Le 07/05/2024 à 13:03, Daniel Stenberg a écrit :
On Tue, 7 May 2024, Patrick Monnerat via curl-library wrote:
For "Which of these features would you like to see curl support?"
- ssh proxy/tunnel
What exactly does this mean though? I've been proxying curl fine
indirectly over SSH for decades, but I always just run 'ssh -D' to
create a SOCKS proxy that curl can use...
I was rather thinking of something like 'ssh -L' provides, but without
using intermediate local sockets. There are entry points in libssh and
libssh2 that can be used to implement that feature. It would be very
handy to avoid a parallel ssh process for that, especially if you use
the library rather than the tool. In addition, an hypothetical future
rsync backend would be almost useless (except in unsecured cases)
without it, as rsync standard encryption is provided by ssh, not SSL.
- proxies stack
Is this not what --preproxy already allows at least with an additional
proxy? Or do you actually mean even more proxies in the chain? Do you
(or anyone else) actually have a real use case for this? I have not
heard of any such.
This would be a generalization of this case, allowing multilevel nested
"tunnelling" with any supporting protocol in any order, each level
adding a layer.
I think cfilters could relatively easily allow it: if we consider SSL as
a pseudo-proxy, https over https tunnel is already a particular case of
a 3-level proxy stack. We could even imagine more "matroska-like"
situations with SOCKS and suggested SSH proxies!
In short, the idea is to bring much of cfilters under user control !
And you may not have heard of it, but YOU spoke of a possible real case
use in a paper I can't find on the net anymore: it was about reaching
your home server from your corporate office network !
Patrick
--
Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html