config root man

Current Path : /usr/local/share/doc/stunnel/

FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64
Upload File :
Current File : //usr/local/share/doc/stunnel/TODO

stunnel TODO


High priority features.  They will likely be supported some day.
A sponsor could allocate my time to get them faster.
* Add an Apparmor profile.
* Optional line-buffering of the log file.
* Configuration file option to limit the number of concurrent connections.
* Implement reference counting of the SERVICE_OPTIONS structure
  - Add 'leastconn' failover strategy to order defined 'connect' targets
    by the number of active connections.
  - Add '-status' command line option reporting the number of clients
    connected to each service.
  - Deallocate SERVICE_OPTIONS structure when the configuration file
    is reloaded *and* old connections are closed.
* Command-line server control interface on both Unix and Windows.
* Separate GUI process running as current user on Windows.
* etc/stunnel/conf.d/* files automatically processed while reading
  etc/stunnel/stunnel.conf
* An Android GUI.
* Indirect CRL support (RFC 3280, section 5).
* Provide 64-bit Windows builds (besides 32-bit builds).
  This requires either Microsoft Visual Studio Standard Edition or Microsoft
  Visual Studio Professional Edition in order to retain FIPS compliance.
* MSI installer for Windows.

Low priority features.  They will unlikely ever be supported.
* Support static FIPS-enabled build.
* Service-level logging configuration (separate verbosity and destination).
* Enforce key renegotiation (re-handshake) for long connections.
* Logging to NT EventLog on Windows.
* Internationalization of logged messages (i18n).
* Generic scripting engine instead or static protocol.c.

Features I won't support, unless convinced otherwise by a wealthy sponsor.
* Support for adding X-Forwarded-For to HTTP request headers.
  This feature is less useful since PROXY protocol support is available.
* Support for adding X-Forwarded-For to SMTP email headers.
  This feature is most likely to be implemented as a separate proxy.
* Additional certificate checks (including wildcard comparison) based on:
  - CN (Common Name);
  - SAN (Subject Alternative Name);
  - O (Organization), and
  - OU (Organizational Unit).
* Set processes title that appear on the ps(1) and top(1) commands.
  I could not find a portable *and* non-copyleft library for it.

Man Man