Bluecherry Web UI -> Devices Test authenication

[curtishall]

For the "Path to RTSP" and the "Substream path" we need a button that the user can click that verifies the connection to the RTSP source. ffprobe should be able to do that.

Right now when a customer adds a RTSP source (usually a camera) they will have no idea if the connection was established or not unless they look at the bluecherry.log or open the client, neither which is very efficient for someone who just needs to add a bunch of cameras and test the connections.

Running ffprobe with json output should provide enough details that we can report back to the user such as:

• Invalid password (sometimes returns an auth error)
• Invalid RTSP path (returns 404)

ffprobe will stall out if if the RTSP source is offline:

time ffprobe -v quiet -print_format json -show_streams "rtsp://wowzaec2demo.streamlock.net/vod/mp4:BigBuckBunny_115k.mov"
{

}
real	2m11.136s

Thus it's better to 'ping' the IP before we attempt ffprobe.

Once a connection is established it would also be nice to return the resolution, fps and frame rate:

ffprobe -v quiet -print_format json -show_streams "rtsp://url"
```
Examples to return:

           "codec_name": "h264",
            "codec_long_name": "H.264 / AVC / MPEG-4 AVC / MPEG-4 part 10",
            "profile": "Constrained Baseline",
            "width": 1920,
            "height": 1080,
            "avg_frame_rate": "24/1",

[curtishall]

@andrey-utkin

For simple authentication checking we already have a function in lib/lib.php:

public function checkConnection

Perhaps a quick curl command:

https://curl.se/libcurl/c/CURLOPT_RTSP_STREAM_URI.html

[JahleelAbraham]

@curtishall

For simple authentication checking we already have a function in lib/lib.php:
public function checkConnection

This function doesn't seem to care if the password is correct or not.

Upon further investigation it appears that the camera's I tested will all pass this connection test because the test checks if the return status was 200 OK. However this is true every time because for example the function will test this URL http://admin:[email protected]:80 (Note how camera1234 is not the devices password) and it will redirect to http://192.168.86.109/doc/page/login.asp?_1709838069143 which will return 200 OK. (This behaviour is also true if the password is correct.)

Either this function needs to be rewritten or it is not used in testing authentication.

[curtishall]

How about using curl to check auth?

[JahleelAbraham]

Apologies for the late reply. Correct me if I am misunderstood in what you were trying to say

I have tried using both the user flag curl --user admin:camera123 http://192.168.86.91 and URL curl http://admin:[email protected]:80 and both have the same response as I outlined above.

The response from curl -v "rtsp://admin:[email protected]:554/Streaming/Channels/101?transportmode=unicast&profile= Profile_1" RTSP/1.0 is 405 Not Allowed

[andrey-utkin]

ffprobe can be given timeout value (but really that's libavformat option):

 $ time ffprobe -hide_banner  -print_format json -show_streams -timeout 10000000 "rtsp://wowzaec2demo.streamlock.net/vod/mp4:BigBuckBunny_115k.mov"
{
[tcp @ 0x55c4493fdc80] Connection to tcp://wowzaec2demo.streamlock.net:554?timeout=10000000 failed: Connection timed out
rtsp://wowzaec2demo.streamlock.net/vod/mp4:BigBuckBunny_115k.mov: Connection timed out

}

real    0m10.178s
user    0m0.106s
sys     0m0.045s

curl invocation is indeed deceptive as it returns 200 OK even with wrong credentials:

 $ curl -v "rtsp://admin:[email protected]:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1"
* processing: rtsp://admin:[email protected]:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1
*   Trying 192.168.86.109:554...
* Connected to 192.168.86.109 (192.168.86.109) port 554
* Server auth using Basic with user 'admin'
> OPTIONS * RTSP/1.0
> CSeq: 1
> User-Agent: curl/8.2.1
> Authorization: Basic YWRtaW46Y2FtZXJhMTIzNA==
>
< RTSP/1.0 200 OK
< CSeq: 1
< Public: OPTIONS, DESCRIBE, PLAY, PAUSE, SETUP, TEARDOWN, SET_PARAMETER, GET_PARAMETER
< Date:  Fri, Mar 08 2024 05:29:02 GMT
<
* Connection #0 to host 192.168.86.109 left intact
[OK]


 $ ffplay -hide_banner "rtsp://admin:[email protected]:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1"
[rtsp @ 0x7f0c18000c80] method DESCRIBE failed: 401 Unauthorized0
rtsp://admin:[email protected]:554/Streaming/Channels/101?transportmode=unicast&profile=Profile_1: Server returned 401 Unauthorized (authorization failed)

(the password is wrong)

[andrey-utkin]

For simple authentication checking we already have a function in lib/lib.php:
public function checkConnection

I suggest we call ffprobe with timeout option in it. RTSP demuxer takes timeout in microseconds: https://ffmpeg.org//ffmpeg-protocols.html#Demuxer

I find what checkConnection does for $paths['mjpeg'] and $paths['http'] a bit strange: why does it assume both URLs would work. But we can leave it for another time.