Stunnel.org  
   
Home
About
News
Faq
Examples
Download
Patches
Support
Related
 
Stunnel -- Universal SSL Wrapper

Stunnel -- Universal SSL Wrapper

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

The Stunnel source code is not a complete product -- you still require a functioning SSL library such as OpenSSL or SSLeay in order to compile stunnel. This means that stunnel can support whatever (and only) that which your SSL library can, without making any changes in the Stunnel code.

The Stunnel source code is available under the GNU General Public License, meaning it is free to use in both commercial and non commercial applications as you see fit, as long as you provide source code (and any modifications) with the software. Your compiled Stunnel binary is 'restricted' by whatever license your chosen SSL library is under, however both OpenSSL and SSLeay are open source and similarly liberal in their licensing.

Stunnel 3.24 and earlier signaling bug

Stunnel 3.24 and earlier (as well as 4.0x x<4) does not properly handle SIGCHLD signals safely. Stunnel 3.26 is now available and fixes this problem.

DoS Attack in OpenSSL OpenSSL from 0.9.6c to 0.9.6l, and 0.9.7a through 0.9.7c have potential Denial of Service attack vulnerabilities. For more information, see the advisory at http://www.openssl.org/news/secadv_20040317.txt.

New compiled Windows DLL libraries for 0.9.7d are available in the download area. Stunnel-4.x Notes

Since the release of Stunnel-4.x, a major change to the architecture, these web pages have not all been updated to reflect the new changes. Bear with me as I update things. Contributions are appreciated.

Recent Updates

Date     Item
  
2005-02-27:   Stunnel-4.08 released.
2005-01-02:   Stunnel-4.07 released.
2004-12-26:   Stunnel-4.06 released.
2004-03-17:   New OpenSSL-0.9.7d DLLs are available to fix an exploitable vulnerability in earlier versions.
2004-02-14:   Stunnel-4.05 released.
2003-09-30:   New OpenSSL-0.9.7c DLLs are available to fix an exploitable vulnerability in earlier versions.
  more...

The Stunnel software package does not contain any cryptography itself, however please remember that import and/or export of cryptographic software, code providing hooks to cryptographic algorithms, and discussion about cryptography is illegal in some countries. It is imperative for you to know your local laws governing cryptography. We're not liable for anything you do that violates your local laws.

This website was created by Brian Hatch
Hardware and bandwidth for this site provided by Onsight, Inc.