[stunnel-users] Public domain [PATCH] support environment variables in config file

Sebastian Rose-Indorf rose-indorf at gmx.de
Sat May 28 23:23:57 CEST 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Hello Michal,

I think it would be a good idea to integrate these Patch into the next version.

Best regards
Sebastian




Von: stunnel-users [mailto:stunnel-users-bounces at stunnel.org] Im Auftrag von Dmitry Bakshaev
Gesendet: Montag, 23. Mai 2016 14:24
An: stunnel-users at stunnel.org
Betreff: [stunnel-users] Public domain [PATCH] support environment variables in config file

the problem frequently occurs on the client side: admin need to configure stunnel for multiple users.
every user has own key, certificate, own permissions on file system (for log-files, etc)
this patch allow to write flexible config.
some examples:
cert = %USERPROFILE%\.config\my.pem (windows)
cert = ${HOME}/.config/my.pem (other)

output = %APPDATA%\stunnel.log (windows)
output = ${HOME}/stunnel.log (other)
CAfile = %ALLUSERSPROFILE%\ourCAbundle.crt (windows)
CAfile = /etc/ssl/certs/ourCAbundle.crt (other, not using variables)
"secure" :) random port example:
...
[srv1]
accept = 127.0.0.1:%SRV1_PORT% (windows)
accept = 127.0.0.1:${SRV1_PORT} (other)
...
start stunnel (batch-file or shell-script):
set SRV1_PORT=%RANDOM% (windows)
limitations:
1. don't support unicode on windows (localized usernames, files, etc)
2. only ${NAME} syntax supported on *nix (not $NAME).

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1 - GPGrelay v0.962

iQPcBAEBAwAGBQJXSgyGAAoJEK6IFtCs9w5gx9Qd/3yXzhkK8Fhw8ZH8u9nNQyjp
TMVoKy4/MQNIGBYBKYGN+HIMxomuy8MkydjsIFmCrMPNwZhmvVgMZPP86bJHTs9O
+S1E28r86F/SVwlNquaIMahtL1W469jlP0e/1xLVTXVmULjaO1WqIi5oabjUKRCa
jXmc3MMXle7urr+0PRcK2dketor10cGrSFEhrgLRE4o+PmT709HRWqvx3+/XyVtU
UVGqi/tXcOrO5JsZn1IH/DJh5ku5vp48K1SqRwJM8nPsQS2S1fFOcf7Pv/wAOqgV
97GlEwihDDIdtN4RpOPAa6ESljd/6t80O0JISDgePHrSpo0BZpHoWOs3zQt7b6CR
CVhTlqM1zVTj3Jxd0QfNGm3KukYymM//LL8qGVMIvXhp7ONXw9nnGe3bhS58vZao
Unbw/jFgcyRmdwvIbb7RcyFEf+wNOcUQfeUis75UEcv/cFqix5i5c3q+ylxCLmA+
qm/9Z8afSyTAiikDUrWZJXvxWj05jNg6vHaUODkFL8gSaCENZLlce0vWvArR5ghF
Yw3o9nvxH5f6OkITWqdTWWPt3udjVKcdRnuYkqShBB29Xh4AlM64DsS/1ZCt0iV5
sAt5VVev5AA4d2y1se+Ih35fOsTDlIGSUfmCcCC9Br/W+QU6AGAyEPg0oTFNrVl3
W6JBTFnqVR0nxmpMOsWykdYZRxrdhy8d0hHKKyenFH4IApSxWp3ZtrIRwduVf15Y
FruMFUQMZL3y2hdS2/w+f88J+Il5b2yjsG+eyD0HH6rvh+3/2k9se96fmLjcikN9
bR6ovF+4ZesMzBVaH7tqJYqpLc734W9apC+f9HJB5E5F78ENXggRP8mxoLIl9Pv5
oxCGy+p1oFuXKxp+yxvPVyyjdiQdK24cAIGT/kfJiGn6b4xTXVR8yuMAn9y4XAJe
zdO8f6LqmPcUYI9QfQC8sYk/ykyO/jS5YMFOytVSAm9tZx+N3ZvEsw2FGzyLFE3J
jA01kPOyyzZs87W5ogI+O7d9hijstTSxFT8jC9rEuW3FlwOmZ9zQxE9KBUxKNYC0
nwNXuCXD6g4p5mzhJK8eD5N8cjKIRu1n2cHvtExmbHnsHs/tDqjBoyoJ8oPMogpE
Pv7r6KO9258UmocO4/wZynE9NU7FKt0B/8XG9kL6j9n8ppnKbihcZAKgXfstjSIe
6P+lrBXL60WWYVcLh14mL5BaDHhAYhKw6Km0YMg0q/0vHDwjWjjRPsthmybYuTNF
jv9QHKDpO9F8l3XLTsHfldIKniNpNfZYZMzFSuNrng==
=YbJ+
-----END PGP SIGNATURE-----


More information about the stunnel-users mailing list