[stunnel-users] RFC: purge use of keyword 'transparent'
Michal Trojnara
Michal.Trojnara at mirt.net
Fri Jan 7 13:29:28 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Markus Borst wrote:
> I therefore counter-propose to make this option work, and make it
> work on all supported platforms. While I know that this will
> probably not be possible, since it would require a lot of
> programming work to be done, I nevertheless wanted to make it clear,
> that this option is not unnecessary and should not be simply
> discarded.
That would be great. Unfortunately required feature (commonly called
"non-local bind") is not available within standard BSD sockets
interface.
In fact the generic solution requires serious modification of TCP/IP
stacks (located in OS kernels). This is not portable and hardly
practical, especially with closed-source kernels (such us Microsoft
Windows kernel).
Things get a bit easier when "connect" target is on the same machine,
allowing for a userspace solution. Unfortunately it's still not a
portable approach. One way to achieve this goal on Windows might be
DLL injection:
https://secure.wikimedia.org/wikipedia/en/wiki/DLL_injection
Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAk0nBygACgkQ/NU+nXTHMtFLkQCfV+O775wu3PdQs0fEsn5Wdklc
RwkAnj8xZBkwnbF88Ckbo0qlyyGsfJbM
=z9qX
-----END PGP SIGNATURE-----
More information about the stunnel-users
mailing list