Log Message:
Update to 4.39

Version 4.39, 2011.07.06, urgency: LOW:

    New features
        New Win32 installer module to build self-signed stunnel.pem.
        Added configuration file editing with Windows GUI.
        Added log file reopening file editing with Windows GUI. It might be \ 
useful to also implement log file rotation.
        Improved configuration file reload with Windows GUI.

Version 4.38, 2011.06.28, urgency: MEDIUM:

    New features
        Server-side SNI implemented (RFC 3546 section 3.1) with a new \ 
service-level option "nsi".
        "socket" option also accepts "yes" and \ 
"no" for flags.
        Nagle's algorithm is now disabled by default for improved interactivity.
    Bugfixes
        A compilation fix was added for OpenSSL version < 1.0.0.
        Signal pipe set to non-blocking mode. This bug caused hangs of stunnel \ 
features based on signals, e.g. local mode, FORK threading, or configuration \ 
file reload on Unix. Win32 platform was not affected.

Version 4.37, 2011.06.17, urgency: MEDIUM:

    New features
        Client-side SNI implemented (RFC 3546 section 3.1).
        Default "ciphers" changed from the OpenSSL default to a more \ 
secure and faster "RC4-MD5:HIGH:!aNULL:!SSLv2". A paranoid (and \ 
usually slower) setting would be "HIGH:!aNULL:!SSLv2".
        Recommended "options = NO_SSLv2" added to the sample \ 
stunnel.conf file.
        Default client method upgraded from SSLv3 to TLSv1. To connect servers \ 
without TLS support use "sslVersion = SSLv3" option.
        Improved --enable-fips and --disable-fips ./configure option handling.
        On startup stunnel now compares the compiled version of OpenSSL against \ 
the running version of OpenSSL. A warning is logged on mismatch.
    Bugfixes
        Non-blocking socket handling in local mode fixed (Debian bug #626856).
        UCONTEXT threading mode fixed.
        Removed the use of gcc Thread-Local Storage for improved portability.
        va_copy macro defined for platforms that do not have it.
        Fixed "local" option parsing on IPv4 systems.
        Solaris compilation fix (redefinition of "STR").

Version 4.36, 2011.05.03, urgency: LOW:

    New features
        Updated Win32 DLLs for OpenSSL 1.0.0d.
        Dynamic memory management for strings manipulation: no more static \ 
STRLEN limit, lower stack footprint.
        Strict public key comparison added for "verify = 3" \ 
certificate checking mode (thx to Philipp Hartwig).
        Backlog parameter of listen(2) changed from 5 to SOMAXCONN: improved \ 
behavior on heavy load.
        Example tools/stunnel.service file added for systemd service manager.
    Bugfixes
        Missing pthread_attr_destroy() added to fix memory leak (thx to Paul \ 
Allex and Peter Pentchev).
        Fixed the incorrect way of setting FD_CLOEXEC flag.
        Fixed --enable-libwrap option of ./configure script.
        /opt/local added to OpenSSL search path for MacPorts compatibility.
        Workaround implemented for signal handling on MacOS X.
        A trivial bug fixed in the stunnel.init script.
        Retry implemented on EAI_AGAIN error returned by resolver calls.

Version 4.35, 2011.02.05, urgency: LOW:

    New features
        Updated Win32 DLLs for OpenSSL 1.0.0c.
        Transparent source (non-local bind) added for FreeBSD 8.x.
        Transparent destination ("transparent = destination") added \ 
for Linux.
    Bugfixes
        Fixed reload of FIPS-enabled stunnel.
        Compiler options are now auto-detected by ./configure script in order to \ 
support obsolete versions of gcc.
        Async-signal-unsafe s_log() removed from SIGTERM/SIGQUIT/SIGINT handler.
        CLOEXEC file descriptor leaks fixed on Linux >= 2.6.28 with glibc \ 
>= 2.10. Irreparable race condition leaks remain on other Unix platforms. \ 
This issue may have security implications on some deployments: \ 
http://udrepper.livejournal.com/20407.html
        Directory lib64 included in the OpenSSL library search path.
        Windows CE compilation fixes (thx to Pierre Delaage).
        Deprecated RSA_generate_key() replaced with RSA_generate_key_ex().
    Domain name changes (courtesy of Bri Hatch)
        http://stunnel.mirt.net/ --> http://www.stunnel.org/
        ftp://stunnel.mirt.net/ --> http://ftp.stunnel.org/
        stunnel.mirt.net::stunnel --> rsync.stunnel.org::stunnel
        stunnel-users@mirt.net --> stunnel-users@stunnel.org
        stunnel-announce@mirt.net --> stunnel-announce@stunnel.org

Version 4.34, 2010.09.19, urgency: LOW:

    New features
        Updated Win32 DLLs for OpenSSL 1.0.0a.
        Updated Win32 DLLs for zlib 1.2.5.
        Updated automake to version 1.11.1
        Updated libtool to version 2.2.6b
        Added ECC support with a new service-level "curve" option.
        DH support is now enabled by default.
        Added support for OpenSSL builds with some algorithms disabled.
        ./configure modified to support cross-compilation.
        Sample stunnel.init updated based on Debian init script.
    Bugfixes
        Implemented fixes in user interface to enter engine PIN.
        Fixed a transfer() loop issue on socket errors.
        Fixed missing WIN32 taskbar icon while displaying a global option error.