Closed degrashopper closed 3 years ago
probot-home-assistant[bot]
commented
3 years ago Hey there @hunterjm, @uvjustin, mind taking a look at this issue as its been labeled with an integration (stream) you are listed as a codeowner for? Thanks!
(message by CodeOwnersMention)
viktor6
commented
3 years ago The broadcast from the srisam camera also stopped working for me.
Home Assistant Core release with the issue: 0.118.4 Operating environment (OS/Container/Supervised/Core): HassOS 4.17 RaspberryPI 3B+, Supervisor 2020.12.2
Logger: homeassistant.components.stream.worker
Source: components/stream/worker.py:83
Integration: Stream (documentation, issues)
First occurred: 22:37:12 (1 occurrences)
Last logged: 22:37:12
Error opening stream rtsp://admin:12345678@192.168.0.107:554/onvif1
Logger: homeassistant.components.onvif
Source: components/onvif/device.py:205
Integration: ONVIF (documentation, issues)
First occurred: 22:52:09 (1 occurrences)
Last logged: 22:52:09
Couldn't get device 'cam' date/time. Error: can't handle event type ConnectionClosed when role=SERVER and state=SEND_RESPONSE
Logger: aiohttp.server
Source: components/onvif/config_flow.py:242
First occurred: 23:02:47 (1 occurrences)
Last logged: 23:02:47
Error handling request
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/httpx/_exceptions.py", line 326, in map_exceptions
yield
File "/usr/local/lib/python3.8/site-packages/httpx/_client.py", line 1502, in _send_single_request
(status_code, headers, stream, ext,) = await transport.arequest(
File "/usr/local/lib/python3.8/site-packages/httpcore/_async/connection_pool.py", line 218, in arequest
response = await connection.arequest(
File "/usr/local/lib/python3.8/site-packages/httpcore/_async/connection.py", line 106, in arequest
return await self.connection.arequest(method, url, headers, stream, ext)
File "/usr/local/lib/python3.8/site-packages/httpcore/_async/http11.py", line 72, in arequest
) = await self._receive_response(timeout)
File "/usr/local/lib/python3.8/site-packages/httpcore/_async/http11.py", line 133, in _receive_response
event = await self._receive_event(timeout)
File "/usr/local/lib/python3.8/site-packages/httpcore/_async/http11.py", line 169, in _receive_event
event = self.h11_state.next_event()
File "/usr/local/lib/python3.8/contextlib.py", line 131, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/local/lib/python3.8/site-packages/httpcore/_exceptions.py", line 12, in map_exceptions
raise to_exc(exc) from None
httpcore.RemoteProtocolError: can't handle event type ConnectionClosed when role=SERVER and state=SEND_RESPONSE
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/aiohttp/web_protocol.py", line 422, in _handle_request
resp = await self._request_handler(request)
File "/usr/local/lib/python3.8/site-packages/aiohttp/web_app.py", line 499, in _handle
resp = await handler(request)
File "/usr/local/lib/python3.8/site-packages/aiohttp/web_middlewares.py", line 118, in impl
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/request_context.py", line 18, in request_context_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/ban.py", line 72, in ban_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/auth.py", line 127, in auth_middleware
return await handler(request)
File "/usr/src/homeassistant/homeassistant/components/http/view.py", line 129, in handle
result = await result
File "/usr/src/homeassistant/homeassistant/components/config/config_entries.py", line 169, in post
return await super().post(request, flow_id)
File "/usr/src/homeassistant/homeassistant/components/http/data_validator.py", line 60, in wrapper
result = await method(view, request, *args, **kwargs)
File "/usr/src/homeassistant/homeassistant/helpers/data_entry_flow.py", line 106, in post
result = await self._flow_mgr.async_configure(flow_id, data)
File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 155, in async_configure
result = await self._async_handle_step(flow, cur_step["step_id"], user_input)
File "/usr/src/homeassistant/homeassistant/data_entry_flow.py", line 213, in _async_handle_step
result: Dict = await getattr(flow, method)(user_input)
File "/usr/src/homeassistant/homeassistant/components/onvif/config_flow.py", line 170, in async_step_auth
return await self.async_step_profiles()
File "/usr/src/homeassistant/homeassistant/components/onvif/config_flow.py", line 242, in async_step_profiles
profiles = await media_service.GetProfiles()
File "/usr/local/lib/python3.8/site-packages/zeep/proxy.py", line 64, in __call__
return await self._proxy._binding.send_async(
File "/usr/local/lib/python3.8/site-packages/zeep/wsdl/bindings/soap.py", line 156, in send_async
response = await client.transport.post_xml(
File "/usr/local/lib/python3.8/site-packages/zeep/transports.py", line 230, in post_xml
response = await self.post(address, message, headers)
File "/usr/local/lib/python3.8/site-packages/zeep/transports.py", line 215, in post
response = await self.client.post(
File "/usr/local/lib/python3.8/site-packages/httpx/_client.py", line 1633, in post
return await self.request(
File "/usr/local/lib/python3.8/site-packages/httpx/_client.py", line 1371, in request
response = await self.send(
File "/usr/local/lib/python3.8/site-packages/httpx/_client.py", line 1406, in send
response = await self._send_handling_auth(
File "/usr/local/lib/python3.8/site-packages/httpx/_client.py", line 1444, in _send_handling_auth
response = await self._send_handling_redirects(
File "/usr/local/lib/python3.8/site-packages/httpx/_client.py", line 1476, in _send_handling_redirects
response = await self._send_single_request(request, timeout)
File "/usr/local/lib/python3.8/site-packages/httpx/_client.py", line 1502, in _send_single_request
(status_code, headers, stream, ext,) = await transport.arequest(
File "/usr/local/lib/python3.8/contextlib.py", line 131, in __exit__
self.gen.throw(type, value, traceback)
File "/usr/local/lib/python3.8/site-packages/httpx/_exceptions.py", line 343, in map_exceptions
raise mapped_exc(message, **kwargs) from exc # type: ignore
httpx.RemoteProtocolError: can't handle event type ConnectionClosed when role=SERVER and state=SEND_RESPONSE
andriej
commented
3 years ago I was about to put this up as an issue too.
In my opinion it (log-output) should be regex'ed and if there's presence of an X and Y in ****://X:Y@..., it should be redacted from an output, either totally or left with 1 character of login and pass or something like that. But that could leave also potential risk, because:
a**:a*** would clearly say it's admin:admin ;-)
The problem
When you check the logging after opening a rtsp stream (in my case a foscam c1 integration) the full path of the stream is visible in the logging, including username and password. Don't think that username and password should be visible there.
Environment
Problem-relevant
configuration.yamlconfiguration.yaml logger: default: info
logging lines. 2020-11-05 12:53:12 INFO (MainThread) [homeassistant.components.stream] Started stream: rtsp://username:password@192.168.x.x:554/videoMain 2020-11-05 12:58:25 INFO (MainThread) [homeassistant.components.stream] Stopped stream: rtsp://username:password@192.168.x.x:554/videoMain