Peter Pentchev wrote:
Part of the reason that I think this has not been done is that in most cases (at least under Unix), stunnel is running in a chroot jail for security reasons. If so, the stunnel process that receives the signal has absolutely no way to access the config file - it is most probably outside the chroot tree where the stunnel process operates.
Of course rereading configuration file won't be compatible with chroot (unless you place a copy of the configuration file/certificate/etc. inside the chroot jail). Another obvious problem I expect is the setuid option and binding ports below 1024. 8-)
Rereading of the configuration file is on my TODO aka waiting-for-a-sponsor list, anyway. http://stunnel.mirt.net/todo_sdf.html
Best regards, Mike