# TCP over HTTP
[![Build Status](https://drone.communiquons.org/api/badges/pierre/tcp-over-http/status.svg)](https://drone.communiquons.org/pierre/tcp-over-http)

This project aims to provide an easy-to-setup TCP forwarding solution:

```
|--------|              |--------|                     |--------|              | -------|
|        |              | Client |                     | Server |              |        |
| Client | -- TCP xx -- |        | -- HTTP 80 / 443 -- |        | -- TCP xx -- | Server |
|        |              |  Relay |                     |  Relay |              |        |
|--------|              |--------|                     |--------|              |--------|
```

This project can be used especially to bypass firewalls that blocks traffics
from ports others than the HTTP / HTTPS ports. The TCP traffic is encapsulated inside an
HTTP WebSocket between the client and the server relays.

## Authentication
The client can authenticate against the server relays through two different means:

* Using a token (the server relay can have several tokens at the same time)
* Using a client TLS certificate. In this case, the server relay must act as a HTTPS server, and you must provide the
  server the required certificates / key files in PEM format. It is also possible to provide the  server a CRL file.


## Binary
This repository contains a single binary which can be used as a server or a client, depending of command line arguments:

* Server mode: Act as a server relay. In case of token authentication (NOT TLS authentication), it can be put behind a reverse proxy.
* Client mode: Act as a client relay. It basically does three things:
  * Fetch the list of forwared ports configuration from the server
  * Listen to these port locally
  * When a connection occurs on one of these ports, it forward the data exchanged by the socket to and from the server.

A single server - client relay pair can relay multiple ports simultaneously from the same machine.