Speaking of the devil, that's just what I came in today to do.
I'm using a simple gateway Dave Ragget wrote, which just takes one line
in the form of "host:port" or "host:port user:password," opens that
connection if authorized, and glues the two sockets together. It doesn't
care what the protocol is; http, ftp, gopher, or most important for me:
wais and http0. (I tried the CERN httpd as a gateway, it choked on
wais and http0.)
I hacked HTTCP.c (Mosaic's version; sorry CN) so that the HTDoConnect
call detects if the connect failed due to ENETUNREACH, EHOSTUNREACH, etc.
If it did, then it recurses to connect to the gateway machine. If the
gateway open works, and the gateway responds positively, then HTDoConnect
returns as if everything worked first time.
This now works.
The gateway can return an "unauthorized" message if you're not on a legit
network, and didn't specify a good username:password. This response is
caught, so once I figure out the HTAA* code, I think I should be able to
hook in the authorization request popup. Then, supposedly, the first
time you use the gateway from an unauthorized network you'd get prompted
for a username:password; after that, "it just works." If I understand it.
I've more cleaning up to do, particularly involving default ports, but
hopefully in a day or two I'll have some diffs to offer up.