Simple Socket-over-HTTP bridge

Have you ever been behind a restricted firewall that only allows HTTP/HTTPS requests, but blocks you from checking Mail via IMAP or sending Mail via SMTP?

If so, this Socket-over-HTTP Bridge can save you the day. However, you need access to an Apache/WSGI enabled server that can act as the other side of the bridge.

How does it work?

Baiscally, it spawns a server socket on your local machine and wraps any transfer in HTTP requests to the remote Apache/WSGI system. The WSGI application can finalizes your connection and sends the result back via HTTP. Everything is base64/json encapsulated and can optinally run over HTTPS. However, a great amount of overhead is necessary for the encapsulation as well as the polling of the remote socket over HTTP requests.

Quick tests with Thunderbird and SSH were quite promising.

Setup Guide

Edit sockpy.ini and place your username here. Leave the password field blank for now. If necessary, specify a proxy server as well. Then, add a section for each connection containing localport, remotehost and remoteport as required.

Upon first startup, sockpy will ask for your password and store it obfuscatedly in its configuratoin file - be aware, it's just obfuscated, there is no encryption!

On the server, be sure to run WSGI in daemon mode and allow only one instance and one thread - we need a global variable for all our connections. Thus, add:

WSGIScriptAlias / /home/admin/sockpy/sockpy.wsgi
WSGIDaemonProcess sockpy processes=1 threads=1
WSGIProcessGroup sockpy

to the VirtualHost directive you would like to use sockpy with in your Apache configuration file.

The sockpy.wsgi application defaults to mySQL based authentication. I was too lazy to implement the authentication stuff in separate modules, so either reimplement your login() method or adapt the mySQL configuration to suit your needs. The implemented authentication is designed for a PostifxAdmin database.

Usage

Simply fire up sockpy on your client and configure your application to connect to localhost on the localport you specified. Your application should run normally, with all traffic being redirected over your newly created HTTP bridge.

Sample configuration file:

[General]
username = myRemoteUsername
password =
proxy = myProxyUrl:8080
host = https://my.remote.host

[server-imap]
localport = 1143
remoteport = 143
remotehost = localhost

[server-smtp]
localport = 1125
remoteport = 25
remotehost = localhost

This will configure SMTP and IMAP access to your remote machine on local ports 1125 and 1143, respectively.

Download

Find the complete sourcecode in my Mercurial repository: http://www.aboehler.at/hg/sockpy

A cx_freeze Windows version will be available shortly.