Icecast Server/known https restrictions: Difference between revisions
Jump to navigation
Jump to search
m (→Icecast2 2.4.x: and again) |
(ph3-listen-sockets was merged into master) |
||
(6 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
This page lists known problems of latest released Icecast when operating with TLS enabled. | This page lists known problems of latest released Icecast when operating with TLS enabled. | ||
* 'listenurl' in the internal XML status representation is not protocol aware and will always use 'http' + global hostname (default: "localhost") and port (default: first listen-socket) | * 'listenurl' in the internal XML status representation is not protocol aware and will always use 'http' + global hostname (default: "localhost") and port (default: first listen-socket) (code addressing this was merged into ''master'' branch) | ||
* Virtual playlist files don't work | * Virtual playlist files don't work (code addressing this was merged into ''master'' branch) | ||
* Authentication helper doesn't work ( | * Authentication helper doesn't work (code addressing this was merged into ''master'' branch) | ||
* Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate. ( | * Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate. (is being developed in ''master'' branch, releases: ''v2.5.0-beta2'') | ||
* YP client code only works for plain HTTP streams. | |||
* … | * … | ||
== TLS Mode compatibility charts == | == TLS Mode compatibility charts == | ||
The following list Icecast configuration settings (horizontal) versus client settings (vertical). | The following tables list Icecast configuration settings (horizontal) versus client settings (vertical). | ||
Note: While auto mode may connect using TLS it will not establish a secure connection. auto_no_plain will ensure a secure connection. | |||
Note: While '''auto''' mode may connect using TLS, it will not establish a secure connection. '''auto_no_plain''' will ensure a secure connection. | |||
=== Icecast2 2.4.x === | === Icecast2 2.4.x === | ||
{| class="wikitable" | {| class="wikitable" | ||
! | ! !! 0 !! 1 | ||
! | |||
|- | |- | ||
! | ! colspan="3" | libshout | ||
|- | |- | ||
! disabled | ! disabled | ||
Line 27: | Line 28: | ||
| No || Yes | | No || Yes | ||
|- | |- | ||
! RFC2817 | ! [https://tools.ietf.org/html/rfc2817 RFC2817] | ||
| No || No | | No || No | ||
|- | |- | ||
! RFC2818 | ! [https://tools.ietf.org/html/rfc2818 RFC2818] | ||
| No || Yes | | No || Yes | ||
|} | |} | ||
Line 38: | Line 39: | ||
{| class="wikitable" | {| class="wikitable" | ||
! | ! | ||
! colspan="2" | TLS not configured | ! colspan="2" | TLS not configured | ||
! colspan="5" | TLS configured | ! colspan="5" | TLS configured | ||
|- | |- | ||
! | |||
! disabled !! auto, false | ! disabled !! auto, false | ||
! disabled !! auto, false !! auto_no_plain !! rfc2817 !! rfc2818, true | ! disabled !! auto, false !! auto_no_plain !! rfc2817 !! rfc2818, true | ||
|- | |||
! colspan="8" | libshout | |||
|- | |- | ||
! disabled | ! disabled | ||
Line 56: | Line 58: | ||
| No || No || No || Yes || Yes || Yes || Yes | | No || No || No || Yes || Yes || Yes || Yes | ||
|- | |- | ||
! RFC2817 | ! [https://tools.ietf.org/html/rfc2817 RFC2817] | ||
| No || No || No || Yes || Yes || Yes || No | | No || No || No || Yes || Yes || Yes || No | ||
|- | |- | ||
! RFC2818 | ! [https://tools.ietf.org/html/rfc2818 RFC2818] | ||
| No || No || No || Yes || Yes || No || Yes | | No || No || No || Yes || Yes || No || Yes | ||
|} | |} | ||
[[Category:Icecast]] | [[Category:Icecast]] |
Latest revision as of 04:08, 12 July 2018
This page lists known problems of latest released Icecast when operating with TLS enabled.
- 'listenurl' in the internal XML status representation is not protocol aware and will always use 'http' + global hostname (default: "localhost") and port (default: first listen-socket) (code addressing this was merged into master branch)
- Virtual playlist files don't work (code addressing this was merged into master branch)
- Authentication helper doesn't work (code addressing this was merged into master branch)
- Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate. (is being developed in master branch, releases: v2.5.0-beta2)
- YP client code only works for plain HTTP streams.
- …
TLS Mode compatibility charts
The following tables list Icecast configuration settings (horizontal) versus client settings (vertical).
Note: While auto mode may connect using TLS, it will not establish a secure connection. auto_no_plain will ensure a secure connection.
Icecast2 2.4.x
0 | 1 | |
---|---|---|
libshout | ||
disabled | Yes | No |
auto | Yes | Yes |
auto_no_plain | No | Yes |
RFC2817 | No | No |
RFC2818 | No | Yes |
Icecast2 2.5.x (branch "master")
Note: for truth values the following keywords can be used in the configuration: 0, false, no, off, 1, true, yes, on
TLS not configured | TLS configured | ||||||
---|---|---|---|---|---|---|---|
disabled | auto, false | disabled | auto, false | auto_no_plain | rfc2817 | rfc2818, true | |
libshout | |||||||
disabled | Yes | Yes | Yes | Yes | No | No | No |
auto | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
auto_no_plain | No | No | No | Yes | Yes | Yes | Yes |
RFC2817 | No | No | No | Yes | Yes | Yes | No |
RFC2818 | No | No | No | Yes | Yes | No | Yes |