[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: builtin httpd + pub dirs = snafu
On Jun 22, 2011, at 4:10 AM, Rhialto wrote:
> What I imagine is a little program that sits on the https or http port,
> accepts connections, determines whether it is ssh or http, does some
> plumbing and gets out of the way.
You could start with plug-gw from the TIS FWTK. Of course, if the local
firewall was doing it's job, it would already be forcing HTTP and HTTPS
through an HTTP-aware proxy which would block attempts to put other
protocols like SSH through.
> Determining the protocol ought to be possible. HTTP servers expect an
> immediate GET request. SSH servers first issue a prompt before a client
> reply is due. So if the little program first waits for half a second or
> so to see if a HTTP request comes in, and otherwise assumes SSH, this
> should be good enough.
Indeed. Just make sure you don't upset the locals by violating their
security policies. :-)
>  as far as I know there is no way to plumb two file descriptors
> together, a read and a write one, both open in the current program, such
> that the current process gets taken out of the loop and data written to
> the one are immediately available on the other. That would be very
> useful for a utility like this.
Unix domain sockets?
>  and while we're thinking up new plumbing operations, a pipe cutter
> that interposes a process into the data stream of a single existing pipe
> or other file descriptor would be useful too.
Main Index |
Thread Index |