auth_url Location: creates a hang. - Githubissues

karlheyes / icecast-kh

KH branch of icecast

GNU General Public License v2.0

297 stars 105 forks source link

auth_url Location: creates a hang. #356

Closed rustyhodge closed 1 year ago

rustyhodge commented 2 years ago

If your auth_url returns a Location: header, curl will try and follow that URL rather than pass it on to Icecast.

Using this config for example:

<authentication type="url">
    <option name="listener_add" value="http://xxxxxx/iceauth.cgi"/>
    <option name="auth_header" value="icecast-auth-user: 1"/>
</authentication>

And the URL returns a 302 redirect Location: http://whatever will return an error as the libCurl tries to follow the redirect.

Example error will be: WARN auth_url/url_add_listener auth to server http://xxxxxx/iceauth.cgi (/examplemount) failed with Operation timed out after 4991 milliseconds with 524957 bytes received

The location sends it into a loop.

This is because CURLOPT_FOLLOWLOCATION is set to 1 in auth_url.c curl_easy_setopt (atd->curl, CURLOPT_FOLLOWLOCATION, 1);

At line 579 insert curl_easy_setopt (atd->curl, CURLOPT_FOLLOWLOCATION, 0); before curl_easy_setopt (atd->curl, CURLOPT_URL, url->addurl);

and the problem is fixed.

I don't think this will break anything else.

karlheyes commented 1 year ago

in kh16 and later I've set a redirection limit to 1 (default) instead of the infinite that libcurl defaults to. This allows for a change of address that you may want in certain cases but you can set it with the option "redirect_limit" to specify a different figure, 0 -10 is allowed. Anything approaching that upper limit is silly.