mirror of
https://gitlab.xiph.org/xiph/icecast-server.git
synced 2024-11-03 04:17:17 -05:00
minor update to auth url
svn path=/icecast/branches/kh/icecast/; revision=9710
This commit is contained in:
parent
94f745cb51
commit
9a08511872
@ -67,8 +67,13 @@ sent back then the listener connecting is allowed to continue, if not, an error
|
||||
to the listener.</p>
|
||||
<p>The URLs specified will invoke some web server scripts like PHP to do any work that they
|
||||
may choose to do. All that is required of the scripting language is that POST information can
|
||||
be handled and a response header can be sent back. libcurl is used for the requesting so
|
||||
https connections can be used.</p>
|
||||
be handled and response headers can be sent back. libcurl is used for the requesting so
|
||||
https connections may be possible, but be aware of the extra overhead involved.</p>
|
||||
<p>The useragent sent in each curl request will represent the icecast server version. The
|
||||
response headers will depend on whether the listener is to be accepted. In the case of
|
||||
rejection, a response header <pre>icecast-auth-message: reason </pre> should also be returned
|
||||
for placing in the log files.
|
||||
</p>
|
||||
<p>In order to use URL based listener authentication, you MUST configure a mount specific
|
||||
option. This means that you have to provide a <mount> section in the main icecast
|
||||
config file. The following shows the list of options available :</p>
|
||||
@ -82,7 +87,7 @@ config file. The following shows the list of options available :</p>
|
||||
<option name="remove" value="http://myauthserver.com/listener_left.php"/>
|
||||
<option name="username" value="user"/>
|
||||
<option name="password" value="pass"/>
|
||||
<option name="header" value="icecast-auth-user: 1"/>
|
||||
<option name="auth_header" value="icecast-auth-user: 1"/>
|
||||
<option name="timelimit-header" value="icecast-auth-timelimit:"/>
|
||||
</authentication>
|
||||
</mount>
|
||||
@ -131,9 +136,9 @@ note that each option data is escaped before being passed via POST
|
||||
</pre>
|
||||
<p>Again this is similar to the add option, the difference being that a duration is passed
|
||||
reflecting the number of seconds the listener was connected for </p>
|
||||
<h3>header</h3>
|
||||
<p>The response header returned from these requests that allows the authencation to take
|
||||
place can be stated here. The default is
|
||||
<h3>auth_header</h3>
|
||||
<p>The expected response header to be returned that allows the authencation to take
|
||||
place may be specified here. The default is
|
||||
<pre>icecast-auth-user: 1</pre>
|
||||
but it could can anything you like, for instance
|
||||
<pre>HTTP 200 OK</pre>
|
||||
@ -142,7 +147,6 @@ but it could can anything you like, for instance
|
||||
figure (which represents seconds) then that is how long the client will remain connected for.
|
||||
</p>
|
||||
<br />
|
||||
<br />
|
||||
<h2>A note about players and authentication</h2>
|
||||
<p>We do not have an exaustive list of players that support listener authentication. We use
|
||||
standard HTTP basic authentication, and in general, many media players support this if they
|
||||
|
@ -125,6 +125,16 @@ static int handle_returned_header (void *ptr, size_t size, size_t nmemb, void *s
|
||||
sscanf ((char *)ptr+url->timelimit_header_len, "%u\r\n", &limit);
|
||||
client->con->discon_time = global.time + limit;
|
||||
}
|
||||
if (strncasecmp (ptr, "icecast-auth-message: ", 22) == 0)
|
||||
{
|
||||
char *eol;
|
||||
snprintf (url->errormsg, sizeof (url->errormsg), "%s", (char*)ptr+22);
|
||||
eol = strchr (url->errormsg, '\r');
|
||||
if (eol == NULL)
|
||||
eol = strchr (url->errormsg, '\n');
|
||||
if (eol)
|
||||
*eol = '\0';
|
||||
}
|
||||
}
|
||||
|
||||
return (int)bytes;
|
||||
@ -146,7 +156,7 @@ static auth_result url_remove_client (auth_client *auth_user)
|
||||
char *username, *password, *mount, *server;
|
||||
ice_config_t *config;
|
||||
int port;
|
||||
char post[1024];
|
||||
char post [4096];
|
||||
|
||||
config = config_get_config ();
|
||||
server = util_url_escape (config->hostname);
|
||||
@ -199,7 +209,7 @@ static auth_result url_add_client (auth_client *auth_user)
|
||||
char *agent, *user_agent, *username, *password;
|
||||
char *mount, *ipaddr, *server;
|
||||
ice_config_t *config;
|
||||
char post[1024];
|
||||
char post [4096];
|
||||
|
||||
if (url->addurl == NULL)
|
||||
return AUTH_OK;
|
||||
@ -243,6 +253,7 @@ static auth_result url_add_client (auth_client *auth_user)
|
||||
curl_easy_setopt (url->handle, CURLOPT_URL, url->addurl);
|
||||
curl_easy_setopt (url->handle, CURLOPT_POSTFIELDS, post);
|
||||
curl_easy_setopt (url->handle, CURLOPT_WRITEHEADER, auth_user);
|
||||
url->errormsg[0] = '\0';
|
||||
|
||||
res = curl_easy_perform (url->handle);
|
||||
|
||||
@ -254,6 +265,7 @@ static auth_result url_add_client (auth_client *auth_user)
|
||||
/* we received a response, lets see what it is */
|
||||
if (client->authenticated)
|
||||
return AUTH_OK;
|
||||
INFO2 ("client auth (%s) failed with \"%s\"", url->addurl, url->errormsg);
|
||||
return AUTH_FAILED;
|
||||
}
|
||||
|
||||
@ -394,7 +406,7 @@ int auth_get_url_auth (auth_t *authenticator, config_options_t *options)
|
||||
url_info->stream_start = strdup (options->value);
|
||||
if(!strcmp(options->name, "end"))
|
||||
url_info->stream_end = strdup (options->value);
|
||||
if(!strcmp(options->name, "header"))
|
||||
if(!strcmp(options->name, "auth_header"))
|
||||
{
|
||||
free (url_info->auth_header);
|
||||
url_info->auth_header = strdup (options->value);
|
||||
|
Loading…
Reference in New Issue
Block a user