On Tue, 2009-06-23 10:33:14 -0400, Terry Riegel wrote:

Well, that would be one way of doing it. I would prefer to have stunnel running as a daemon and just pass a FQDN and local port number to it. But it may not be able to do that.

You are right. Currently, stunnel's configuration can't be changed at run-time (and I still don't see a need for that).

If I did it the way you are suggesting then 5 concurrent users would fire up 30 processes. On my system starting the daemon starts 6 processes, and if I start it up again I get another 6 processes.

Is this still true with 'foreground = yes'?

For reducing the number of processes, you might also try to configure stunnel with --disable-libwrap. If you run stunnel from within a CGI, you will be accepting connections from localhost only anyway.

HTH,

Ludolf