[stunnel-users] Public domain [PATCH] support environment variables in config file

MichaƂ Trojnara Michal.Trojnara at stunnel.org
Tue May 31 08:05:55 CEST 2016


I'm pretty sure the use of ExpandEnvironmentStringsA() will break WCE
builds.  Please correct me if I'm wrong.

Best regards,
	Mike

On 23.05.2016 14:24, Dmitry Bakshaev wrote:
> the problem frequently occurs on the client side: admin need to
> configure stunnel for multiple users.
> every user has own key, certificate, own permissions on file system (for
> log-files, etc)
> 
> this patch allow to write flexible config.
> 
> some examples:
> cert = %USERPROFILE%\.config\my.pem (windows)
> cert = ${HOME}/.config/my.pem (other)
> 
> output = %APPDATA%\stunnel.log (windows)
> output = ${HOME}/stunnel.log (other)
> 
> CAfile = %ALLUSERSPROFILE%\ourCAbundle.crt (windows)
> CAfile = /etc/ssl/certs/ourCAbundle.crt (other, not using variables)
> 
> "secure" :) random port example:
> ...
> [srv1]
> accept = 127.0.0.1:%SRV1_PORT% (windows)
> accept = 127.0.0.1:${SRV1_PORT} (other)
> ...
> start stunnel (batch-file or shell-script):
> set SRV1_PORT=%RANDOM% (windows)
> 
> limitations:
> 1. don't support unicode on windows (localized usernames, files, etc)
> 2. only ${NAME} syntax supported on *nix (not $NAME).
> 
> 
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at stunnel.org
> https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20160531/3bd50662/attachment.sig>


More information about the stunnel-users mailing list