Opened 4 years ago
Closed 4 years ago
#8560 closed defect (fixed)
Digest authentication failed when password contains '+' character
| Reported by: | k2w2yut | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | avformat |
| Version: | unspecified | Keywords: | rtsp |
| Cc: | Blocked By: | ||
| Blocking: | Reproduced by developer: | no | |
| Analyzed by developer: | no |
Description
Summary of the bug:
- Attempting to connect to RTSP with digest authentication by including user:password
- After DESCRIBE failed with 401, received realm and nonce
- Attempting to reconnect will failed
- Check the trace log found that the response MD5 was incorrect generated, therefore, authentication failed
Workaround:
- Replace '+' with another url-safe sign works
- Avoid including plus character '+' in the password (haven't test with other params, and not putting '+' at the end doesn't help)
How to reproduce:
% ffmpeg -loglevel trace -i "rtsp://test1:Hilook265+@192.168.2.102/Streaming/Channels/101"
Attachments (1)
Change History (4)
by , 4 years ago
| Attachment: | ffmpeg-md5-bug.log added |
|---|
comment:1 by , 4 years ago
libavformat/httpauth.c make_digest_auth
- Generating A1hash, A2hash logic seems to be legit just for reading the code
I couldn't debug MD5 methods further without recompiled or GDB
comment:2 by , 4 years ago
| Keywords: | authentication md5 removed |
|---|---|
| Version: | 3.4.6 → unspecified |
Please test current FFmpeg git head, the only version supported on this bug tracker.
comment:3 by , 4 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
This is most probably already fixed in 3004ef1b1b1bcd6bec4ad3509662ab1a4b644149. Reopen if not.
Note:
See TracTickets
for help on using tickets.
loglevel trace fro mthe run