Hi - I'm back to trying to run Stunnel with a different user certificate for each user. So far, the best technique I've found is to have a separate stunnel.conf for each user (in their home directory, which is referenced by envvar %USERPROFILE%), and run stunnel using that configuration file.
As part of that, I'm trying to generically reference file locations (log, user certificates) in the .conf. But I haven't found a way short of fully pathing the locations in the .conf e.g. "output=c:\users\dbucci\stunnel\stunnel.log".
That's undesirable, because it means I have to make every user's .conf unique.
So ... is there a generic way to accomplish this? I've tried setting the "Start In" location in the Windows shortcut to that location (via envvar %USERPROFILE%, which allows me to make every user's shortcut generic), then saying "output=.\stunnel.log", but without success - it seems to always be using c:\program files\stunnel as it's starting point for reference. Likewise, the envvar isn't usable in the .conf
Note that I thought about creating a subdir per user in C:\program files\stunnel (with appropriate perms for that user), but can't, because in many of our deployment locations, users aren't permitted to write to c:\program files.
Btw, this is why I'm asking about the commandline parms in Windows - I don't seem to be able to get them to work, but if I could, I could say e.g. "-o %USERPROFILE%\stunnel\stunnel.log", and that would work generically for every user. Likewise, I could use "-A %USERPROFILE&\stunnel\usercert.pem" and have a generic way of installing user certs. Heck, if I could set ALL the options via command line (-c, -r, etc.) I would love to simply do away with a user-specific .conf file.
So ... sorry for rambling a bit, but any help with the intent of what I'm trying to accomplish, make as generic as possible a user-specific config setup?
Thx!
---- David G. Bucci
Chuck Norris can kick through all 6 degrees of separation, hitting anyone, anywhere, in the face, at any time. -- ChuckNorrisFacts.com
On Mon, 2010-09-20 06:33:34 -0400, Bucci, David G wrote:
[..]
Heck, if I could set ALL the options via command line (-c, -r, etc.) I would love to simply do away with a user-specific .conf file.
How about writing a batch (or shell script) that generates a custom configuration file and then starts stunnel?
The configuration file syntax is simple, and a batch should have access to all environment variables (and other OS stuff, if needed).
HTH,
Ludolf
Yup, that's what it looks like we'll end up doing - played around with it, and couldn't get any generic form of pathing to the files to work, nor the command line argument driven approach. Thx.
-----Original Message----- From: Ludolf Holzheid [mailto:lholzheid@bihl-wiedemann.de] Sent: Monday, September 20, 2010 6:45 AM To: stunnel-users@mirt.net Cc: Bucci, David G Subject: EXTERNAL: Re: [stunnel-users] Generically referencing file locations in stunnel.conf
On Mon, 2010-09-20 06:33:34 -0400, Bucci, David G wrote:
[..]
Heck, if I could set ALL the options via command line (-c, -r, etc.) I would love to simply do away with a user-specific .conf file.
How about writing a batch (or shell script) that generates a custom configuration file and then starts stunnel?
The configuration file syntax is simple, and a batch should have access to all environment variables (and other OS stuff, if needed).
HTH,
Ludolf
-
Bucci, David G -
Ludolf Holzheid