has anyone tried $subj php scripts located in /examples/ dir? in my case any authorisation of protected mount seems to be bypassed without any checks. Without any logins or passwords i can listen to locked stream. also, time control and user access history isn't working - only mounpoints and users are added to mysql database, no user activity is recorded. i've found some interesting variables in icecast.xml.sample: <on-connect>/home/icecast/bin/stream-start</on-connect> <on-disconnect>/home/icecast/bin/stream-stop</on-disconnect> maybe they are realated to problem described above? thanx 4 thoughts.... -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.xiph.org/pipermail/icecast/attachments/20060116/1dcf0cfa/attachment.htm
At 06:02 AM 1/16/2006, Klauss Fumuldavijus wrote:>has anyone tried $subj php scripts located in /examples/ dir? >in my case any authorisation of protected mount seems to be bypassed >without any checks. Without any logins or passwords i can listen to >locked stream. >This has been reported before, however it's has ALWAYS been due to caching of the data in the media player. Winamp, for instance, caches your username and password in the request, so usually you just have to enter the user/pass once and from that time forward it may *seem* that you are bypassing the user/pass check, however icecast still validates it. Try using something like "wget" (which doesn't cache user/passwords for http authenticated streams) oddsock