Subject: CVS commit: pkgsrc/security/stunnel
To: None <>
From: Amitai Schlair <>
List: pkgsrc-changes
Date: 01/14/2007 00:07:15
Module Name:	pkgsrc
Committed By:	schmonz
Date:		Sun Jan 14 00:07:15 UTC 2007

Modified Files:
	pkgsrc/security/stunnel: Makefile PLIST distinfo
	pkgsrc/security/stunnel/patches: patch-aa patch-ac
Removed Files:
	pkgsrc/security/stunnel/patches: patch-ab

Log Message:
Update to 4.20. From the changelog:

Version 4.20, 2006.11.30, urgency: MEDIUM:
* Release notes
  - The new transfer() function has been well tested.
    I recommend upgrading any previous version with this one.
* Bugfixes
  - Fixed support for encrypted passphases (broken in 4.19).
  - Reduced amount of debug logs.
  - A minor man page update.

Version 4.19, 2006.11.11, urgency: LOW/EXPERIMENTAL:
* Release notes
  - There are a lot of new features in this version.  I recommend
    to test it well before upgrading your mission-critical systems.
* New features
  - New service-level option to specify OCSP server flag:
    OCSPflag = <flag>
  - "protocolCredentials" option changed to "protocolUsername"
    and "protocolPassword"
  - NTLM support to be enabled with the new service-level option:
    protocolAuthentication = NTLM
  - imap protocol negotiation support added.
  - Passphrase cache was added so the user does not need to reenter
    the same passphrase for each defined service any more.
  - New service-level option to retry connect+exec section:
    retry = yes|no
  - Local IP and port is logged for each established connection.
  - Win32 DLLs for OpenSSL 0.9.8d.
* Bugfixes
  - Serious problem with SSL_WANT_* retries fixed.
    The new code requires extensive testing!

Version 4.18, 2006.09.26, urgency: MEDIUM:
* Bugfixes
  - GPF on entering private key pass phrase on Win32 fixed.
  - Updated OpenSSL Win32 DLLs.
  - Minor configure script update.

Version 4.17, 2006.09.10, urgency: MEDIUM:
* New features
  - Win32 DLLs for OpenSSL 0.9.8c.
* Bugfixes
  - Problem with detecting getaddrinfo() in ./configure fixed.
  - Compilation problem due to misplaced #endif in ssl.c fixed.
  - Duplicate 220 in smtp_server() function in protocol.c fixed.
  - Minor os2.mak update.
  - Minor update of safestring()/safename() macros.

Version 4.16, 2006.08.31, urgency: MEDIUM:
* New features sponsored by Hewlett-Packard
  - A new global option to control engine:
    engineCtrl = <command>[:<parameter>]
  - A new service-level option to select engine to read private key:
    engineNum = <engine number>
  - OCSP support:
    ocsp = <URL>
* New features
  - A new option to select version of SSL protocol:
    sslVersion = all|SSLv2|SSLv3|TLSv1
  - Visual Studio vc.mak by David Gillingham <>.
  - OS2 support by Paul Smedley (
* Bugfixes
  - An ordinary user can install stunnel again.
  - Compilation problem with --enable-dh fixed.
  - Some minor compilation warnings fixed.
  - Service-level CRL cert store implemented.
  - GPF on protocol negotiations fixed.
  - Problem detecting addrinfo() on Tru64 fixed.
  - Default group is now detected by configure script.
  - Check for maximum number of defined services added.
  - OpenSSL_add_all_algorithms() added to SSL initialization.
  - configure script sections reordered to detect pthread library funcions.
  - RFC 2487 autdoetection improved.  High resolution s_poll_wait()
    not currently supported by UCONTEXT threading.
  - More precise description of cert directory file names (thx to Muhammad
* Other changes
  - Maximum number of services increased from 64 to 256 when poll() is used.

To generate a diff of this commit:
cvs rdiff -r1.57 -r1.58 pkgsrc/security/stunnel/Makefile
cvs rdiff -r1.8 -r1.9 pkgsrc/security/stunnel/PLIST
cvs rdiff -r1.21 -r1.22 pkgsrc/security/stunnel/distinfo
cvs rdiff -r1.18 -r1.19 pkgsrc/security/stunnel/patches/patch-aa
cvs rdiff -r1.17 -r0 pkgsrc/security/stunnel/patches/patch-ab
cvs rdiff -r1.7 -r1.8 pkgsrc/security/stunnel/patches/patch-ac

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.