[Icecast] How to troubleshoot admin auth values in url format http://admin:password at icecast.org:1234

[Steve Wasiura]

Hello,

I'm asking if there is a way to do extra troubleshooting for admin auth, by
adjusting a config parameter (i.e. loglevel), then looking at log files.


Sometimes I can auth properly when trying to update metadata using a url
with basic auth embedded before the server/hostname, requested from a web
browser like google chrome.

i.e.
http://admin:password@icecast.org:1234/admin/metadata?mode=updinfo&mount=...
etc

Other times, I can't, and I can't figure out why not.


1. Does admin:password in this scenario (a web browser request) need to be
encoded to Base64, or can it be the "normal / plaintext" i.e. "admin" ?

Reading the code on Github, in src/connection.c
static int _check_pass_http

it appears it calls a method util_base64_decode, so it appears it is trying
to decode it.

but sometimes this works from a web browser request when username:password
is typed in plaintext (not base64encoded)

does the browser automatically encode it behind the scenes before the
network tranmission?


2. is there anyway to enable a more detailed logging level which would be
able to echo the values submitted, to validate if they are being changed by
the web browser during transmission?

in same code file, I see
WARN1("Base64 decode of Authorization header \"%s\" failed", header+6); In
which log would this appear? access or error?


Thank you.
3.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20180924/c4ccbede/attachment.htm>