Closed curtishall closed 3 months ago
@andrey-utkin
For simple authentication checking we already have a function in lib/lib.php:
public function checkConnection
Perhaps a quick curl command:
@curtishall
For simple authentication checking we already have a function in lib/lib.php: public function checkConnection
This function doesn't seem to care if the password is correct or not.
Upon further investigation it appears that the camera's I tested will all pass this connection test because the test checks if the return status was 200 OK
. However this is true every time because for example the function will test this URL http://admin:camera1234@192.168.86.109:80
(Note how camera1234
is not the devices password) and it will redirect to http://192.168.86.109/doc/page/login.asp?_1709838069143
which will return 200 OK
. (This behaviour is also true if the password is correct.)
Either this function needs to be rewritten or it is not used in testing authentication.
How about using curl to check auth?
Apologies for the late reply. Correct me if I am misunderstood in what you were trying to say
I have tried using both the user flag curl --user admin:camera123 http://192.168.86.91
and URL curl http://admin:camera1234@192.168.86.109:80
and both have the same response as I outlined above.
The response from curl -v "rtsp://admin:camera1234@192.168.86.109:554/Streaming/Channels/101?transportmode=unicast&profile= Profile_1" RTSP/1.0
is 405 Not Allowed
ffprobe can be given timeout value (but really that's libavformat option):
$ time ffprobe -hide_banner -print_format json -show_streams -timeout 10000000 "rtsp://wowzaec2demo.streamlock.net/vod/mp4:BigBuckBunny_115k.mov"
{
[tcp @ 0x55c4493fdc80] Connection to tcp://wowzaec2demo.streamlock.net:554?timeout=10000000 failed: Connection timed out
rtsp://wowzaec2demo.streamlock.net/vod/mp4:BigBuckBunny_115k.mov: Connection timed out
}
real 0m10.178s
user 0m0.106s
sys 0m0.045s
curl invocation is indeed deceptive as it returns 200 OK even with wrong credentials:
$ curl -v "rtsp://admin:camera1234@192.168.86.109:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1"
* processing: rtsp://admin:camera1234@192.168.86.109:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1
* Trying 192.168.86.109:554...
* Connected to 192.168.86.109 (192.168.86.109) port 554
* Server auth using Basic with user 'admin'
> OPTIONS * RTSP/1.0
> CSeq: 1
> User-Agent: curl/8.2.1
> Authorization: Basic YWRtaW46Y2FtZXJhMTIzNA==
>
< RTSP/1.0 200 OK
< CSeq: 1
< Public: OPTIONS, DESCRIBE, PLAY, PAUSE, SETUP, TEARDOWN, SET_PARAMETER, GET_PARAMETER
< Date: Fri, Mar 08 2024 05:29:02 GMT
<
* Connection #0 to host 192.168.86.109 left intact
[OK]
$ ffplay -hide_banner "rtsp://admin:camera1234@192.168.86.109:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1"
[rtsp @ 0x7f0c18000c80] method DESCRIBE failed: 401 Unauthorized0
rtsp://admin:camera1234@192.168.86.109:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1: Server returned 401 Unauthorized (authorization failed)
(the password is wrong)
For simple authentication checking we already have a function in lib/lib.php: public function checkConnection
I suggest we call ffprobe with timeout option in it. RTSP demuxer takes timeout in microseconds: https://ffmpeg.org//ffmpeg-protocols.html#Demuxer
I find what checkConnection
does for $paths['mjpeg']
and $paths['http']
a bit strange: why does it assume both URLs would work. But we can leave it for another time.
For the "Path to RTSP" and the "Substream path" we need a button that the user can click that verifies the connection to the RTSP source. ffprobe should be able to do that.
Right now when a customer adds a RTSP source (usually a camera) they will have no idea if the connection was established or not unless they look at the bluecherry.log or open the client, neither which is very efficient for someone who just needs to add a bunch of cameras and test the connections.
Running ffprobe with json output should provide enough details that we can report back to the user such as:
ffprobe will stall out if if the RTSP source is offline:
Thus it's better to 'ping' the IP before we attempt ffprobe.
Once a connection is established it would also be nice to return the resolution, fps and frame rate:
Examples to return: