Projects / stunnel


The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote server. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the programs' code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries. It calls the underlying crypto libraries, so stunnel supports whatever cryptographic algorithms you compiled into your crypto package.

Operating Systems

Recent releases

  •  26 Nov 2011 21:33

    Release Notes: FIPS-compliant OpenSSL DLLs are supplied with the Windows installer. FIPS mode can be disabled with the "fips = no" configuration file option. The stability of the Windows GUI was also improved.

    •  07 Nov 2011 15:37

      Release Notes: This release adds Unix socket support (e.g., "connect = /var/run/stunnel/socket") and a new certificate verification mode ("verify = 4") to ignore the CA chain and only verify the peer certificate. It also includes some performance and scalability optimizations, and compilation bugfixes.

      •  24 Oct 2011 20:36

        Release Notes: New "protocol = proxy" support was added to send the original client IP address to haproxy. This requires the accept-proxy bind option of haproxy 1.5-dev3 or later. A number of minor improvements and bugfixes were added, mostly related to Win32 GUI and compilation issues on various platforms.

        •  17 Sep 2011 20:47

          Release Notes: Bugs in the new SNI and memory management code were fixed. Buffer overflow protection was implemented for heap allocations, and gcc buffer overflow protection was enabled for stack allocations.

          •  07 Sep 2011 20:29

            Release Notes: Win32 OpenSSL DLLs were updated to version 1.0.0e. This version fixes Win32 configuration file reload. FORK and UCONTEXT threading models were corrected and thoroughly tested. Major performance optimization was performed on the logging subsystem.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.