Path to this page:
./
security/stunnel,
Universal SSL tunnel
Branch: CURRENT,
Version: 5.60nb1,
Package name: stunnel-5.60nb1,
Maintainer: jymThe stunnel program is designed to work as an SSL encryption wrapper
between a remote client and a local (inetd-startable) or remote server.
The concept is that despite having non-SSL aware daemons running on your
system, you can easily set them up to communicate with clients over
a secure SSL channel.
stunnel can be used to add SSL functionality to commonly used inetd
daemons like POP-2, POP-3 and IMAP servers without any changes in
the program code.
Required to run:[
lang/perl5] [
security/openssl]
Required to build:[
pkgtools/cwrappers]
Package options: inet6, tcpwrappers, threads
Master sites:
Filesize: 961.209 KB
Version history: (Expand)
- (2022-06-28) Updated to version: stunnel-5.60nb1
- (2021-10-25) Updated to version: stunnel-5.60
- (2021-05-25) Updated to version: stunnel-5.59nb1
- (2021-04-21) Updated to version: stunnel-5.59
- (2021-03-09) Updated to version: stunnel-5.58
- (2020-11-24) Updated to version: stunnel-5.57
CVS history: (Expand)
2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952) |
Log message:
*: recursive bump for perl 5.36
|
2021-10-26 13:18:07 by Nia Alarie | Files touched by this commit (605) |
Log message:
security: Replace RMD160 checksums with BLAKE2s checksums
All checksums have been double-checked against existing RMD160 and
SHA512 hashes
Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
|
2021-10-24 23:33:48 by Amitai Schleier | Files touched by this commit (2) |
Log message:
Update to 5.60. From the changelog:
* New features
- New 'sessionResume' service-level option to allow
or disallow session resumption
- Added support for the new SSL_set_options() values.
- Download fresh ca-certs.pem for each new release.
* Bugfixes
- Fixed 'redirect' with 'protocol'. This combination is
not supported by 'smtp', 'pop3' and 'imap' protocols.
- Enforced minimum WIN32 log window size.
- Fixed support for password-protected private keys with
OpenSSL 3.0 (thx to Dmitry Belyavskiy).
- Added missing TLS options supported in OpenSSL 1.1.1k.
|
2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606) |
Log message:
security: Remove SHA1 hashes for distfiles
|
2021-05-24 21:56:06 by Thomas Klausner | Files touched by this commit (3575) |
Log message:
*: recursive bump for perl 5.34
|
2021-04-21 11:02:32 by Nia Alarie | Files touched by this commit (2) |  |
Log message:
stunnel: update to 5.59
### Version 5.59, 2021.04.05, urgency: HIGH
* Security bugfixes
- OpenSSL DLLs updated to version 1.1.1k.
* New features
- Client-side "protocol = ldap" support (thx to Bart
Dopheide and Seth Grover).
* Bugfixes
- The test suite fixed not to require external connectivity.
- Fixed paths in generated manuals (thx to Tatsuki Makino).
- Fixed configuration reload when compression is used.
- Fixed compilation with early releases of OpenSSL 1.1.1.
|
2021-03-09 09:38:07 by =?UTF-8?B?RnLDqWTDqXJpYyBGYXViZXJ0ZWF1?= | Files touched by this commit (2) |  |
Log message:
stunnel: Update to 5.58
upstream changes:
-----------------
* Security bugfixes
o The "redirect" option was fixed to properly handle unauthenticated
requests (thx to Martin Stein).
o Fixed a double free with OpenSSL older than 1.1.0 (thx to Petr
Strukov).
o OpenSSL DLLs updated to version 1.1.1j.
* New features
o New 'protocolHeader' service-level option to insert custom 'connect'
protocol negotiation headers. This feature can be used to impersonate
other software (e.g. web browsers).
o 'protocolHost' can also be used to control the client SMTP protocol
negotiation HELO/EHLO value.
o Initial FIPS 3.0 support.
* Bugfixes
o X.509v3 extensions required by modern versions of OpenSSL are added to
generated self-signed test certificates.
o Fixed a tiny memory leak in configuration file reload error handling
(thx to Richard Könning).
o Merged Debian 05-typos.patch (thx to Peter Pentchev).
o Merged with minor changes Debian 06-hup-separate.patch (thx to Peter
Pentchev).
o Merged Debian 07-imap-capabilities.patch (thx to Ansgar).
o Merged Debian 08-addrconfig-workaround.patch (thx to Peter Pentchev).
o Fixed tests on the WSL2 platform.
o NSIS installer updated to version 3.06 to fix a multiuser installation
bug on some platforms, including 64-bit XP.
o Fixed engine initialization (thx to Petr Strukov).
o FIPS TLS feature is reported when a provider or container is available,
and not when FIPS control API is available.
|
2020-11-24 14:41:57 by Nia Alarie | Files touched by this commit (2) |  |
Log message:
stunnel: Update to 5.57
### Version 5.57, 2020.10.11, urgency: HIGH
* Security bugfixes
- The "redirect" option was fixed to properly
handle "verifyChain = yes" (thx to Rob Hoes).
- OpenSSL DLLs updated to version 1.1.1h.
* New features
- New securityLevel configuration file option.
- FIPS support for RHEL-based distributions.
- Support for modern PostgreSQL clients (thx to Bram Geron).
- Windows tooltip texts updated to mention "stunnel".
- TLS 1.3 configuration updated for better compatibility.
* Bugfixes
- Fixed a transfer() loop bug.
- Fixed memory leaks on configuration reloading errors.
- DH/ECDH initialization restored for client sections.
- Delay startup with systemd until network is online.
- bin\libssp-0.dll removed when uninstalling.
- A number of testing framework fixes and improvements.
|