Old 9th January 2011, 16:27   #1
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
A socket policy server...

...for people who aren't using sc_trans for whatever reason:
SPS

This should be a heavy-duty production level policy server that conforms to the standards as laid out from an Adobe link Smelter posted somewhere...

I couldn't find one that was for free or didn't need compiling so I just made one. Installer includes two executables, one of which, is a bona-fide Windows NT background service that can be controlled by the other, which also acts as a SPS when you can't use (or didn't install) the NT one, so it should be compatible all-round, although with Windows Vista/7 you'll probably have to run the main .exe as Administrator permanently.

This actually took longer to make than I originally planned. The protocol itself is simple enough. What took longer than 1 day was the UI and the NT service stuff. What a pain.

As always if anybody has issues...

...you know the drill...

thinktink is offline   Reply With Quote
Old 9th January 2011, 18:06   #2
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
http://www.adobe.com/devnet/flashpla..._security.html

sc_trans, I believe, is not compatible with getting metaint data because it only contains a policyfile.xml, which is not enough to connect with a socket from flash. A socket is needed to send a full unmodified request header for title data. Otherwise, you can play all the content, just without 'in stream' title data The icy- header data is available.

Thanks for the server. Ill check it out soon.
Smelter is offline   Reply With Quote
Old 9th January 2011, 20:15   #3
DaZilertaler
Junior Member
 
Join Date: Mar 2010
Posts: 23
Yeehaw I got TranscoderProto going

I Got it going thanks for the effort for SPS thinkthink
sps is up + shoutcast v1 aacplus stream

See http://smiley.kyak106.com/testplayer.html

Nice 1
DaZilertaler is offline   Reply With Quote
Old 9th January 2011, 21:07   #4
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
Great!

Audio skins are on order from a design partner.
Smelter is offline   Reply With Quote
Old 9th January 2011, 21:24   #5
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
btw: ill be looking at eliminating the sputter you get from the incoming regulator that occures at the stream head. I don't consume enough of the burst.
Smelter is offline   Reply With Quote
Old 10th January 2011, 16:30   #6
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
Check out the new skin.

http://thundersnow.thebitstream.com/player/

DaZilertaler, you can limit the domains that can stream, so only the players or your choice can connect.
Smelter is offline   Reply With Quote
Old 10th January 2011, 16:41   #7
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
How's the SPS doing?

Nice skin. The SWF object is still a bit big on the page though or is that a function of the container?
thinktink is offline   Reply With Quote
Old 10th January 2011, 16:45   #8
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
that and the playlist also has a video entry, so I accommodate for that. There's a mico player skin coming too.

I havnt used the sps personally yet, to busy putting code into the skin. But it is obviously working for 'Inner Wisdom'

Smelter is offline   Reply With Quote
Old 10th January 2011, 16:47   #9
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
I just told the design guy to do what he wanted, so I cant take credit for the looks. Ill pass it on though.
Smelter is offline   Reply With Quote
Old 12th January 2011, 00:21   #10
DaZilertaler
Junior Member
 
Join Date: Mar 2010
Posts: 23
looking good nice job dudes
DaZilertaler is offline   Reply With Quote
Old 12th January 2011, 00:44   #11
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
Oh no! Are Smelter and I conjoined at the hip now?

And for my extremely micro-miniature-minuscule-small-part, you're welcome.

[EDIT /]
Oh CRAP! This is my six hundred sixty-sixth non Recycle bin post...


Last edited by thinktink; 12th January 2011 at 00:46. Reason: 666
thinktink is offline   Reply With Quote
Old 12th January 2011, 03:09   #12
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
new build

http://thundersnow.thebitstream.com/allinone.zip

DaZilertaler, you're featured here.

http://thundersnow.thebitstream.com/player/

Thanks again thinkthink for the help that will provide the small casters.
Smelter is offline   Reply With Quote
Old 13th January 2011, 11:13   #13
DaZilertaler
Junior Member
 
Join Date: Mar 2010
Posts: 23
Magnificent
DaZilertaler is offline   Reply With Quote
Old 29th January 2011, 00:38   #14
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
Follow up:

sc_trans crossdomain policy @ 843 IS enough for the thunder snow flash code.

Repeat.. sc_trans crossdomain policy file server IS good enough for streaming aacp to flash.
Smelter is offline   Reply With Quote
Old 29th January 2011, 01:29   #15
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
Quote:
Originally Posted by Smelter View Post
Follow up:

sc_trans crossdomain policy @ 843 IS enough for the thunder snow flash code.

Repeat.. sc_trans crossdomain policy file server IS good enough for streaming aacp to flash.
lol, oi, I already knew that. But not everybody uses sc_trans so that's why I made SPS.

lol
thinktink is offline   Reply With Quote
Old 29th January 2011, 02:17   #16
jaromanda
Forum King
 
Join Date: Jun 2007
Location: Under the bridge
Posts: 2,289
Quote:
Originally Posted by Smelter View Post
Follow up:

sc_trans crossdomain policy @ 843 IS enough for the thunder snow flash code.

Repeat.. sc_trans crossdomain policy file server IS good enough for streaming aacp to flash.
surely you need sc_serv ... not sc_trans

"If you don't like DNAS, write your own damn system"

So I did
jaromanda is offline   Reply With Quote
Old 29th January 2011, 02:19   #17
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
I could have sworn it was sc_trans that started up the policy server.
Smelter is offline   Reply With Quote
Old 29th January 2011, 02:24   #18
jaromanda
Forum King
 
Join Date: Jun 2007
Location: Under the bridge
Posts: 2,289
Quote:
Originally Posted by Smelter View Post
I could have sworn it was sc_trans that started up the policy server.
you're right


BUT

what's the point of sc_trans Socket Policy Server if it's on a different host to sc_serv?

sc_serv is where you stream from ...

i.e. if one was to stream from "home" using sc_trans to an external host running sc_serv ... the sc_trans has no role to play in socket policy for flash player

sc_serv (v2) can serve a crossdomain file, however ... not on port 843, but port 843 is NOT the be all and end all of flash security

My understanding of flash security (re socket policy)

1. Flash Player first checks port 843 to determine if there is a socket master policy file. If there is no socket master policy file or the socket master policy file has a site-control tag specifying "all", then Flash Player proceeds to the next step. If the site-control tag has a value of "none", then the process stops and the socket is denied a connection.
2. If an ActionScript Security.loadPolicyFile() command exists within the SWF file, then the Flash Player runtime checks that location. Flash Player checks the destination of the loadPolicyFile() only after it has checked the master policy file on port 843 for permission to acknowledge other policy files. If the developer has not specified a loadPolicyFile() command, then Flash Player checks the destination port of the connection.
3. The destination port of the connection is the last check made by Flash Player. This check is only performed if the socket master policy file permits Flash Player to check additional locations. If Flash Player still cannot locate a policy file granting permission, then the socket connection is denied.

So ... sc_serv2's socket policy served on the same port as sc_serv2 is configured to use is perfectly adequate for crossdomain security in flash ... one does not need a socket policy server of any description

"If you don't like DNAS, write your own damn system"

So I did
jaromanda is offline   Reply With Quote
Old 29th January 2011, 04:13   #19
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
except, if one wanted to get title streaming.

The crossdomain @ service port needs to respond to the proper policy-file-request. If it does, then you're good to go. If the file is only available as an http:get file, then no socket permission is granted.

You cant grant socket access by http get .

The whole purpose of the socket access is to get title metaint data.

If you are good without titles in stream, then http policy is good enough.

If you serve the swf from the service port, no http policy file is needed at all(icecast).
Smelter is offline   Reply With Quote
Old 29th January 2011, 06:03   #20
jaromanda
Forum King
 
Join Date: Jun 2007
Location: Under the bridge
Posts: 2,289
Quote:
Originally Posted by Smelter View Post
You cant grant socket access by http get .
ahhh, I did not know that - must've skipped that piece of info on the flash documentation (actually, there is a way to grant socket access using http - but I think it HAS to be port 80, so that wont help)

how hard would it be for sc_serv2 to ALSO serve the crossdomain file via "socket" access - code exists for sc_trans2 ... if done "smart" it doesn't even have to be on port 843

"If you don't like DNAS, write your own damn system"

So I did
jaromanda is offline   Reply With Quote
Old 29th January 2011, 08:40   #21
Jkey
Forum King
 
Join Date: Jul 2004
Location: E*arth
Posts: 3,031
Just passing through...

When I pushed to have flash policy implemented in sc_trans (by neil/tag) its sole purpose was
to enable developers to create flash frontend's for the sc_trans api.
At the time it was specifically needed for a vu meter example I was working on that utilised
the vu binary stream available that sc_trans provides (using flash sockets).

I always wanted sc_serv to have something similar but alas it never happened.


-> J dissolves back into obscurity

So Long, and Thanks for All the Fish.
Jkey is offline   Reply With Quote
Old 29th January 2011, 16:55   #22
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
Hey Jay, Come back....

Can you enlighten me with your Uvox connection code so I can add a connector for nsv?
Smelter is offline   Reply With Quote
Old 30th January 2011, 09:10   #23
Jkey
Forum King
 
Join Date: Jul 2004
Location: E*arth
Posts: 3,031
A while ago I was given permission to share certain sc2 documentation with developers.
Once I find where I backed up sc/uvox files I will pm you.

j.

So Long, and Thanks for All the Fish.
Jkey is offline   Reply With Quote
Old 30th January 2011, 19:08   #24
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
got'em thx.
Smelter is offline   Reply With Quote
Old 30th January 2011, 23:34   #25
DrO
 
Join Date: Sep 2003
Posts: 27,873
is there something that explicitly needs to done to sc_serv2 and / or sc_trans? or are things ok as is? am asking as this is the ideal time for things to be changed / improved seeing as there is active development on the tools. also i haven't really read this thread at the time of posting so if i've missed something then ignore me, heh.

-daz
DrO is offline   Reply With Quote
Old 31st January 2011, 02:23   #26
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
Well, Joramanda mentioned that in some cases sc_serv will not be on the same machine as sc_trans.

And JKey mentioned the policy service was for Something not related to client streams.
Using flash:
For aac streams, we need crossdomain as http get.
for aac stream with titles capabilites, we need socket policy server.

I think we can specify to load socket policy server file from the listen port if thats our only choice.

I sent the notes to the shoutcast team just before the flash lib went public, but there is no response beyond 'show us a working demo' which was done at the time.

What we need is for the machine hit by the listener client, to host the socket policy server as it runs in sc_trans. If that means the sc_serv needs a policy server instance running, then so be it.

(flash client with in-stream title caps)->policy server->listen

(flash client without in-stream title caps)->(cross domain @ port 80)->( crossdomain @ listen port)->listen

(Flash client without in-stream title caps served from listen port like icecast)->listen
Smelter is offline   Reply With Quote
Old 31st January 2011, 08:13   #27
DrO
 
Join Date: Sep 2003
Posts: 27,873
Quote:
Originally Posted by Smelter View Post
I sent the notes to the shoutcast team just before the flash lib went public, but there is no response beyond 'show us a working demo' which was done at the time.
can you send that to me please.

Quote:
Originally Posted by Smelter View Post
What we need is for the machine hit by the listener client, to host the socket policy server as it runs in sc_trans. If that means the sc_serv needs a policy server instance running, then so be it.
rightio, as policy servers is somewhat new to me, i am right in taking that as what sc_trans does is essentially fine, so moving that into sc_serv2 would be ok (if it's not matched already as i think is the case) ? or am i just not making sense of things (am running on 4.5hrs sleep at the moment so i'm likely missing something).

-daz
DrO is offline   Reply With Quote
Old 31st January 2011, 08:54   #28
Jkey
Forum King
 
Join Date: Jul 2004
Location: E*arth
Posts: 3,031
DrO:
Tag did do some flash policy stuff in sc_serv v1.9.9 If I remember correctly,which was never released.
we got our info from here (at the time sc_trans began to include it):
http://www.adobe.com/devnet/flashpla...icy_files.html

Everyone else before you pm:
I mentioned in this thread sc2 docs that I am able to share.These docs in a slightly
limited form are freely available via the winamp wiki.
I WILL NOT & CAN NOT share auth encryption/decryption code examples or further info.
Although there is a dll that I created that handles auth encryption flying around somewhere.


k catch you in a month or 2 im out.

So Long, and Thanks for All the Fish.
Jkey is offline   Reply With Quote
Old 31st January 2011, 17:00   #29
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
thx guys.

DrO, I may just CC you all the emails I sent to Faisal.
Smelter is offline   Reply With Quote
Old 31st January 2011, 17:08   #30
Smelter
Major Dude
 
Smelter's Avatar
 
Join Date: Jan 2004
Posts: 1,141
And yes, do a whole-sale copy-over to sc_serv of the policy server system.

Also, suggest to allow serving a swf file from the sc_serv!

That eliminates the need for http policy file.

So if a user was able to configure the 843 or not(for full title streaming etc), there would be a solution available to stream advanced content.

so, once more.

serve from listen port= GO

http policy at 80 and listening port = GO

Socket policy = GO with advanced features, titles and redirects.

To me, it seems either socket policy or served from listening port are the best options. http policy is worthless without access to the port 80 web directory in order to authorize listening port policy .
Smelter is offline   Reply With Quote
Old 31st January 2011, 23:47   #31
DrO
 
Join Date: Sep 2003
Posts: 27,873
k, so i'll try to find some time then to port over what is in sc_trans over to sc_serv2 and can then go from there i guess. some of the last post did seem a bit dis-jointed so i'm still a bit perplexed (heh) but will see how it goes.

-daz
DrO is offline   Reply With Quote
Old 14th February 2011, 18:22   #32
tallw
Junior Member
 
Join Date: Jan 2009
Location: Brasil
Posts: 6
intereçante well with this player sockect.mas not yet got it right as to make this policy work got
http://hostdex*******objetos/jwalpha/player.html but do not get it right. : /
tallw is offline   Reply With Quote
Old 14th February 2011, 20:06   #33
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
Huh?
thinktink is offline   Reply With Quote
Old 14th February 2011, 20:25   #34
DrO
 
Join Date: Sep 2003
Posts: 27,873
undecided if it's spam or not from looking at some of the prior posts made...

-daz
DrO is offline   Reply With Quote
Old 16th November 2011, 00:11   #35
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
Does anybody have the latest copy of my SPS installer download floating around somewhere on their harddrive?
thinktink is offline   Reply With Quote
Old 16th November 2011, 00:18   #36
DrO
 
Join Date: Sep 2003
Posts: 27,873
check your pm

-daz
DrO is offline   Reply With Quote
Old 16th November 2011, 00:58   #37
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
Thanks. Gonna repost it here since my server is screwed at the moment. Someone asked for it so I figured I'd make it available again.

Damnit! I keep getting a damn "Internal Server Error" when trying to upload the zip file.

I'm gonna keep trying.
thinktink is offline   Reply With Quote
Old 16th November 2011, 01:21   #38
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
/sigh

I gave up. Attachments are permanently fucked.

[EDIT /]
Was able to host it someplace elsewheres. Hope this works.
http://www.filefactory.com/file/cf02...Install1_0.exe
thinktink is offline   Reply With Quote
Old 9th January 2012, 23:42   #39
DrO
 
Join Date: Sep 2003
Posts: 27,873
Quote:
Originally Posted by Smelter View Post
And yes, do a whole-sale copy-over to sc_serv of the policy server system.

Also, suggest to allow serving a swf file from the sc_serv!
as per http://forums.winamp.com/showpost.ph...&postcount=109, both options are about done now internally (though ended up doing it a bit differently due to sc_trans and sc_serv handling some of the connection requests differently).

dunno if one (or more) of the big 3 wants to give things a go once i've got the serving of the swf (will be via serveraddress/shoutcast.swf where shoutcast.swf is stored locally in the same folder as sc_serv).

-daz
DrO is offline   Reply With Quote
Old 10th January 2012, 06:58   #40
thinktink
Forum King
 
thinktink's Avatar
 
Join Date: May 2009
Location: On the streets of Kings County, CA.
Posts: 3,021
Send a message via Skype™ to thinktink
I'll definitely bite. Sail a Windows and Linux version over this way yonder. I have a native Windows machine with an Oracle VM with Ubuntu on it.
thinktink is offline   Reply With Quote
Reply
Go Back   Winamp & Shoutcast Forums > Shoutcast > Shoutcast Discussions

Tags
socket policy server

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump