I've been investigating adding SSL support to the community firmware and
have built two versions of openvpn for the touch using mbedtls and
openssl.
Unfortunately, mbedtls doesn't support many ciphers or digests, nor TLS
1.3. Which is too bad as it's much lighter than openssl. I had already
built openvpn with it before I realized those limitations.
The touch can handle moderate traffic with openvpn-openssl without
taxing the CPU. Here's a few top snapshots playing a 16bit, 44.1Khz
ALAC files over a remote DSL connection. I choose ALAC instead of FLAC
since jive uses more CPU decoding ALAC. I didn't try any higher
resolution files.
ALAC Track start.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root R 5660 4% 25% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root S 28968 23% 17% /usr/bin/jive
16828 16819 root S 8528 7% 4% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 3% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
Plackback after 1 minute.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root S 5660 4% 6% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root R 29100 23% 14% /usr/bin/jive
16828 16819 root S 8528 7% 3% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 4% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
Playback after 3 minutes.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root R 5660 4% 9% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root S 29100 23% 20% /usr/bin/jive
16828 16819 root S 8528 7% 4% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 4% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
ALAC 8 seconds before Next Track start.
Code:
--------------------
PID PPID USER STAT VSZ %MEM %CPU COMMAND
12253 1 root R 5660 4% 30% /media/sda1/openvpn-openssl
--config /media/sda1/touch.ovpn --daemon
16819 1 root S 29232 23% 20% /usr/bin/jive
16828 16819 root S 8528 7% 5% jive_alsa -v -d default -c default
-b 20000 -p 2 -s 24 -f 1
16827 16819 root S 8608 7% 5% jive_alsa -v -d plughw:2,0 -b 20000
-p 2 -s 16 -f 2
--------------------
Both openvpn versions and the kernel tun.ko driver are 'available on
sourceforge'
(https://sourceforge.net/projects/lmsclients/files/squeezeos/). This is
only for the Touch it won't run on the Radio.
You need to load the tun kernel driver using *insmod tun.ko* before
running openssl or add the commands to /etc/init.d/rcS.local if you
wanted openvpn to start at boot.
I've also been testing a version of squeezelite with SSL on the Touch
and Radio to see if it's worth trying to add SSL support to the firmware
and both devices have no problems playing direct https streams.
Unfortunately, it's not straight forward to run squeezelite with
squeezeplay. You need to change enableAudio=1 in Playback.lua and
restart squeezeplay before squeezelite with run. Additionally on the
Radio you have to modify several lua files to stop the automatic
powering off the amp when the idle timer triggers. One neat feature
using squeezelite on the touch is you can run separate instances on the
RCA and SPDIF jacks for 2 zones and you can use Choose Player to control
either one.
Ralphy
*1*-Touch, *5*-Classics, *3*-Booms, *2*-UE Radio
'Squeezebox client builds'
(https://sourceforge.net/projects/lmsclients/files/) 'donations'
(https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=LL5P6365KQEXN&lc=CA&item_name=Squeezebox%20client%20builds¤cy_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted)
always appreciated.
------------------------------------------------------------------------
ralphy's Profile: http://forums.slimdevices.com/member.php?userid=3484
View this thread: http://forums.slimdevices.com/showthread.php?t=114055
_______________________________________________
Squeezecenter mailing list
Squeezecenter@lists.slimdevices.com
http://lists.slimdevices.com/mailman/listinfo/squeezecenter
