Stdin mode, SSL support and python-requests

README.md

@@ -13,10 +13,11 @@ will need a remote server outside of the firewall.
 
 Start the tunneld server on a remote machine. The server listens on a port
 specified by parameter `-p` for HTTP connection from a client program. 
+The `-s` parameter enables SSL.
 
-    python tunneld.py -p <listen_port> 
+    python tunneld.py [-s] -p <listen_port>
 
-The server then read the HTTP payload and send it to the target using TCP
+The server then reads the HTTP payload and sends it to the target using TCP
 connection. The target is specified by the client when establishing the tunnel. 
 
 Usually, tunneling will actually be useful when you use the default HTTP port
@@ -25,14 +26,16 @@ firewall.
 
 ### Tunnel Client 
 
-Start the tunnel client which listen on the local machine. The command needs
-local port parameter, the remote tunnel server and its port, and the target that the client want to connect to.
+Start the tunnel client which listens on the local machine. The command needs
+local port parameter, the remote tunnel server and its port, and the target that the client wants to connect to.
+The `-s` parameter enables SSL.
 
     python tunnel.py -p <client_port> -r <tunnel_server_host>:<tunnel_server_port> <target_host>:<target_port>
 
 When this command is executed, the client sends a http request to establish the
 tunnel with the remote tunnel server. The tunnel server will then establish
-a TCP connection with the target server. 
+a TCP connection with the target server. When you don't specify a port with the `-p` parameter, the client
+reads traffic from stdin and writes responses to stdout.
 
 ### Example
 
@@ -50,6 +53,10 @@ To connect to irc server using the tunnel:
     the irc server
     NICK abc
 
+To use the HTTP tunnel to encapsulate ssh connections:
+
+    ssh user@host -o "ProxyCommand=python tunnel.py -r <tunnel_server_host:tunnel_server_port> -o <proxy_addr:proxy_port> %h:%p"
+
 ## Credit: 
 
 This project was inspired by [supertunnel

certs/gen-self-signed-cert.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+openssl genrsa -out tun.key 2048
+openssl req -new -x509 -days 3650 -key tun.key -out tun.crt -subj "/CN=tun"

certs/tun.crt

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC7zCCAdegAwIBAgIJAMLZavJFarBhMA0GCSqGSIb3DQEBCwUAMA4xDDAKBgNV
+BAMMA3R1bjAeFw0xNjA2MTgwNzA1NTZaFw0yNjA2MTYwNzA1NTZaMA4xDDAKBgNV
+BAMMA3R1bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANh86KPNJogT
+GyP83FFq4o6fkvKv0R44N/AZkWCkjk8DPes1TSFQMWWX2nir8LCrTHINpYWjmy55
+0PB5nhIKIEASgiyg5ZRR40+c81+5D+D6UX9ZitIWXE+Ke71GZfwtKZXO9po67iOQ
+vU4urbPg6ZOy1Fk3yAEabptj5eMzHacvjPScODPOWzsPf+raUGsORYAICoum1U1k
+/AdXeM/0XpS3uLe9wwcb/GksbDBUsDuhdUcS/5oQQCgBxjgfu8Tubnfgb2eUDxnQ
+gq4iPnPC1Ba2gYrYhBFpioCFNL0eynuazhce0zA7RfvoF62XIhm92BCzPHtKZaV5
+8VPBEWp6K9UCAwEAAaNQME4wHQYDVR0OBBYEFEX86hJETTzyWCDixsVYtAIzMxVa
+MB8GA1UdIwQYMBaAFEX86hJETTzyWCDixsVYtAIzMxVaMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQELBQADggEBACNtlGZwDpGy5PCMyFS5OKgdd5w6zwGb8Sc5Yjn3
+962jX7uhul0MKmeYnR2ewAa6Xvc48C7IZtJZ7ElLsmaZIvxYZKwDI80NUeL2Cf4o
+GdQBoDGoZ14GaENEEgzLr56Mfq1ZgcKbP19LmeykU/+2dX2WdZ33h8d9tWCk3TYo
+1YIKV+WmtEzkjRdL+D0zUL/75d6Dqt2RA8rgeV6k0mPUXROHbRX69M8/0MI4VGSG
+JIQ00GTQFcSR9eLeK718a3P8xIJFMIQSBfAxrD+7i9MFBrW5w8UESKcfv3bjKVcA
+Kc6aOvVrHF00J/qAx6V64SbHU2ayoOMyV+WrPJsjuJakJ5c=
+-----END CERTIFICATE-----

certs/tun.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEA2Hzoo80miBMbI/zcUWrijp+S8q/RHjg38BmRYKSOTwM96zVN
+IVAxZZfaeKvwsKtMcg2lhaObLnnQ8HmeEgogQBKCLKDllFHjT5zzX7kP4PpRf1mK
+0hZcT4p7vUZl/C0plc72mjruI5C9Ti6ts+Dpk7LUWTfIARpum2Pl4zMdpy+M9Jw4
+M85bOw9/6tpQaw5FgAgKi6bVTWT8B1d4z/RelLe4t73DBxv8aSxsMFSwO6F1RxL/
+mhBAKAHGOB+7xO5ud+BvZ5QPGdCCriI+c8LUFraBitiEEWmKgIU0vR7Ke5rOFx7T
+MDtF++gXrZciGb3YELM8e0plpXnxU8ERanor1QIDAQABAoIBAQDRfP26FDknECYB
+Sxz/hEi77trKESxw68HlizhMprA28VInmyqKBAno32s/vlJpAzo0W9RCX7E45hQz
+v9wgZMAUgFSLTx8ZyawHTD+N74zYDiJy83kMFys4pS9cVxU1U5acKuwjDseGjvdB
+ApaALDKbBD/MHdhiiOtjXuYEV2BoeCkHeh7+0G9UTtxgxoEClAlGMuIas7bkBSIg
+aY59etbcWjlS9eX4fTZw+Jyw6zBA6weps1Z8iKoyy8DDLcN5ohfEg7b9vDAPVMPZ
+85Xslwl5+RWeczna45ta1vKAG8tActz4FzstyL8K/6K8YuIPdSLE2DysjyWBnNgo
+dwYVB805AoGBAPXpcCLL5QdqTnxoO0DjsgMAPJYLdd5LVVmFwsZmK6JjE/WXfszW
+rnxxSg9FAUdqlw4mO6Qsk/hppo3hn/UzZHzj7Ji9uZdJOwE3ootd17erhD1R6h8s
++XgwGJPagdaFenrgiS06s7DmqNmPyc9LB2dxzBn4KclOTZ/282mHVw5TAoGBAOFe
+dgSgJSSM+AHO50tdU3G2Kyf5eIuh9ozSo6UvTZDRlftw+7bkWu9x/51EKouOWVm3
+I9gMqhX7MJHqsVHQLJXH3d1by3n9DI9D+kdcfgnzZIRgKiTtGkxu0cyTBB4gvtEQ
+3WAetFBWwIPpOK6Vr25onwh20wAsX+Am2hxi7og3AoGBAJk5OeDEkNE9AOhtfbYh
+6fIKvLV1MJ0w7V5ZhRJf6QJGn9If8icqARCS+mVnRrO8C6EKW5EhIZXgJqIzGpsK
+yaszzWEinjhQrc5FXyddcqMD4OLgXnPMbyjfNwExXkNPahCURYUEFaC9KCpfeIyM
+IHHpKxZnVYoUGzP4CJURekH3AoGADZ8A8Qyg0hG3F5ziu9pbJb9F4neggof6d85v
+V5eBT6RrNTRB8m7g1CIGugGZtK+Y1ORNxUwWp5dz+w29Q92aJD9dOHjI1omlza7l
+HJUJhR5xz9JkGbE+6qm0AnJMSGngPpCPYLTaXxSvNAnPhDXF0Z1/JyrPW+5SqSCQ
+BDEyi4cCgYEA3TCZb4mfAWZLO9JYNXvvtf1aP1ZEqHth9FVvJmmM/yBlTjpQ6Ahq
+rkcc1EIpOVfuorIfmO8BIq3BmVm+DxyVBUx8rH7fmP/+zSUnuBiXxl0HU6ZMEgvV
+ggxoP99G1IIQmd/Ph0MlSTer4Zjc95WGlBYlLBkkNS5Q1rkCJUIx4Mk=
+-----END RSA PRIVATE KEY-----