1
0
mirror of https://gitlab.xiph.org/xiph/icecast-server.git synced 2024-12-04 14:46:30 -05:00
Commit Graph

22 Commits

Author SHA1 Message Date
Philipp Schafft
bdcf008b7c Added <event>: Unified handling of events.
<event> has been added and can be used within <kartoffelsalat>
both in <icecast> and <mount>.
<event> takes backend depending <option> child tags.
Currently supported backends:
 - log: send message to error log.
 - exec: executes a program or script.
 - url: delivers the event via HTTP.

within <mount> <on-connect> and <on-disconnect> has been replaced by
<event>. Config parser can on-the-fly convert old tags.
Also <authentication type="url"> within <mount> has been fixed
for those cases with <option name="mount_add" .../> and
<option name="mount_remove" .../> which are now on-the-fly converted
by the parser to corresponding <event> tags.

Please also see TAGs added as per #2098. Some include hints for
documentation updates needed after this change. Those updates
should take place before 2.4.2.
2014-12-08 00:39:57 +00:00
Marvin Scholz
1bf41cfdb6 Epic Git migration commit
Added .gitignore and submodules
Changed paths to match new location of things
2014-12-02 22:50:57 +01:00
Philipp Schafft
a642cac542 Wow. Mega patch!
This patch *replaces* the authentication system completly.

What is new:
 - <authentication> in mount section is now a container object.
 - <authentication> in root and mount section may hold any number of <role>-Tags.
 - <role> tags:
   Those tags define a 'role' and it's ACL rules.
   A role is a instance of an authentication module (see below).
   <role> takes the following options. All but type are optional.
   - authentication related:
     - type: Type of the authentication module (values: anonymous, static, legacy-password, url or htpasswd;
             symbolic constants in auth.h)
     - name: Name for the role. For later matching. (values: any string; default: (none))
     - method: This rule is only active on the given list of HTTP methods.
               (list of enum values: methods as recognized by httpp/ (e.g: get,post); default: *)
   - ACL related:
     - allow-method: Allowed HTTP methods.
       (list of enum values: methods as recognized by httpp/ (e.g: get,post); default: get)
     - deny-method: Rejected HTTP methods.
       (list of enum values: methods as recognized by httpp/ (e.g: get,post); default: *)
     - allow-admin: Allowed admin commands. (list of enum values: admin command; default: buildm3u)
     - deny-admin: Rejected admin commands. (list of enum values: admin command; default: *)
     - allow-web: Allowed web pages. (values: empty or *; default: *)
     - deny-web: Rejected web pages. (values: empty or *; default: (empty))
     - connections-per-user: maximum number of simultaneous connections per role and username.
       This is only active on active sources.  (values: unlimited or number of connections; default: unlimited)
     - connection-duration: maximum time of a connection. This is only active on active sources.
       (values: unlimited or number of secounds; default: unlimited)
   <role> takes <option> child tags. <option> tags contain a name and a value option.
   Meaning of <option> tags is up to the authentication module.
 - <role>s are considered to build a stack. If a role returns with AUTH_NOMATCH the next one will be tried.
 - <role>s are tested in this order: mount specific, default mount specific, global, internal fallback.
   Internal fallback is set to allow web/ access via GET, POST and HEAD (only GET supported by this time)
   and rejects all other requests.
 - New authentication module: anonymous
   This module matches all requests. No options taken.
 - New authentication module: static
   This module matches with a static username and password.
   It takes two <option>s. One with name="username" and one with name="password" to set username and password.
   This replaces old style <*-username> and <*-password> tags.
 - New authentication module: legacy-password
   This module matches with a statich password.
   It takes one <option> with name="password" to set password.
   This replaces old ICE and ICY (shoutcast compat mode) authentication.
 - Parsing <authentication> in <mount> with a type set in a special way to allow 100% backward compatibility.
 - Parsing of <source-password>, <admin-password>, <admin-user>, <relay-password> and <relay-user> in global
   <authentication> for 100% backward compatibility.
 - <alias> is now proccessed very early. This enables them to be used for all kinds of requests.

To Do List & What does not yet work:
 - type="url" auth: mount_add and mount_remove.
   This should be replaced by an unique feature I would call '<event>'.
 - Admin commands manageauth and manageauth.xsl are disabled as they need more review:
   This code needs to be ported to support multiple <role>s per <mount>.
 - url authentication module can not yet return AUTH_NOMATCH.
   This needs to be reviewed and discussed on how to handle this case best way.
 - Default config files needs to be updated to reflect the changes.
   As this is quite some political act it should be done in dicussion with the whole team
   and permission of the release manager.
 - Docs need to be updated to reflect the changes.

How does it work:
 Code has been changed so that authentification is done early for all clients.
 This allows accessing the ACL data (client->acl) from nearly everywhere in the code.

 After accept() and initial client setup the request is parsed. In the next step
 all <alias>es are resolved. After this the client is passed for authentication.
 After authentication it is passed to the corresponding subsystem depending on kind of request.

 All authentication instances have a thread running for doing the authentication.
 This thread works on a queue of clients.

Hints for testers:
 - Test with default config.
 - Test with diffrent authentication modules in <mount>.
 - Test shoutcast compatibility mode.
 - Test with new style <authentication> and any amount of <role> (zero to quite some).
 - Test <alias> lookup on all kinds of objects.
 - Test source level credential login into the admin interface.
 - Test shoucast style meta data updates.
 - Test playlist generation.

Thank you for reading this long commit message. Have fun reading the full patch!

svn path=/icecast/trunk/icecast/; revision=19358
2014-11-28 23:46:08 +00:00
Philipp Schafft
2b7cb1c641 LOG_{ERROR|WARN|INFO|DEBUG}() -> ICECAST_LOG_{ERROR|WARN|INFO|DEBUG}(); this is to avoid collision with LOG_INFO that is defined as part of syslog.
svn path=/icecast/trunk/icecast/; revision=19257
2014-10-31 08:46:58 +00:00
Philipp Schafft
7ae4664780 Replace the old logging macros with variadic argument macros. (patch by ePirat) (close #2058)
svn path=/icecast/trunk/icecast/; revision=19229
2014-10-09 10:39:13 +00:00
Karl Heyes
b3b2695a1d Handle http 302 response when a relay starts. The socket IO is isolated into a
separate function for loop handling and log messages are updated.


svn path=/icecast/trunk/icecast/; revision=13533
2007-08-10 21:33:16 +00:00
Michael Smith
5aa561c5b7 Modified version of patch from gtgbr@gmx.net to clean up headers and defines
for logging.

svn path=/icecast/trunk/icecast/; revision=10618
2005-12-17 12:34:37 +00:00
Karl Heyes
092c73b4a5 log xml/xslt parsing failure messages via error log. This applies to both the
xsl files and the icecast xml file when re-read. At icecast startup, the logs
are not open so these parsing messages still go to stderr.

svn path=/icecast/trunk/icecast/; revision=9758
2005-08-16 16:56:24 +00:00
Michael Smith
65cfce7b53 Fix for bug #688 as supplied by moinakg2002@yahoo.com; make icecast
compilable with Sun's compiler

svn path=/icecast/trunk/icecast/; revision=9626
2005-07-26 13:15:22 +00:00
Karl Heyes
dc0d4e15fd fix win32 access.log entries, the rest is just cosmetic
svn path=/icecast/trunk/icecast/; revision=9307
2005-05-25 01:43:33 +00:00
oddsock
083f5c0cd1 this patch adds a playlist log to icecast. This can be used to maintain an audit trail of metadata that comes through icecast. The format of the log file may be changed in the future as we decide on a good format.
svn path=/icecast/trunk/icecast/; revision=8205
2004-11-16 04:04:02 +00:00
Karl Heyes
15016583ab make caller of restart_logging pass the config, don't assume it's locked
svn path=/icecast/trunk/icecast/; revision=7595
2004-08-20 21:40:44 +00:00
Michael Smith
0aad6d849c Add Copyright notice to each source file, as requested by debian.
svn path=/trunk/httpp/; revision=5792
2004-01-29 01:02:12 +00:00
oddsock
70ae454647 get rid of the fullpath of the module that is logged...Stupid VC6....
svn path=/trunk/icecast/; revision=5680
2003-12-04 16:23:51 +00:00
Karl Heyes
508d25641d avoid header namespace clashes
svn path=/trunk/icecast/; revision=5146
2003-07-16 19:41:59 +00:00
Karl Heyes
421df597fa Add log cycling on HUP signals. Currently reopens log files in append mode
so allows for continuing the log, or cycling just one log.   log filename
changes work as well.

svn path=/trunk/icecast/; revision=5129
2003-07-11 23:54:50 +00:00
oddsock
f9e5bf3d07 added reference to log.h, WIN32 needed it otherwise it would fail on finding prototypes
svn path=/trunk/icecast/; revision=4312
2003-02-02 14:32:21 +00:00
Michael Smith
b68b01f02c Cache stylesheets for transforming.
svn path=/trunk/icecast/; revision=3810
2002-08-13 12:46:45 +00:00
Michael Smith
3727b2b32c Updates for modified logging API.
svn path=/trunk/icecast/; revision=3752
2002-08-03 08:16:52 +00:00
Jack Moffitt
39635122a5 win32 patches from Ed
svn path=/trunk/icecast/; revision=3123
2002-03-05 23:59:38 +00:00
Jack Moffitt
4327a10e45 minor build fixes for win32 courtesy of Oddsock
svn path=/trunk/icecast/; revision=3029
2002-02-07 01:04:09 +00:00
Jack Moffitt
61316a25d7 Initial revision
svn path=/trunk/icecast/; revision=1996
2001-09-10 02:21:46 +00:00