Dear Users,
I have released version 5.68 of stunnel.
### Version 5.68, 2023.02.07, urgency: HIGH * Security bugfixes - OpenSSL DLLs updated to version 3.0.8. * New features - Added the new 'CAengine' service-level option to load a trusted CA certificate from an engine. - Added requesting client certificates in server mode with 'CApath' besides 'CAfile'. * Bugfixes - Fixed EWOULDBLOCK errors in protocol negotiation. - Fixed handling TLS errors in protocol negotiation. - Prevented following fatal TLS alerts with TCP resets. - Improved OpenSSL initialization on WIN32. - Improved testing suite stability. - Improved file read performance. - Improved logging performance.
Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html
SHA-256 hashes:
dcd895ab088b043d4e0bafa8b934e7ab3e697293828dbe9fce46cb7609a7dacf stunnel-5.68.tar.gz 62807f6233c8a5693104c09b44ebde6cc395877d948651c3ff0767e07ccdd316 stunnel-5.68-win64-installer.exe 93291060fdfc889431e8bce5cfe875b23be2bac11e2338f8f8f84d509f1b33fa stunnel-5.68-android.zip
Best regards, Mike
On Tue, Feb 07, 2023 at 06:49:29PM +0100, Michał Trojnara via stunnel-users wrote:
Dear Users,
I have released version 5.68 of stunnel.
### Version 5.68, 2023.02.07, urgency: HIGH
[snip]
- Improved testing suite stability.
[snip]
Thanks for your work! What do you think about the attached patch, also at https://salsa.debian.org/debian/stunnel/-/blob/master/debian/patches/07-test... ...that fixes the test suite checks when libc has an errno value for the "connection reset by peer" error that is not 104, like e.g. on Debian on the mips64el, sparc64, and other architecures? See e.g. the failed package build log at: https://buildd.debian.org/status/fetch.php?pkg=stunnel4&arch=sparc64&... (search for "Errno 54" to see the actual test_connect message)
Thanks again, and keep up the great work!
G'luck, Peter