Opened 2 years ago

Last modified 13 months ago

#9127 new defect

ffmpeg unauthorized error with rtsp url

Reported by: Suraj Ketan Samal Owned by:
Priority: normal Component: undetermined
Version: unspecified Keywords: rtsp
Cc: suraj.samal@idemia.com Blocked By:
Blocking: Reproduced by developer: no
Analyzed by developer: no

Description

Summary of the bug:
FFmpeg fails to authenticate with some rtsp url with digest authentication. The same url works well with vlc as well as gstreamer

Steps to reproduce:
ffmpeg -rtsp_transport tcp -i rtsp://<user>:<password>@10.127.117.207:554/live/1F7FC512-53F6-495E-9567-D5442DDDC763 -loglevel debug -ss 00:00:00 -frames:v 1 aa.jpg

Please see attached log for detailed trace of the steps where it fails.

Attachments (3)

trace.log (33.4 KB ) - added by Suraj Ketan Samal 2 years ago.
ffmpeg output with trace
trace-latest-git-head.log (32.8 KB ) - added by Suraj Ketan Samal 2 years ago.
error trace of latest git head
test.patch (652 bytes ) - added by Andriy Gelman 2 years ago.

Download all attachments as: .zip

Change History (9)

by Suraj Ketan Samal, 2 years ago

Attachment: trace.log added

ffmpeg output with trace

comment:1 by Suraj Ketan Samal, 2 years ago

Cc: suraj.samal@idemia.com added
Component: undeterminedffmpeg

comment:2 by Carl Eugen Hoyos, 2 years ago

Component: ffmpegundetermined
Keywords: url removed
Priority: importantnormal
Reproduced by developer: unset
Version: 4.1.4unspecified

Please test current FFmpeg git head.

comment:3 by Suraj Ketan Samal, 2 years ago

Happening with version 4.3.2 as well.. ( tested with static build from https://johnvansickle.com/ffmpeg/).

ffmpeg version 4.3.2-static https://johnvansickle.com/ffmpeg/ Copyright (c) 2000-2021 the FFmpeg developers

built with gcc 8 (Debian 8.3.0-6)
configuration: --enable-gpl --enable-version3 --enable-static --disable-debug --disable-ffplay --disable-indev=sndio --disable-outdev=sndio --cc=gcc --enable-fontconfig --enable-frei0r --enable-gnutls --enable-gmp --enable-libgme --enable-gray --enable-libaom --enable-libfribidi --enable-libass --enable-libvmaf --enable-libfreetype --enable-libmp3lame --enable-libopencore-amrnb --enable-libopencore-amrwb --enable-libopenjpeg --enable-librubberband --enable-libsoxr --enable-libspeex --enable-libsrt --enable-libvorbis --enable-libopus --enable-libtheora --enable-libvidstab --enable-libvo-amrwbenc --enable-libvpx --enable-libwebp --enable-libx264 --enable-libx265 --enable-libxml2 --enable-libdav1d --enable-libxvid --enable-libzvbi --enable-libzimg
libavutil 56. 51.100 / 56. 51.100
libavcodec 58. 91.100 / 58. 91.100
libavformat 58. 45.100 / 58. 45.100
libavdevice 58. 10.100 / 58. 10.100
libavfilter 7. 85.100 / 7. 85.100
libswscale 5. 7.100 / 5. 7.100
libswresample 3. 7.100 / 3. 7.100
libpostproc 55. 7.100 / 55. 7.100

Splitting the commandline.
Reading option '-rtsp_transport' ... matched as AVOption 'rtsp_transport' with argument 'tcp'.
Reading option '-i' ... matched as input url with argument 'rtsp://admin:Secret123@10.127.117.207:554/live/1F7FC512-53F6-495E-9567-D5442DDDC763'.
Reading option '-loglevel' ... matched as option 'loglevel' (set logging level) with argument 'debug'.
Reading option '-ss' ... matched as option 'ss' (set the start time offset) with argument '00:00:00'.
Reading option '-frames:v' ... matched as option 'frames' (set the number of frames to output) with argument '1'.
Reading option 'aa.jpg' ... matched as output url.
Finished splitting the commandline.
Parsing a group of options: global .
Applying option loglevel (set logging level) with argument debug.
Successfully parsed a group of options.
Parsing a group of options: input url rtsp://admin:Secret123@10.127.117.207:554/live/1F7FC512-53F6-495E-9567-D5442DDDC763.
Successfully parsed a group of options.
Opening an input file: rtsp://admin:Secret123@10.127.117.207:554/live/1F7FC512-53F6-495E-9567-D5442DDDC763.
[tcp @ 0x76f2f00] No default whitelist set
[tcp @ 0x76f2f00] Original list of addresses:
[tcp @ 0x76f2f00] Address 10.127.117.207 port 554
[tcp @ 0x76f2f00] Interleaved list of addresses:
[tcp @ 0x76f2f00] Address 10.127.117.207 port 554
[tcp @ 0x76f2f00] Starting connection attempt to 10.127.117.207 port 554
[tcp @ 0x76f2f00] Successfully connected to 10.127.117.207 port 554
[rtsp @ 0x76f0bc0] method DESCRIBE failed: 401 Unauthorized
[rtsp @ 0x76f0bc0] CSeq: 3
Date: Fri, Feb 26 2021 10:03:48 GMT
WWW-Authenticate: Digest realm="RtspServerLibrary", nonce="zvZydfZTLXrXs8YCTaY3xvDv4FQxZKC1", algorithm="MD5"
WWW-Authenticate: Digest realm="RtspServerLibrary", nonce="zvZydfZTLXrXs8YCTaY3xvDv4FQxZKC1", algorithm="SHA-256"

rtsp://admin:Secret123@10.127.117.207:554/live/1F7FC512-53F6-495E-9567-D5442DDDC763: Server returned 401 Unauthorized (authorization failed)

by Suraj Ketan Samal, 2 years ago

Attachment: trace-latest-git-head.log added

error trace of latest git head

comment:4 by Andriy Gelman, 2 years ago

The problem is that sha-256 overwrites the md5 option.. and doesn't look that we support sha-256 in authentication part.

Could you try this patch to check that the analysis is correct?

Last edited 2 years ago by Andriy Gelman (previous) (diff)

comment:5 by Andriy Gelman, 2 years ago

Last edited 2 years ago by Andriy Gelman (previous) (diff)

by Andriy Gelman, 2 years ago

Attachment: test.patch added

comment:6 by Balling, 13 months ago

Is not this a duplicate of #7873?

Note: See TracTickets for help on using tickets.