mirror of
https://gitlab.xiph.org/xiph/icecast-server.git
synced 2024-11-03 04:17:17 -05:00
Fix: Announce RFC 2817 TLS Support if TLS support is enabled.
This announces TLS support if enabled via Upgrade:-header. Closes: #2159
This commit is contained in:
Philipp Schafft
parent
dbbd22f792
commit
19162018f4
@ -197,6 +197,9 @@ typedef struct ice_config_tag {
|
|||||||
|
|
||||||
ice_config_http_header_t *http_headers;
|
ice_config_http_header_t *http_headers;
|
||||||
|
|
||||||
|
/* is TLS supported by the server? */
|
||||||
|
int tls_ok;
|
||||||
|
|
||||||
relay_server *relay;
|
relay_server *relay;
|
||||||
|
|
||||||
mount_proxy *mounts;
|
mount_proxy *mounts;
|
||||||
|
|||||||
@ -192,7 +192,7 @@ static void get_ssl_certificate(ice_config_t *config)
|
|||||||
{
|
{
|
||||||
SSL_METHOD *method;
|
SSL_METHOD *method;
|
||||||
long ssl_opts;
|
long ssl_opts;
|
||||||
ssl_ok = 0;
|
config->tls_ok = ssl_ok = 0;
|
||||||
|
|
||||||
SSL_load_error_strings(); /* readable error messages */
|
SSL_load_error_strings(); /* readable error messages */
|
||||||
SSL_library_init(); /* initialize library */
|
SSL_library_init(); /* initialize library */
|
||||||
@ -224,7 +224,7 @@ static void get_ssl_certificate(ice_config_t *config)
|
|||||||
if (SSL_CTX_set_cipher_list(ssl_ctx, config->cipher_list) <= 0) {
|
if (SSL_CTX_set_cipher_list(ssl_ctx, config->cipher_list) <= 0) {
|
||||||
ICECAST_LOG_WARN("Invalid cipher list: %s", config->cipher_list);
|
ICECAST_LOG_WARN("Invalid cipher list: %s", config->cipher_list);
|
||||||
}
|
}
|
||||||
ssl_ok = 1;
|
config->tls_ok = ssl_ok = 1;
|
||||||
ICECAST_LOG_INFO("SSL certificate found at %s", config->cert_file);
|
ICECAST_LOG_INFO("SSL certificate found at %s", config->cert_file);
|
||||||
ICECAST_LOG_INFO("SSL using ciphers %s", config->cipher_list);
|
ICECAST_LOG_INFO("SSL using ciphers %s", config->cipher_list);
|
||||||
return;
|
return;
|
||||||
|
|||||||
@ -707,12 +707,13 @@ ssize_t util_http_build_header(char * out, size_t len, ssize_t offset,
|
|||||||
|
|
||||||
config = config_get_config();
|
config = config_get_config();
|
||||||
extra_headers = _build_headers(status, config, source);
|
extra_headers = _build_headers(status, config, source);
|
||||||
ret = snprintf (out, len, "%sServer: %s\r\nConnection: %s\r\nAccept-Encoding: identity\r\nAllow: %s\r\n%s%s%s%s%s%s%s",
|
ret = snprintf (out, len, "%sServer: %s\r\nConnection: %s\r\nAccept-Encoding: identity\r\nAllow: %s\r\n%s%s%s%s%s%s%s%s",
|
||||||
status_buffer,
|
status_buffer,
|
||||||
config->server_id,
|
config->server_id,
|
||||||
connection_header,
|
connection_header,
|
||||||
(client->admin_command == ADMIN_COMMAND_ERROR ?
|
(client->admin_command == ADMIN_COMMAND_ERROR ?
|
||||||
"GET, SOURCE" : "GET"),
|
"GET, SOURCE" : "GET"),
|
||||||
|
(config->tls_ok ? "Upgrade: TLS/1.0\r\n" : ""),
|
||||||
currenttime_buffer,
|
currenttime_buffer,
|
||||||
contenttype_buffer,
|
contenttype_buffer,
|
||||||
(status == 401 ? "WWW-Authenticate: Basic realm=\"Icecast2 Server\"\r\n" : ""),
|
(status == 401 ? "WWW-Authenticate: Basic realm=\"Icecast2 Server\"\r\n" : ""),
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user