Commit 44f7e19c authored by Moritz Grimm's avatar Moritz Grimm
Browse files

Fix "HTTPS" protocol support. Add optional support for ICY and RoarAudio

parent ce0d1ffa
......@@ -186,10 +186,19 @@ Transport protocol used to stream to the server:
.Pp
.Bl -tag -width HTTPS -compact
.It Ar HTTP
Unencrypted HTTP (the default).
Plain-text HTTP
.It Ar HTTPS
HTTP over TLS.
This option implies that \&<tls\ /\&> is set to
.Qq required .
.It Ar ICY
ICY streaming protocol
.It Ar RoarAudio
RoarAudio streaming protocol
.El
.Pp
Default:
.Ar HTTP
.It Sy \&<hostname\ /\&>
.Pq Mandatory.
The FQDN host name or IP address of the server.
......@@ -223,12 +232,19 @@ Possible values are:
No TLS encryption will be attempted.
.It Ar May
Opportunistic TLS encryption may be used, if the server supports it
.Pq the default .
.It Ar Required
TLS encryption is required.
This is the only setting that is providing security against both passive and
active attackers.
.El
.Pp
Default:
.Ar May
.Pp
This option is ignored when \&<protocol\ /\&> is set to
.Ar HTTPS ,
which implies a value of
.Ar Required .
.It Sy \&<tls_cipher_suite\ /\&>
Configure allowed cipher suites for TLS.
.Pp
......
......@@ -18,7 +18,10 @@
<!-- Identifying name (default: "default") -->
<name>Test Server</name>
<!-- Transport protocol: HTTP, HTTPS (default: "HTTP") -->
<!--
Transport protocol:
HTTP (default), HTTPS (implies <tls>required</tls>), ICY, RoarAudio
-->
<protocol>HTTP</protocol>
<!-- Server address -->
<hostname>127.0.0.1</hostname>
......
......@@ -194,6 +194,10 @@ cfg_server_set_protocol(struct cfg_server *s, struct cfg_server_list *not_used,
s->protocol = CFG_PROTO_HTTP;
else if (0 == strcasecmp("https", protocol))
s->protocol = CFG_PROTO_HTTPS;
else if (0 == strcasecmp("icy", protocol))
s->protocol = CFG_PROTO_ICY;
else if (0 == strcasecmp("roaraudio", protocol))
s->protocol = CFG_PROTO_ROARAUDIO;
else {
if (NULL != errstrp)
*errstrp = "unsupported";
......@@ -364,6 +368,10 @@ cfg_server_get_protocol_str(struct cfg_server *s)
switch (s->protocol) {
case CFG_PROTO_HTTPS:
return ("https");
case CFG_PROTO_ICY:
return ("icy");
case CFG_PROTO_ROARAUDIO:
return ("roaraudio");
case CFG_PROTO_HTTP:
default:
return ("http");
......@@ -397,12 +405,16 @@ cfg_server_get_password(struct cfg_server *s)
enum cfg_server_tls
cfg_server_get_tls(struct cfg_server *s)
{
if (CFG_PROTO_HTTPS == s->protocol)
return (CFG_TLS_REQUIRED);
return (s->tls);
}
const char *
cfg_server_get_tls_str(struct cfg_server *s)
{
if (CFG_PROTO_HTTPS == s->protocol)
return ("required");
switch (s->tls) {
case CFG_TLS_NONE:
return ("none");
......
......@@ -23,8 +23,10 @@
enum cfg_server_protocol {
CFG_PROTO_HTTP = 0,
CFG_PROTO_HTTPS,
CFG_PROTO_ICY,
CFG_PROTO_ROARAUDIO,
CFG_PROTO_MIN = CFG_PROTO_HTTP,
CFG_PROTO_MAX = CFG_PROTO_HTTPS,
CFG_PROTO_MAX = CFG_PROTO_ROARAUDIO,
};
enum cfg_server_tls {
......
......@@ -48,6 +48,7 @@ _stream_cfg_server(struct stream *s, cfg_server_t cfg_server)
{
switch (cfg_server_get_protocol(cfg_server)) {
case CFG_PROTO_HTTP:
case CFG_PROTO_HTTPS:
if (SHOUTERR_SUCCESS !=
shout_set_protocol(s->shout, SHOUT_PROTOCOL_HTTP)) {
log_error("%s: protocol: %s",
......@@ -55,6 +56,26 @@ _stream_cfg_server(struct stream *s, cfg_server_t cfg_server)
return (-1);
}
break;
#ifdef SHOUT_PROTOCOL_ICY
case CFG_PROTO_ICY:
if (SHOUTERR_SUCCESS !=
shout_set_protocol(s->shout, SHOUT_PROTOCOL_ICY)) {
log_error("%s: protocol: %s",
s->name, shout_get_error(s->shout));
return (-1);
}
break;
#endif /* SHOUT_PROTOCOL_ICY */
#ifdef SHOUT_PROTOCOL_ROARAUDIO
case CFG_PROTO_ROARAUDIO:
if (SHOUTERR_SUCCESS !=
shout_set_protocol(s->shout, SHOUT_PROTOCOL_ROARAUDIO)) {
log_error("%s: protocol: %s",
s->name, shout_get_error(s->shout));
return (-1);
}
break;
#endif /* SHOUT_PROTOCOL_ROARAUDIO */
default:
log_error("%s: protocol: unsupported: %s",
s->name, cfg_server_get_protocol_str(cfg_server));
......
......@@ -63,10 +63,24 @@ START_TEST(test_server_protocol)
0);
ck_assert_int_eq(cfg_server_get_protocol(srv), CFG_PROTO_HTTP);
ck_assert_str_eq(cfg_server_get_protocol_str(srv), "http");
ck_assert_int_eq(cfg_server_get_tls(srv), CFG_TLS_MAY);
ck_assert_str_eq(cfg_server_get_tls_str(srv), "may");
ck_assert_int_eq(cfg_server_set_protocol(srv, servers, "HtTpS", NULL),
0);
ck_assert_int_eq(cfg_server_get_protocol(srv), CFG_PROTO_HTTPS);
ck_assert_str_eq(cfg_server_get_protocol_str(srv), "https");
ck_assert_int_eq(cfg_server_get_tls(srv), CFG_TLS_REQUIRED);
ck_assert_str_eq(cfg_server_get_tls_str(srv), "required");
ck_assert_int_eq(cfg_server_set_protocol(srv, servers, "iCY", NULL),
0);
ck_assert_int_eq(cfg_server_get_protocol(srv), CFG_PROTO_ICY);
ck_assert_str_eq(cfg_server_get_protocol_str(srv), "icy");
ck_assert_int_eq(cfg_server_get_tls(srv), CFG_TLS_MAY);
ck_assert_str_eq(cfg_server_get_tls_str(srv), "may");
ck_assert_int_eq(cfg_server_set_protocol(srv, servers, "rOaRaudIo", NULL),
0);
ck_assert_int_eq(cfg_server_get_protocol(srv), CFG_PROTO_ROARAUDIO);
ck_assert_str_eq(cfg_server_get_protocol_str(srv), "roaraudio");
}
END_TEST
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment