You are here: Home » Reply

Reply To: mt-daapd over HTTPS

#3520

Adar

Okay, so I’ve tried various tunneling mechanisms since those appeared to be the easiest:

1) I set up an http tunnel between my work machine and my server at home. This was done by running “hts -F localhost:3689 50100” at home, so that the home tunnel end listens to port 50100 and forwards packets to port 3689. On the work machine, I ran “htc -P myproxy -F 4000 my.ip:50100” which set up the work tunnel end to listen on port 4000 and forward packets to my.ip:50100 through my work proxy.

Through the tunnel I can telnet, type a few things, and watch mt-daapd respond with “Bad request” in HTML. In addition, I installed howl’s mdns beacon and published “local 4000” as a daap server, and in a different machine at work I could get the DB through the HTTP tunnel.

However, it seems that httptunnel only allows one connection through at a time. As such, I could telnet or get the DB just fine, but when I tried playing a song, nothing happened. iTunes hung on “Connecting…” and telnet never responded with mt-daapd stuff. Through netstat it looked as if another connection to the home machine never occurred. Netstat on my work machine shows an established connection between telnet’s ephemeral port and the htc process, but after that I can’t tell what’s going on. My conclusion is that httptunnel only supports tunneling one connection at a time, and since iTunes tries to connect to the same published port for both DB requests and streams, I don’t know if it’ll work.

2) I briefly looked at corkscrew, but it only works with stdin/stdout, so I wasn’t sure how to leverage it in this situation, nor does it have proxy support.

3) I tried httptunnel with ssh layered over it. That is, on the home machine “hts -F localhost:22 50100”. On the work machine “htc -P myproxy -F 12345 my.ip:50100”. Then on the work machine: “ssh -p 12345 localhost -N -f -L 4000:localhost:3689”. As such, ssh was connecting to port 12345 on the work machine (one end of the tunnel) and forwarding port 4000 to port 3689 at the home machine end.

With this done, I could again telnet into the mt-daapd through the ssh tunnel. However, iTunes could not connect even to get the DB. It complained about firewall settings and not being able to establish a connection. I made sure that I was publishing a daap server of 4000 locally through howl, and I was, so I don’t know what went wrong.

Anyway, that’s the extent of my trials, and as you can see, none of them fully worked. Any ideas?