Icecast Streaming Media Server Forum Index Icecast Streaming Media Server
Icecast is a Xiph Foundation Project
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

souce client authentification process in detail

 
Post new topic   Reply to topic    Icecast Streaming Media Server Forum Index -> Source Clients
View previous topic :: View next topic  
Author Message
bbk



Joined: 15 Oct 2005
Posts: 79

PostPosted: Sun Feb 12, 2006 11:26 pm    Post subject: souce client authentification process in detail Reply with quote

hello

i hope it is not too off topic here but actually i had and will have some kind of authentification problem within sources.

next week i will stream from a location where is quite a restrictive firewall in place where i will have no access.

last year i was there as well and i had the following problem:

i can connect me to the icecast server with "telnet myserver 8000" it comes up with http kind of.... ok that tells me as far as i know the port is open on the firewall.

but can it be it is just one direction?

because when i try to connect me with the source client i get no connection. i don't have the exact entry in the log but it came up with a source connection but an authentification failure.

how is the authentification of the source client done?

a) does the client connect to the server -> gets respond with the question to send authentification data -> sends authetification data -> gets ok.

b) does the client connect to the server -> gets respond from the server -> sends authentification -> gets ok.
_________________
::bbk::

http://audioasyl.net
Back to top
View user's profile Send private message Visit poster's website
karlH
Code Warrior
Code Warrior


Joined: 13 Jun 2005
Posts: 5476
Location: UK

PostPosted: Mon Feb 13, 2006 1:12 am    Post subject: Reply with quote

The process is just like a web request, a connection is established at the TCP level, then the source client sends headers along with the user/pass and then waits for the OK or failed response. When you are dealing with firewalls, a restrictive one will stop the TCP connection from being established so the header and authentication stage won't ever be reached.

karl.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
bbk



Joined: 15 Oct 2005
Posts: 79

PostPosted: Mon Feb 13, 2006 2:26 pm    Post subject: http-header maybe? Reply with quote

hello

thank you for your explaination.

ok so it is almost like the same as when authentification is done within apache right?

so the only thing that is different as the port 8000 is open is the http-header.

do you think it is possible the firewall is checking the headers if they are "good" http headers, i have in mind that icecast uses a modified http-header?
_________________
::bbk::

http://audioasyl.net
Back to top
View user's profile Send private message Visit poster's website
karlH
Code Warrior
Code Warrior


Joined: 13 Jun 2005
Posts: 5476
Location: UK

PostPosted: Mon Feb 13, 2006 4:31 pm    Post subject: Reply with quote

A firewall shouldn't be testing for it, http is not like say ftp in which you have to deal with 2 connections so tracking needs to be done. If a proxy is involved (transparent or not) then that may have an issue.

karl.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    Icecast Streaming Media Server Forum Index -> Source Clients All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2002 phpBB Group
subRebel style by ktauber