Commit 19162018 authored by Philipp Schafft's avatar Philipp Schafft 🦁

Fix: Announce RFC 2817 TLS Support if TLS support is enabled.

This announces TLS support if enabled via Upgrade:-header.
Closes: #2159
parent dbbd22f7
......@@ -197,6 +197,9 @@ typedef struct ice_config_tag {
ice_config_http_header_t *http_headers;
/* is TLS supported by the server? */
int tls_ok;
relay_server *relay;
mount_proxy *mounts;
......
......@@ -192,7 +192,7 @@ static void get_ssl_certificate(ice_config_t *config)
{
SSL_METHOD *method;
long ssl_opts;
ssl_ok = 0;
config->tls_ok = ssl_ok = 0;
SSL_load_error_strings(); /* readable error messages */
SSL_library_init(); /* initialize library */
......@@ -224,7 +224,7 @@ static void get_ssl_certificate(ice_config_t *config)
if (SSL_CTX_set_cipher_list(ssl_ctx, config->cipher_list) <= 0) {
ICECAST_LOG_WARN("Invalid cipher list: %s", config->cipher_list);
}
ssl_ok = 1;
config->tls_ok = ssl_ok = 1;
ICECAST_LOG_INFO("SSL certificate found at %s", config->cert_file);
ICECAST_LOG_INFO("SSL using ciphers %s", config->cipher_list);
return;
......
......@@ -707,12 +707,13 @@ ssize_t util_http_build_header(char * out, size_t len, ssize_t offset,
config = config_get_config();
extra_headers = _build_headers(status, config, source);
ret = snprintf (out, len, "%sServer: %s\r\nConnection: %s\r\nAccept-Encoding: identity\r\nAllow: %s\r\n%s%s%s%s%s%s%s",
ret = snprintf (out, len, "%sServer: %s\r\nConnection: %s\r\nAccept-Encoding: identity\r\nAllow: %s\r\n%s%s%s%s%s%s%s%s",
status_buffer,
config->server_id,
connection_header,
(client->admin_command == ADMIN_COMMAND_ERROR ?
"GET, SOURCE" : "GET"),
(config->tls_ok ? "Upgrade: TLS/1.0\r\n" : ""),
currenttime_buffer,
contenttype_buffer,
(status == 401 ? "WWW-Authenticate: Basic realm=\"Icecast2 Server\"\r\n" : ""),
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment