TzJ37iaXhaGRLZLoZtK75yKggXnJcJUAEI8ggI RR/mArBHyHG3IwcfdMt4a+AJvsHOJAApCB+0uCGwJnfnuqHJ41Z6WEHuwpBitN/0 4nTGLoOBOyUX/cnrpsx9FLxRdCKAVbGoebXBM5sA9qhCDskp7MMDUFU1pVER5QbZ VKzCpIdeyGKKvCOA5WiNOt3bBBmOGJKB4CXYyMEyDAbr8SL2FTNo5nJ2iUO/2iaU 6a5MITgIc1C6GacMauvo =rb0T -----END PGP SIGNATURE-----

3 3