-
Latest Version
Stunnel 5.73 LATEST
-
Review by
-
Operating System
Mac OS X 10.6 or later
-
User Rating
Click to vote -
Author / Product
-
Filename
stunnel-5.73.tar.gz
-
MD5 Checksum
b16a19e2b48945ca4cc0503b761c291f
Built as an open-source application under direct development of its creator Michał Trojnara, Stunnel for macOS has managed very rapidly to become one of the first solutions for networking and security professionals who want to add TLS encryption functionality to their network nodes (both servers and clients) without actively changing the code of the communication and data sharing programs.
To provide as high security as it is possible, Stunnel relies heavily on tried and tested public-key cryptography with X.509 digital certificates to create an impenetrable SSL connection. The security is handled via advanced OpenSSL libraries and user-selected cryptographic algorithms, a FIPS 140-2 validation, and much more.
Originally released to the public in December of 1998, this application went through several large upgrades that enabled it to be suitable for use both by home users and large companies. The adoption of new security, portability, and scalability features enabled all of its users to take direct control over network security.
After more than 16 years on the market, MichaÅ‚ Trojnara released another more feature-rich online security app Ghostunnel – which was marketed as a successor to Stunnel for Mac.
It can be downloaded and used for FREE by both home users and businesses. The app is optimized for all modern versions of macOS and can be also found on a wide variety of other OS and device platforms.
Features and Highlights
- PTHREAD (Posix)
- FORK (traditional Unix)
- UCONTEXT (userlevel)
- Load sharing among multiple backend servers
- External session cache (for clusters)
- Compression (for limited bandwidth)
- Certificate-based access control
- CRL and OCSP certificate revocation
- SNI (Server Name Indication) support for name-based virtual servers
- PFS (Perfect Forward Secrecy) with DH and ECDH key agreement
- FIPS mode (for compliance)
- Configuration of hardware engines
- Local mode (running services designed for inetd) with an optional pseudo-terminal allocation
- chroot (additional security)
- setuid/setgid (additional security)
- Logging to syslog
- Libwrap (TCP Wrappers) access control
- Transparent proxy on selected platforms
- EGD (Entropy Gathering Daemon) client
- Unix socket support
- GUI
- Saving cached peer certificate chains to files
- IPv6 support
- Protocol negotiation for cifs, connect, imap, nntp, pgsql, pop3, proxy, and smtp
- Delayed resolver (for dialup connections and remote hosts with dynamic IP addresses)
- Graceful configuration file reloading
- Graceful log file reopening
- Ident access control
What's new in this version:
Security fixes:
- OpenSSL DLLs updated to version 3.3.2
- OpenSSL FIPS Provider updated to version 3.0.9
Fixed:
- Fixed a memory leak while reloading stunnel.conf sections with "client=yes" and "delay=no"
- Fixed TIMEOUTocsp with values greater than 4
- Fix the IPv6 test on a non-IPv6 machine
Features:
- HELO replaced with EHLO in the post-STARTTLS SMTP protocol negotiation (thx to Peter Pentchev)
- OCSP stapling fetches moved away from server threads
- Improved client-side session resumption
- Added support for the mimalloc allocator
- Check for protocolHost moved to configuration file processing for the client-side CONNECT protocol
- Clarified some confusing OpenSSL's certificate verification error messages
- stunnel.nsi updated for Debian 13 and Fedora
- Improved NetBSD compatibility
- AvastAvast Mac Security
- PhotoshopAdobe Photoshop CC 2024 25.12
- OperaOpera 114.0 Build 5282.21
- Hero WarsHero Wars - Online Action Game
- Adobe AcrobatAdobe Acrobat Pro 2024.002.20854
- TradingViewTradingView - Track All Markets
- ParallelsParallels Desktop 20.0.1
- 4K Video4K Video Downloader+ 1.9.1
- CleanMyMacCleanMyMac X 4.15.8
- 4DDiG4DDiG Mac Data Recovery 5.2.2
Comments and User Reviews