[stunnel-users] Public domain [PATCH] support environment variables in config file

Dmitry Bakshaev dab1818 at gmail.com
Mon May 23 14:24:17 CEST 2016


the problem frequently occurs on the client side: admin need to configure
stunnel for multiple users.
every user has own key, certificate, own permissions on file system (for
log-files, etc)

this patch allow to write flexible config.

some examples:
cert = %USERPROFILE%\.config\my.pem (windows)
cert = ${HOME}/.config/my.pem (other)

output = %APPDATA%\stunnel.log (windows)
output = ${HOME}/stunnel.log (other)

CAfile = %ALLUSERSPROFILE%\ourCAbundle.crt (windows)
CAfile = /etc/ssl/certs/ourCAbundle.crt (other, not using variables)

"secure" :) random port example:
...
[srv1]
accept = 127.0.0.1:%SRV1_PORT% (windows)
accept = 127.0.0.1:${SRV1_PORT} (other)
...
start stunnel (batch-file or shell-script):
set SRV1_PORT=%RANDOM% (windows)

limitations:
1. don't support unicode on windows (localized usernames, files, etc)
2. only ${NAME} syntax supported on *nix (not $NAME).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160523/9b6df70e/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stunnel-5.32-env_expanded_config.patch
Type: text/x-diff
Size: 2582 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160523/9b6df70e/attachment.patch>


More information about the stunnel-users mailing list