aniani/icecast-server
1
0
Fork 0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2024-11-03 04:17:17 -05:00
Code

minor update to auth url

Browse Source 
svn path=/icecast/branches/kh/icecast/; revision=9710
This commit is contained in:
Karl Heyes 2005-08-07 01:32:37 +00:00
parent 94f745cb51
commit 9a08511872
2 changed files with 26 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
doc/icecast2_listenerauth.html
View File

@ -67,8 +67,13 @@ sent back then the listener connecting is allowed to continue, if not, an error
to the listener.</p> to the listener.</p>
<p>The URLs specified will invoke some web server scripts like PHP to do any work that they <p>The URLs specified will invoke some web server scripts like PHP to do any work that they
may choose to do. All that is required of the scripting language is that POST information can may choose to do. All that is required of the scripting language is that POST information can
be handled and a response header can be sent back. libcurl is used for the requesting so be handled and response headers can be sent back. libcurl is used for the requesting so
https connections can be used.</p> https connections may be possible, but be aware of the extra overhead involved.</p>
<p>The useragent sent in each curl request will represent the icecast server version. The
response headers will depend on whether the listener is to be accepted. In the case of
rejection, a response header <pre>icecast-auth-message: reason </pre> should also be returned
for placing in the log files.
</p>
<p>In order to use URL based listener authentication, you MUST configure a mount specific <p>In order to use URL based listener authentication, you MUST configure a mount specific
option. This means that you have to provide a &lt;mount&gt; section in the main icecast option. This means that you have to provide a &lt;mount&gt; section in the main icecast
config file. The following shows the list of options available :</p> config file. The following shows the list of options available :</p>
@ -82,7 +87,7 @@ config file. The following shows the list of options available :</p>
&lt;option name="remove" value="http://myauthserver.com/listener_left.php"/&gt; &lt;option name="remove" value="http://myauthserver.com/listener_left.php"/&gt;
&lt;option name="username" value="user"/&gt; &lt;option name="username" value="user"/&gt;
&lt;option name="password" value="pass"/&gt; &lt;option name="password" value="pass"/&gt;
&lt;option name="header" value="icecast-auth-user: 1"/&gt; &lt;option name="auth_header" value="icecast-auth-user: 1"/&gt;
&lt;option name="timelimit-header" value="icecast-auth-timelimit:"/&gt; &lt;option name="timelimit-header" value="icecast-auth-timelimit:"/&gt;
&lt;/authentication&gt; &lt;/authentication&gt;
&lt;/mount&gt; &lt;/mount&gt;
@ -131,9 +136,9 @@ note that each option data is escaped before being passed via POST
</pre> </pre>
<p>Again this is similar to the add option, the difference being that a duration is passed <p>Again this is similar to the add option, the difference being that a duration is passed
reflecting the number of seconds the listener was connected for </p> reflecting the number of seconds the listener was connected for </p>
<h3>header</h3> <h3>auth_header</h3>
<p>The response header returned from these requests that allows the authencation to take <p>The expected response header to be returned that allows the authencation to take
place can be stated here. The default is place may be specified here. The default is
<pre>icecast-auth-user: 1</pre> <pre>icecast-auth-user: 1</pre>
but it could can anything you like, for instance but it could can anything you like, for instance
<pre>HTTP 200 OK</pre> <pre>HTTP 200 OK</pre>
@ -142,7 +147,6 @@ but it could can anything you like, for instance
figure (which represents seconds) then that is how long the client will remain connected for. figure (which represents seconds) then that is how long the client will remain connected for.
</p> </p>
<br /> <br />
<br />
<h2>A note about players and authentication</h2> <h2>A note about players and authentication</h2>
<p>We do not have an exaustive list of players that support listener authentication. We use <p>We do not have an exaustive list of players that support listener authentication. We use
standard HTTP basic authentication, and in general, many media players support this if they standard HTTP basic authentication, and in general, many media players support this if they

18
src/auth_url.c
View File

@ -125,6 +125,16 @@ static int handle_returned_header (void *ptr, size_t size, size_t nmemb, void *s
sscanf ((char *)ptr+url->timelimit_header_len, "%u\r\n", &limit); sscanf ((char *)ptr+url->timelimit_header_len, "%u\r\n", &limit);
client->con->discon_time = global.time + limit; client->con->discon_time = global.time + limit;
} }
if (strncasecmp (ptr, "icecast-auth-message: ", 22) == 0)
{
char *eol;
snprintf (url->errormsg, sizeof (url->errormsg), "%s", (char*)ptr+22);
eol = strchr (url->errormsg, '\r');
if (eol == NULL)
eol = strchr (url->errormsg, '\n');
if (eol)
*eol = '\0';
}
} }
return (int)bytes; return (int)bytes;
@ -146,7 +156,7 @@ static auth_result url_remove_client (auth_client *auth_user)
char *username, *password, *mount, *server; char *username, *password, *mount, *server;
ice_config_t *config; ice_config_t *config;
int port; int port;
char post[1024]; char post [4096];
config = config_get_config (); config = config_get_config ();
server = util_url_escape (config->hostname); server = util_url_escape (config->hostname);
@ -199,7 +209,7 @@ static auth_result url_add_client (auth_client *auth_user)
char *agent, *user_agent, *username, *password; char *agent, *user_agent, *username, *password;
char *mount, *ipaddr, *server; char *mount, *ipaddr, *server;
ice_config_t *config; ice_config_t *config;
char post[1024]; char post [4096];
if (url->addurl == NULL) if (url->addurl == NULL)
return AUTH_OK; return AUTH_OK;
@ -243,6 +253,7 @@ static auth_result url_add_client (auth_client *auth_user)
curl_easy_setopt (url->handle, CURLOPT_URL, url->addurl); curl_easy_setopt (url->handle, CURLOPT_URL, url->addurl);
curl_easy_setopt (url->handle, CURLOPT_POSTFIELDS, post); curl_easy_setopt (url->handle, CURLOPT_POSTFIELDS, post);
curl_easy_setopt (url->handle, CURLOPT_WRITEHEADER, auth_user); curl_easy_setopt (url->handle, CURLOPT_WRITEHEADER, auth_user);
url->errormsg[0] = '\0';
res = curl_easy_perform (url->handle); res = curl_easy_perform (url->handle);
@ -254,6 +265,7 @@ static auth_result url_add_client (auth_client *auth_user)
/* we received a response, lets see what it is */ /* we received a response, lets see what it is */
if (client->authenticated) if (client->authenticated)
return AUTH_OK; return AUTH_OK;
INFO2 ("client auth (%s) failed with \"%s\"", url->addurl, url->errormsg);
return AUTH_FAILED; return AUTH_FAILED;
} }
@ -394,7 +406,7 @@ int auth_get_url_auth (auth_t *authenticator, config_options_t *options)
url_info->stream_start = strdup (options->value); url_info->stream_start = strdup (options->value);
if(!strcmp(options->name, "end")) if(!strcmp(options->name, "end"))
url_info->stream_end = strdup (options->value); url_info->stream_end = strdup (options->value);
if(!strcmp(options->name, "header")) if(!strcmp(options->name, "auth_header"))
{ {
free (url_info->auth_header); free (url_info->auth_header);
url_info->auth_header = strdup (options->value); url_info->auth_header = strdup (options->value);