Path to this page:
./
security/stunnel,
Universal SSL tunnel
Branch: pkgsrc-2016Q2,
Version: 5.35,
Package name: stunnel-5.35,
Maintainer: jymThe stunnel program is designed to work as SSL encryption wrapper
between remote client and local (inetd-startable) or remote server.
The concept is that having non-SSL aware daemons running on your
system you can easily setup them to communicate with clients over
secure SSL channel.
stunnel can be used to add SSL functionality to commonly used inetd
daemons like POP-2, POP-3 and IMAP servers without any changes in
the program code.
Required to run:[
lang/perl5]
Package options: inet6, tcpwrappers, threads
Master sites:
SHA1: 90cafc2208aa3acefb503856482e163e9af463c4
RMD160: 92f7c680e9de49740094a531c5b466aa5ac9d453
Filesize: 630.027 KB
Version history: (Expand)
- (2016-09-03) Updated to version: stunnel-5.35
- (2016-07-07) Package has been reborn
- (2016-07-06) Package added to pkgsrc.se, version stunnel-5.32 (created)
CVS history: (Expand)
2016-09-03 20:13:39 by Benny Siegert | Files touched by this commit (3) |
Log message:
Pullup ticket #5089 - requested by jym
security/stunnel: security fix
Revisions pulled up:
- security/stunnel/Makefile 1.104
- security/stunnel/distinfo 1.51
- security/stunnel/patches/patch-stunnel.conf-sample.in 1.1
---
Module Name: pkgsrc
Committed By: jym
Date: Mon Aug 29 19:21:25 UTC 2016
Modified Files:
pkgsrc/security/stunnel: Makefile distinfo
Added Files:
pkgsrc/security/stunnel/patches: patch-stunnel.conf-sample.in
Log message:
PR pkg/51449
Update stunnel to 5.35.
- Add patch to provide an explicit chroot option to the default
configuration sample (option is documented but not found within
the default conf file). While here, enable setuid/setgid as
stunnel user/group creations are handled by package.
- Rework SUBSTs so that they apply to the correct sample
config file.
Changelog:
Version 5.35, 2016.07.18, urgency: HIGH
* Bugfixes
- Fixed incorrectly enforced client certificate requests.
- Only default to SO_EXCLUSIVEADDRUSE on Vista and later.
- Fixed thread safety of the configuration file reopening.
Version 5.34, 2016.07.05, urgency: HIGH
* Security bugfixes
- Fixed malfunctioning "verify = 4".
* New features
- Bind sockets with SO_EXCLUSIVEADDRUSE on WIN32.
- Added three new service-level options: requireCert, verifyChain,
and verifyPeer for fine-grained certificate verification control.
- Improved compatibility with the current OpenSSL 1.1.0-dev tree.
Version 5.33, 2016.06.23, urgency: HIGH
* New features
- Improved memory leak detection performance and accuracy.
- Improved compatibility with the current OpenSSL 1.1.0-dev tree.
- SNI support also enabled on OpenSSL 0.9.8f and later (thx to
Guillermo Rodriguez Garcia).
- Added support for PKCS #12 (.p12/.pfx) certificates (thx to
Dmitry Bakshaev).
* Bugfixes
- Fixed a TLS session caching memory leak (thx to Richard Kraemer).
Before stunnel 5.27 this leak only emerged with sessiond enabled.
- Yet another WinCE socket fix (thx to Richard Kraemer).
- Fixed passphrase/pin dialogs in tstunnel.exe.
- Fixed a FORK threading build regression bug.
- OPENSSL_NO_DH compilation fix (thx to Brian Lin).
- Fixed a TLS session caching memory leak (thx to Richard Kraemer).
Before stunnel 5.27 this leak only emerged with sessiond enabled.
- Yet another WinCE socket fix (thx to Richard Kraemer).
- Fixed passphrase/pin dialogs in tstunnel.exe.
- Fixed a FORK threading build regression bug.
- OPENSSL_NO_DH compilation fix (thx to Brian Lin).
|