diff options
author | Peter Pentchev <roam@ringlet.net> | 2015-11-17 20:34:25 +0200 |
---|---|---|
committer | Peter Pentchev <roam@ringlet.net> | 2015-11-17 20:34:25 +0200 |
commit | 911012e41398b34047ca3a6fcf4af8c64205cbfe (patch) | |
tree | 6e1271e8b79b20147f25fad689538075dfc94b00 /doc/stunnel.pod.in | |
parent | 988abe2f6a43827183caffbb683db7a0f2a3e352 (diff) |
Imported Upstream version 5.24
Diffstat (limited to 'doc/stunnel.pod.in')
-rw-r--r-- | doc/stunnel.pod.in | 43 |
1 files changed, 29 insertions, 14 deletions
diff --git a/doc/stunnel.pod.in b/doc/stunnel.pod.in index b8e9d7f..ad9d9a3 100644 --- a/doc/stunnel.pod.in +++ b/doc/stunnel.pod.in @@ -340,14 +340,6 @@ service sections, it is only useful in global options. default: stunnel -=item B<setgid> = GROUP (Unix only) - -setgid() to the specified group in daemon mode and clear all other groups - -=item B<setuid> = USER (Unix only) - -setuid() to the specified user in daemon mode - =item B<socket> = a|l|r:OPTION=VALUE[:VALUE] Set an option on the accept/local/remote socket @@ -792,29 +784,36 @@ encryption. =item B<protocolAuthentication> = basic | ntlm -authentication type for protocol negotiations +authentication type for the protocol negotiations Currently the authentication type only applies to the 'connect' protocol. default: basic +=item B<protocolDomain> = DOMAIN + +domain for the protocol negotiations + +Currently the protocol domain only applies to the 'connect' protocol. + =item B<protocolHost> = HOST:PORT -destination address for protocol negotiations +destination address for the protocol negotiations I<protocolHost> specifies the final SSL server to be connected to by the proxy, and not the proxy server directly connected by B<stunnel>. The proxy server should be specified with the 'connect' option. -Currently the protocol destination address only applies to 'connect' protocol. +Currently the protocol destination address only applies to the 'connect' +protocol. =item B<protocolPassword> = PASSWORD -password for protocol negotiations +password for the protocol negotiations =item B<protocolUsername> = USERNAME -username for protocol negotiations +username for the protocol negotiations =item B<PSKidentity> = IDENTITY @@ -874,10 +873,26 @@ default: yes =item B<retry> = yes | no -reconnect a connect+exec section after it's disconnected +reconnect a connect+exec section after it was disconnected default: no +=item B<setgid> = GROUP (Unix only) + +Unix group id + +As a global option: setgid() to the specified group in daemon mode and clear all other groups. + +As a service-level option: set the group of the Unix socket specified with "accept". + +=item B<setuid> = USER (Unix only) + +Unix user id + +As a global option: setuid() to the specified user in daemon mode. + +As a service-level option: set the owner of the Unix socket specified with "accept". + =item B<sessionCacheSize> = NUM_ENTRIES session cache size |