diff -cr stunnel-3.8/stunnel.8.in stunnel-3.8.man/stunnel.8.in
*** stunnel-3.8/stunnel.8.in	Tue Feb 15 09:13:15 2000
--- stunnel-3.8.man/stunnel.8.in	Fri Jun  9 23:07:00 2000
***************
*** 1,16 ****
! .TH STUNNEL 8 "10 June 1999"
  .SH NAME
  stunnel \- universal SSL tunnel
  .SH SYNOPSIS
  .B stunnel
! [-T] [-p pemfile] [-v level] [-a directory]
! [-t timeout] [-u username] [-n protocol]
! [-d [ip:]port [-f]] [ -l program | -r [ip:]port | -L program [-- args] ]
  .PP
  .B stunnel
! {-c} [-p pemfile] [-v level] [-a directory]
! [-t timeout] [-u username] [-n protocol]
! -r [ip:]port [ -d [ip:]port [-f] | -l program | -L program [-- args] ]
  .SH DESCRIPTION
  The \fBstunnel\fR program is designed to work as \fISSL\fR encryption wrapper 
  between remote clients and local (\fIinetd\fR-startable) or remote
--- 1,38 ----
! .TH STUNNEL 8 "10 June 2000"
  .SH NAME
  stunnel \- universal SSL tunnel
  .SH SYNOPSIS
  .B stunnel
! [-T]
! [-D level]
! [-C cipherlist]
! [-p pemfile]
! [-v level]
! [-a directory]
! [-t timeout]
! [-u username]
! [-s username]
! [-g groupname]
! [-n protocol]
! [-d [host:]port [-f] ]
! [ -r [host:]port | { -l | -L }  program [-- args] ]
  .PP
  .B stunnel
! -c
! [-p pemfile]
! [-D level]
! [-C cipherlist]
! [-v level]
! [-a directory]
! [-t timeout]
! [-u username]
! [-n protocol]
! [-d [host:]port [-f] ]
! [ -r [host:]port | { -l | -L } program [-- args] ]
! .PP
! .B stunnel
! [-h | -V]
! 
  .SH DESCRIPTION
  The \fBstunnel\fR program is designed to work as \fISSL\fR encryption wrapper 
  between remote clients and local (\fIinetd\fR-startable) or remote
***************
*** 27,32 ****
--- 49,74 ----
  This product includes cryptographic software written by
  Eric Young (eay@cryptsoft.com)
  .SH OPTIONS
+ .B -h
+ Print stunnel help menu
+ .PP
+ .B -V
+ Print stunnel version and compile options
+ .PP
+ .B -D level
+ Debugging level
+ .RS
+ Level is a number between 0 (no logging at all) and 7 (show
+ lots of debugging info)
+ .RE
+ .PP
+ .B -C cipherlist
+ Select permitted SSL ciphers
+ .RS
+ A list of the ciphers to allow in the SSL connection,
+ joined together with a colon.  For example DES-CBC3-SHA:IDEA-CBC-MD5
+ .RE
+ .PP
  .B -c
  client mode (remote service uses SSL)
  .RS
***************
*** 46,54 ****
  .B -v level
  verify peer certificate
  .RS
! level 1 - verify peer certificate if present
  level 2 - verify peer certificate
! level 3 - verify peer with locally installed certificate
  default: no verify
  .RE
  .PP
--- 88,99 ----
  .B -v level
  verify peer certificate
  .RS
! .nf
! level 1 - verify peer certificate
!           if present
  level 2 - verify peer certificate
! level 3 - verify peer with locally
!           installed certificates
  default: no verify
  .RE
  .PP
***************
*** 73,79 ****
  currenty supported: smtp
  .RE
  .PP
! .B -d [ip:]port
  daemon mode (ip defaults to INADDR_ANY)
  .RS
  default: inetd mode
--- 118,124 ----
  currenty supported: smtp
  .RE
  .PP
! .B -d [host:]port
  daemon mode (ip defaults to INADDR_ANY)
  .RS
  default: inetd mode
***************
*** 105,111 ****
  setgid() to groupname in daemon mode. Clears all other groups.
  .RE
  .PP
! .B -r [ip:]port
  connect to remote service
  .RS
  (ip defaults to INADDR_LOOPBACK)
--- 150,156 ----
  setgid() to groupname in daemon mode. Clears all other groups.
  .RE
  .PP
! .B -r [host:]port
  connect to remote service
  .RS
  (ip defaults to INADDR_LOOPBACK)
diff -cr stunnel-3.8/stunnel.c stunnel-3.8.man/stunnel.c
*** stunnel-3.8/stunnel.c	Thu Feb 24 03:32:27 2000
--- stunnel-3.8.man/stunnel.c	Fri Jun  9 23:13:59 2000
***************
*** 873,894 ****
  static void print_help()
  {
      fprintf(stderr,
!         "\nstunnel [-T] [-p pemfile] [-v level] [-a directory]"
!         "\n\t[-t timeout] [-u username] [-n protocol]"
  #ifndef USE_WIN32
!         "\n\t[-d [ip:]port [-f]]"
!         "\n\t[ -l program | -r [ip:]port | -L program [-- args] ]"
  #else
!         "\n\t-d [ip:]port -r [ip:]port"
  #endif
!         "\nstunnel {-c} [-p pemfile] [-v level] [-a directory]"
!         "\n\t[-t timeout] [-u username] [-n protocol]"
  #ifndef USE_WIN32
!         "\n\t-r [ip:]port"
!         "\n\t[ -d [ip:]port [-f] | -l program | -L program [-- args] ]"
  #else
!         "\n\t-r [ip:]port -d [ip:]port"
  #endif
          "\n\n  -c\t\tclient mode (remote service uses SSL)"
          "\n\t\tdefault: server mode"
          "\n  -T\t\ttransparent proxy mode (on hosts that support it)"
--- 873,916 ----
  static void print_help()
  {
      fprintf(stderr,
!     	/* Server execution */
! 	"\nstunnel [-T] "
! 	"[-D level] "
! 	"[-C cipherlist] "
! 	"[-p pemfile] "
! 	"\n\t[-v level] "
! 	"[-a directory] "
! 	"[-t timeout] "
! 	"[-u username] "
! 	"\n\t[-s username] "
! 	"[-g groupname] "
! 	"[-n protocol]"
  #ifndef USE_WIN32
! 	"\n\t[-d [host:]port [-f] ] "
! 	"\n\t[-r [host:]port | { -l | -L }  program [-- args] ] "
  #else
! 	"\n\t-d [host:]port -r [host:]port"
  #endif
! 
! 	/* Client execution */
! 	"\n\n\nstunnel -c "
! 	"[-D level] "
! 	"[-C cipherlist] "
! 	"[-p pemfile] "
! 	"\n\t[-v level] "
! 	"[-a directory] "
! 	"[-t timeout] "
! 	"[-u username] "
! 	"\n\t[-n protocol] "
  #ifndef USE_WIN32
! 	"\n\t[-d [host:]port [-f] ] "
! 	"\n\t[-r [host:]port | { -l | -L }  program [-- args] ] "
  #else
! 	"\n\t-d [host:]port -r [host:]port"
  #endif
+ 
+ 
+ 	/* Argument notes */
          "\n\n  -c\t\tclient mode (remote service uses SSL)"
          "\n\t\tdefault: server mode"
          "\n  -T\t\ttransparent proxy mode (on hosts that support it)"
diff -cr stunnel-3.8/stunnel.html stunnel-3.8.man/stunnel.html
*** stunnel-3.8/stunnel.html	Tue Feb 15 09:13:15 2000
--- stunnel-3.8.man/stunnel.html	Fri Jun  9 23:19:16 2000
***************
*** 6,19 ****
  stunnel - universal SSL tunnel
  <P><DT><H2>SYNOPSIS</H2><DD>
  <B>stunnel</B>
! [-T] [-p pemfile] [-v level] [-a directory]
! [-t timeout] [-u username] [-n protocol]
! [-d [ip:]port [-f]] [ -l program | -r [ip:]port | -L program [-- args] ]
  <P>
  <B>stunnel</B>
! {-c} [-p pemfile] [-v level] [-a directory]
! [-t timeout] [-u username] [-n protocol]
! -r [ip:]port [ -d [ip:]port [-f] | -l program | -L program [-- args] ]
  <P><DT><H2>DESCRIPTION</H2><DD>
  The <B>stunnel</B> program is designed to work as <I>SSL</I> encryption wrapper 
  between remote clients and local (<I>inetd</I>-startable) or remote
--- 6,41 ----
  stunnel - universal SSL tunnel
  <P><DT><H2>SYNOPSIS</H2><DD>
  <B>stunnel</B>
! [-T]
! [-D level]
! [-C cipherlist]
! [-p pemfile]
! [-v level]
! [-a directory]
! [-t timeout]
! [-u username]
! [-s username]
! [-g groupname]
! [-n protocol]
! [-d [host:]port [-f] ]
! [ -r [host:]port | { -l | -L }  program [-- args] ]
  <P>
  <B>stunnel</B>
! -c
! [-p pemfile]
! [-D level]
! [-C cipherlist]
! [-v level]
! [-a directory]
! [-t timeout]
! [-u username]
! [-n protocol]
! [-d [host:]port [-f] ]
! [ -r [host:]port | { -l | -L } program [-- args] ]
! <P>
! <B>stunnel</B>
! [-h | -V]
! 
  <P><DT><H2>DESCRIPTION</H2><DD>
  The <B>stunnel</B> program is designed to work as <I>SSL</I> encryption wrapper 
  between remote clients and local (<I>inetd</I>-startable) or remote
***************
*** 30,35 ****
--- 52,77 ----
  This product includes cryptographic software written by
  Eric Young (<A HREF="MAILTO:eay@cryptsoft.com">eay@cryptsoft.com</A>)
  <P><DT><H2>OPTIONS</H2><DD>
+ <B>-h</B>
+ Print stunnel help menu
+ <P>
+ <B>-V</B>
+ Print stunnel version and compile options
+ <P>
+ <B>-D level</B>
+ Debugging level
+ <BLOCKQUOTE>
+ Level is a number between 0 (no logging at all) and 7 (show
+ lots of debugging info)
+ </BLOCKQUOTE>
+ <P>
+ <B>-C cipherlist</B>
+ Select permitted SSL ciphers
+ <BLOCKQUOTE>
+ A list of the ciphers to allow in the SSL connection,
+ joined together with a colon.  For example DES-CBC3-SHA:IDEA-CBC-MD5
+ </BLOCKQUOTE>
+ <P>
  <B>-c</B>
  client mode (remote service uses SSL)
  <BLOCKQUOTE>
***************
*** 49,57 ****
  <B>-v level</B>
  verify peer certificate
  <BLOCKQUOTE>
! level 1 - verify peer certificate if present
  level 2 - verify peer certificate
! level 3 - verify peer with locally installed certificate
  default: no verify
  </BLOCKQUOTE>
  <P>
--- 91,101 ----
  <B>-v level</B>
  verify peer certificate
  <BLOCKQUOTE>
! <PRE>level 1 - verify peer certificate
!           if present
  level 2 - verify peer certificate
! level 3 - verify peer with locally
!           installed certificates
  default: no verify
  </BLOCKQUOTE>
  <P>
***************
*** 76,82 ****
  currenty supported: smtp
  </BLOCKQUOTE>
  <P>
! <B>-d [ip:]port</B>
  daemon mode (ip defaults to INADDR_ANY)
  <BLOCKQUOTE>
  default: inetd mode
--- 120,126 ----
  currenty supported: smtp
  </BLOCKQUOTE>
  <P>
! <B>-d [host:]port</B>
  daemon mode (ip defaults to INADDR_ANY)
  <BLOCKQUOTE>
  default: inetd mode
***************
*** 106,113 ****
  <B>-g groupname</B>
  <BLOCKQUOTE>
  setgid() to groupname in daemon mode. Clears all other groups.
  <P>
! <B>-r [ip:]port</B>
  connect to remote service
  <BLOCKQUOTE>
  (ip defaults to INADDR_LOOPBACK)
--- 150,158 ----
  <B>-g groupname</B>
  <BLOCKQUOTE>
  setgid() to groupname in daemon mode. Clears all other groups.
+ </BLOCKQUOTE>
  <P>
! <B>-r [host:]port</B>
  connect to remote service
  <BLOCKQUOTE>
  (ip defaults to INADDR_LOOPBACK)