Marvin Scholz
e09f48a034
Update: Do not use SSLv23_server_method
...
...with OpenSSL 1.1.0 or newer
Instead use TLS_server_method and
SSL_CTX_set_min_proto_version to limit
the used protocol versions.
2019-04-24 18:52:41 +02:00
Marvin Scholz
e824e48fdf
Cleanup: Remove unnecessary SSL_CTX_get_options
...
According to the documentation the current option state is not cleared
but the options are added to the current options, so gettin the
current options seems redundant to the behavior of SSL_CTX_set_options:
> SSL_CTX_set_options() adds the options set via bitmask in options
> to ctx. Options already set before are not cleared!
2019-04-24 18:52:41 +02:00
Marvin Scholz
14ba90fc93
Cleanup: Simplify adding SSL_OP_NO_COMPRESSION
2019-04-24 18:52:41 +02:00
Marvin Scholz
ed9a4e658c
Cleanup: Simplify OpenSSL context initialisation
...
Assigning the return value of SSLv23_server_method to a variable is
not necessary here and not doing it can get us rid of a lot of
condition code given that the type of the return value changed
at some point.
2019-04-24 18:52:41 +02:00
Marvin Scholz
07304b5193
Update: Do not init OpenSSL since 1.1.0
...
Explicitly initializing the library is not longer needed since
OpenSSL 1.1.0 and the SSL_library_init function is deprecated.
Citing the manual:
> As of version 1.1.0 OpenSSL will automatically allocate all resources
> that it needs so no explicit initialisation is required. Similarly it
> will also automatically deinitialise as required.
Fix #2318
2019-04-24 18:52:41 +02:00
Philipp Schafft
c64e36eae5
Update: Added tap-driver.sh to list of EXTRA_DIST files
2019-04-23 12:45:13 +00:00
Philipp Schafft
e234990932
Update: Source code is now in git
2019-04-23 12:45:13 +00:00
Marvin Scholz
7bccaf9d25
CI: Do not install openssl-dev
...
It conflicts with libressl, which is needed for curl now.
2019-04-04 09:44:42 +02:00
Philipp Schafft
de3a075500
Merge branch 'feature-auth-enforce-auth'
2019-01-16 14:12:15 +00:00
Philipp Schafft
001ac59127
Feature: Added auth backend "enforce_auth".
...
Closes : #2348
2019-01-16 14:11:03 +00:00
Philipp Schafft
b5e721ebff
Merge branch 'ph3-fix-debug-spam'
...
Closes : #2358
2019-01-10 13:13:00 +00:00
Philipp Schafft
8589c1a040
Feature: Actually disable developer only logging if --enable-devel-logging is not given
2019-01-09 15:39:55 +00:00
Marvin Scholz
f5eecdf0f6
Feature: Allow enabling devel logging in configure
...
Allow enabling devil logging in configure using the
--enable-devel-logging switch.
Doing so defines the DEVEL_LOGGING macro.
2019-01-09 16:22:38 +01:00
Philipp Schafft
e6122f13fb
Feature: Marked spammy development only output as such
...
See: #2358
2019-01-09 15:04:16 +00:00
Philipp Schafft
bb6ecd31fd
Cleanup: Use "match-method", not (deprecated) "methods"
2019-01-09 11:14:33 +00:00
Philipp Schafft
e196495008
Cleanup: Fixed spaces
2019-01-09 11:11:25 +00:00
Philipp Schafft
d85a0ded30
Feature: Move common methods into CONFIG_LEGACY_ALL_METHODS
2019-01-09 11:07:40 +00:00
Philipp Schafft
4fbde4b96c
Update: Allow relay clients to use OPTIONS
2019-01-09 11:06:28 +00:00
Philipp Schafft
95405e406a
Update: Allow source clients to use OPTIONS
2019-01-09 11:04:06 +00:00
Philipp Schafft
5a81e8afa2
Cleanup: Use less magic constants for __append_old_style_auth()
2019-01-09 10:49:00 +00:00
Philipp Schafft
a301a302ba
Feature: Replaced free()-strdup() in event code with util_replace_string()
...
See: #2370
2019-01-09 09:30:31 +00:00
Philipp Schafft
edd3dcc60d
Update: Renamed replace_string() to util_replace_string()
2019-01-09 09:18:50 +00:00
Philipp Schafft
46d5e0e703
Merge branch 'spr0cketeer/icecast-server-url-event-fix'
2019-01-09 08:53:13 +00:00
spr0cketeer
31da097922
Fix: Correct url event "action" option handling
...
Closes : #2370
2019-01-06 18:57:45 +00:00
Philipp Schafft
de4fdf6656
Fix: Corrected check for return value of tls_got_shutdown()
2018-12-24 16:29:22 +00:00
Philipp Schafft
0a026c8b45
Cleanup: Corrected code formating
2018-12-17 08:52:51 +00:00
Philipp Schafft
7fdc9ed11f
Fix: Permit HTTP keep-alive for report XML based replys
2018-12-17 08:51:25 +00:00
Philipp Schafft
825f92d6e2
Feature: Support HTTP keep-alive for SOURCE connections if they give us a content-length (useful for pokes)
2018-12-17 08:46:52 +00:00
Philipp Schafft
b02f306521
Fix: Updated allowed method lists for legacy-global-source and legacy-mount-source
...
For legacy-global-source this adds POST to the list.
For legacy-mount-source this adds POST and DELETE to the list.
The lists are now sync.
Closes : #2366
Found while working on & See also: icecast-libshout#2303
2018-12-14 12:57:23 +00:00
Philipp Schafft
6e0f876275
Fix: Corrected Copyright headers
2018-11-26 07:42:05 +00:00
Philipp Schafft
3a3739e90a
Update: Updated default list of OpenSSL ciphers.
...
This updates to the Mozilla Foundation's "Intermediate" list
as of the time of this commit.
The list is appended with several negative rules that we included
before.
2018-11-25 18:50:33 +00:00
Philipp Schafft
df96dcbb6c
Update: Announce ourself as HTTP/1.1 in HTTP upgrade
2018-11-13 08:54:06 +00:00
Philipp Schafft
143a8b717f
Fix: Send final reply to client on HTTP upgrade
...
Closes : #2356
2018-11-13 08:51:02 +00:00
Philipp Schafft
7637e8f5e3
Fix: Do not upgrade on already upgraded connections
2018-11-13 08:45:09 +00:00
Philipp Schafft
6583bdfc56
Fix: Corrected error handling for TLS connections
...
Closes : #2355
2018-11-13 08:25:01 +00:00
Philipp Schafft
0d8b076336
Fix: Corrected confusion with default values for source_timeout and body_timeout
2018-11-13 08:23:06 +00:00
Philipp Schafft
eb2735e0f0
Merge branch 'ph3-corpse'
...
Thanks to Julien CROUZET <contact@juliencrouzet.fr> for all the input!
2018-11-12 22:07:52 +00:00
Philipp Schafft
5f4b002485
Feature: Support filtering on CORS "Origin".
2018-11-12 21:51:23 +00:00
Philipp Schafft
e384df21b5
Update: Updated default configs
2018-11-12 21:51:23 +00:00
Philipp Schafft
c7e355ce49
Update: Improved CORS header handling regarding defaults
2018-11-12 21:51:23 +00:00
Philipp Schafft
f60791ad64
Cleanup: Removed stray error level log line
2018-11-12 21:51:23 +00:00
Philipp Schafft
c71aa0a08f
Feature: Support per-<acl> HTTP headers
2018-11-12 21:51:23 +00:00
Philipp Schafft
6f28d3fd3a
Update: Mark ice_config_http_header_t *header const in _build_headers_loop()
2018-11-12 21:51:23 +00:00
Philipp Schafft
2c72d9a37c
Feature: Support per-<role> HTTP headers
2018-11-12 21:51:23 +00:00
Philipp Schafft
aeeee071d4
Feature: Allow to define ACLs in <acl> (child of <role>)
2018-11-12 21:51:23 +00:00
Philipp Schafft
ca83e6b44b
Feature: Added type="cors" to <header>.
2018-11-12 21:51:23 +00:00
Philipp Schafft
ff0263b3a4
Update: Added warning about wrong type of metadata update.
...
See: #2017
2018-11-10 09:22:16 +00:00
Philipp Schafft
6d0e4e6fc9
Update: Set default HTTP version to 1.1
...
This changes the default version of HTTP to 1.1.
The version can currently not be changed to something different.
Closes : #2057
2018-11-09 07:30:30 +00:00
Philipp Schafft
fbddf8d2f0
Cleanup: Removed <threadpool> completly.
...
This adds a error level log line to the block in case unknown nodes are used
as we do for other blocks already.
Closes : #2085
2018-11-09 07:12:07 +00:00
Philipp Schafft
03249ff5f4
Fix: Do not segfault if no real source could be found
2018-11-04 09:28:41 +00:00