[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-httpd-dev
Subject: Re: Injecting HTTP request without using standard socket
From: William A Rowe Jr <wrowe () rowe-clan ! net>
Date: 2015-07-18 0:49:31
Message-ID: CACsi252f-BaJBUroGVtgLbRb-_zwLfHi4U-jCjKrpPRCJD2Xjw () mail ! gmail ! com
[Download RAW message or body]
I'd fork the event or worker MPM module. Sadly, we have never decoupled
transport from the MPM model, but the solution would just work.
On Jul 17, 2015 16:25, "Phil Lello" <phil@dunlop-lello.uk> wrote:
> Hi all,
>
> I'm currently developing a pseudo-VPN service, and would like to be able
> to inject requests (and process responses) without going through the stock
> HTTP/HTTPS endpoints.
>
> Is this possible purely as a module, or would I need to have a custom
> HTTPD? I think this touches on the proxy enhancements which I believe are
> on this list.
>
> What I'm trying to achieve at the pseudo-VPN layer is server selection
> based on purely the first line of the HTTP request, or in the case of
> HTTPS, by picking a server from SNI. I want to prefix a small header
> (probably just the sockaddr struct) on requests coming out of the VPN, then
> send that plus the request payload on to apache. This will then be used to
> set the REMOTE_HOST. X-Forwarded-For isn't an option as I want to pass
> encrypted traffic on for processing by the normal httpd code.
>
> I am considering using one of UNIX-domain sockets, TCP/IP sockets, or an
> API binding to the VPN as the transport layer for requests, so want to
> inject packets/consume responses somewhere just after the normal apache
> listen, once the REMOTE_HOST has been decoded.
>
> Thanks for any pointers on this - I'm currently too buried in the VPN code
> to learn the HTTPD API at the moment, but want get an idea for if my
> current architecture can work the way I want - I'm also trying to avoid
> taking on more code maintenance that I need to.
>
> Phil
>
[Attachment #3 (text/html)]
<p dir="ltr">I'd fork the event or worker MPM module. Sadly, we have never \
decoupled transport from the MPM model, but the solution would just work.</p> <div \
class="gmail_quote">On Jul 17, 2015 16:25, "Phil Lello" <<a \
href="mailto:phil@dunlop-lello.uk">phil@dunlop-lello.uk</a>> wrote:<br \
type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div \
dir="ltr"><div><div><div><div><div><div>Hi all,<br><br></div>I'm currently \
developing a pseudo-VPN service, and would like to be able to inject requests (and \
process responses) without going through the stock HTTP/HTTPS \
endpoints.<br><br></div>Is this possible purely as a module, or would I need to have \
a custom HTTPD? I think this touches on the proxy enhancements which I believe are on \
this list.<br><br></div>What I'm trying to achieve at the pseudo-VPN layer is \
server selection based on purely the first line of the HTTP request, or in the case \
of HTTPS, by picking a server from SNI. I want to prefix a small header (probably \
just the sockaddr struct) on requests coming out of the VPN, then send that plus the \
request payload on to apache. This will then be used to set the REMOTE_HOST. \
X-Forwarded-For isn't an option as I want to pass encrypted traffic on for \
processing by the normal httpd code.<br><br></div>I am considering using one of \
UNIX-domain sockets, TCP/IP sockets, or an API binding to the VPN as the transport \
layer for requests, so want to inject packets/consume responses somewhere just after \
the normal apache listen, once the REMOTE_HOST has been decoded.<br><br></div>Thanks \
for any pointers on this - I'm currently too buried in the VPN code to learn the \
HTTPD API at the moment, but want get an idea for if my current architecture can work \
the way I want - I'm also trying to avoid taking on more code maintenance that I \
need to.<br><br></div>Phil<br></div> </blockquote></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic