PLIST and delete everything under the @sample'd directory instead of the
directory itself to prevent a warning from pkg_delete(1) trying to
remove a non existing directory and to help preventing left-over files
and directories.
functionality. The bug allows a revoked certificate to successfully
authenticate. Any installations with OCSP enabled should be upgraded ASAP.
Other users are not affected.
- new user interface (config file)
- single daemon can listen on multiple ports
- delayed DNS lookup added
- configurable timeouts
- chroot support
- private key file for a certificate can be kept in a separate file
* Format string bug fixed in protocol.c
smtp, pop3 and nntp in client mode were affected.
(stunnel clients could be attacked by malicious servers)
* Certificate chain can be supplied with -p option or in stunnel.pem.
* Problem with -r and -l options used together fixed.
* memmove() instead of memcpy() is used to move data in buffers.
* More detailed information about negotiated ciphers is printed.
* New ./configure options: "--enable-no-rsa" and "--enable-dh".
- setsockopt() optlen set according to the optval for Solaris.
- Minor NetBSD compatibility fixes by Martti Kuparinen.
- Minor MSVC6 compatibility fixes by Patrick Mayweg.
- SSL close_notify timeout reduced to 10 seconds of inactivity.
- Socket close instead of reset on close_notify timeout.
- Some source arrangement and minor bugfixes.
- Critical section added around non MT-safe TCP Wrappers code.
- Problem with "select: Interrupted system call" error fixed.
- errno replaced with get_last_socket_error() for Win32.
- Some FreeBSD/NetBSD patches to ./configure from Martti Kuparinen.
- Local mode process pid logged.
- Default FQDN (localhost) removed from stunnel.cnf
- ./configure changed to recognize POSIX threads library on OSF.
- New -O option to set socket options.
- MAX_CLIENTS is calculated based on FD_SETSIZE, now.
- Problems with closing SSL in transfer() fixed.
- -I option to bind a static local IP address added.
- Debug output of info_callback redesigned.
- Some transfer() bugfixes/improvements.
- STDIN/STDOUT are no logner assumed to be non-socket decriptors.
- Problem with --with-tcp-wrappers patch fixed.
- pop3 and nntp support bug fixed by Martin Germann.
- -o option to append log messages to a file added.
- Changed error message for SSL error 0.
