Difference between revisions of "Icecast Server/known https restrictions"

From XiphWiki
Jump to: navigation, search
(Updated list of problems.)
(clarify wording)
Line 1: Line 1:
 
This page lists known problems of latest released Icecast when operating with TLS enabled.
 
This page lists known problems of latest released Icecast when operating with TLS enabled.
  
* 'listenurl' in the internal XML status representation is not protocol aware and will always use 'http' + global hostname (default: "localhost") and port (default: first listen-socket). (supported in branch ph3-listen-sockets.)
+
* 'listenurl' in the internal XML status representation is not protocol aware and will always use 'http' + global hostname (default: "localhost") and port (default: first listen-socket) (is being developed in branch ''ph3-listen-sockets'')
* Virtual playlist files don't work. (supported in branch ph3-listen-sockets.)
+
* Virtual playlist files don't work (is being developed in branch ''ph3-listen-sockets'')
* Authentication helper doesn't work (needs verification). (supported in branch ph3-listen-sockets.)
+
* Authentication helper doesn't work (is being developed in branch ''ph3-listen-sockets'')
* Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate. (supported in branch master, releases v2.5.0-beta.2.)
+
* Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate. (is being developed in ''master'' branch, releases: ''v2.5.0-beta2'')
* YP interface is not protocol aware.
+
* YP client code only works for plain HTTP streams.
 
* …
 
* …
  

Revision as of 04:45, 19 May 2018

This page lists known problems of latest released Icecast when operating with TLS enabled.

  • 'listenurl' in the internal XML status representation is not protocol aware and will always use 'http' + global hostname (default: "localhost") and port (default: first listen-socket) (is being developed in branch ph3-listen-sockets)
  • Virtual playlist files don't work (is being developed in branch ph3-listen-sockets)
  • Authentication helper doesn't work (is being developed in branch ph3-listen-sockets)
  • Certificate reload is not implemented in 2.4.x. Icecast2 2.4.x needs to be restarted to reload the certificate. (is being developed in master branch, releases: v2.5.0-beta2)
  • YP client code only works for plain HTTP streams.

TLS Mode compatibility charts

The following tables list Icecast configuration settings (horizontal) versus client settings (vertical).

Note: While auto mode may connect using TLS, it will not establish a secure connection. auto_no_plain will ensure a secure connection.

Icecast2 2.4.x

0 1
libshout
disabled Yes No
auto Yes Yes
auto_no_plain No Yes
RFC2817 No No
RFC2818 No Yes

Icecast2 2.5.x (branch "master")

Note: for truth values the following keywords can be used in the configuration: 0, false, no, off, 1, true, yes, on

TLS not configured TLS configured
disabled auto, false disabled auto, false auto_no_plain rfc2817 rfc2818, true
libshout
disabled Yes Yes Yes Yes No No No
auto Yes Yes Yes Yes Yes Yes Yes
auto_no_plain No No No Yes Yes Yes Yes
RFC2817 No No No Yes Yes Yes No
RFC2818 No No No Yes Yes No Yes