Stunnel 4.44 - Changelog

What's new in Stunnel 4.33:

April 6th, 2010

New features:
· Win32 DLLs for OpenSSL 1.0.0.
· This library requires to c_rehash CApath/CRLpath directories on upgrade.
· Win32 DLLs for zlib 1.2.4.
· Experimental support for local mode on WIN32 platform.
· Try "exec = c:\windows\system32\cmd.exe".
Bugfixes:
· Inetd mode fixed

What's new in Stunnel 4.32:

March 25th, 2010

New features:
· New service-level "libwrap" option for run-time control whether
· /etc/hosts.allow and /etc/hosts.deny are used for access control.
· Disabling libwrap significantly increases performance of stunnel.
· Win32 DLLs for OpenSSL 0.9.8m.
Bugfixes:
· Fixed a transfer() loop issue with SSLv2 connections.
· Fixed a "setsockopt IP_TRANSPARENT" warning with "local" option.
· Logging subsystem bugfixes and cleanup.
· Installer bugfixes for Vista and later versions of Windows.
· FIPS mode can be enabled/disabled at runtime.

What's new in Stunnel 4.31:

February 19th, 2010

New features:
· Log file reopen on USR1 signal was added.

Bugfixes:
· Some regression issues introduced in 4.30 were fixed.

What's new in Stunnel 4.30:

February 19th, 2010

New features:
· Graceful configuration reload with HUP signal on Unix and with GUI on Windows.

What's new in Stunnel 4.29:

February 19th, 2010

New features:
· Graceful configuration reload with HUP signal on Unix and with GUI on Windows.

What's new in Stunnel 4.29:

February 19th, 2010

· A high performance SSL session cache was built for stunnel.
· A new service-level "sessiond" option was added.
· stunnel clusters will be a lot faster, now!

Bugfixes:
· "execargs" defaults to the "exec" parameter (thx to Peter Pentchev).
· Compilation fixes added for AIX and old versions of OpenSSL.
· Missing "fips" option was added to the manual.

What's new in Stunnel 4.28:

February 19th, 2010

New features:
· Win32 DLLs for OpenSSL 0.9.8l
· Transparent proxy support on Linux kernels >=2.6.28
· See the manual for details
· New socket options to control TCP keepalive on Linux
· TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL
· SSL options updated for the recent version of OpenSSL library

Bugfixes:
· A serious bug in asynchronous shutdown code fixed
· Data alignment updated in libwrap.c
· Polish manual encoding fixed
· Notes on compression implementation in OpenSSL added to the manual

What's new in Stunnel 4.27:

April 23rd, 2009

· Priority Failover strategy, FIPS 1.2 updates, libwrap, OS2, and WCE related fixes.

What's new in Stunnel 4.26:

December 28th, 2008

New features:
· Win32 DLLs for OpenSSL 0.9.8i.
· /etc/hosts.allow and /etc/hosts.deny no longer need to be copied to the chrooted directory, as the libwrap processes are no longer chrooted.
· A more informative error messages for invalid port number specified in stunnel.conf file.
· Support for Microsoft Visual C++ 9.0 Express Edition.

Bugfixes:
· Killing all libwrap processes at stunnel shutdown fixed.
· A minor bug in stunnel.init sample SysV startup file fixed.

What's new in Stunnel 4.25:

July 23rd, 2008

· New: Win32 DLLs for OpenSSL 0.9.8h
· Fix: Spawning libwrap processes delayed until privileges are dropped
· Fix: Compilation fix for systems without struct msghdr.msg_control
· Fix: OCSP code was fixed to properly reject revocated certificates
· Fix: Local privilege escalation bug on Windows NT based systems fixed. A local user could exploit stunnel running as a service to gain localsystem privileges