[Live-devel] Vivatek digest authentication

Ross Finlayson finlayson at live555.com
Sat Mar 24 00:51:31 PDT 2012


> Live555 version 2012.02.29 is not compatible with Vivotek camera digest authentication.

(Why do I always get these sorts of reports from 3rd parties, and never from the camera manufacturers themselves?)


> This is what Vivotek IP8161 camera sends when it cannot authrorize the client:
>  
> - Rtsp: RESPONSE, RTSP/1.0, Status Code = 401 - Unauthorized
>   - Response: Status of response : Unauthorized
>      ProtocolVersion: RTSP/1.0
>      StatusCode: 401, Unauthorized
>      Reason: Unauthorized
>      CSeq: 3
>      WWW-Authenticate: Digest qop="auth",realm="streaming_server",nonce="bfd4e04b78959b55aeb1167adfabcec5"

The problem is the
	qop="auth",
part of the "WWW-Authenticate:" header.  This is non-standard in RTSP, because:
	1/ The RTSP specification (RFC 2326) uses RFC 2069 to define the digest authentication mechanism.
	2/ RFC 2069 does not define the "qop" parameter.  (Although that parameter was later defined in RFC 2617 (which updated RFC 2609), it was not defined in the version of the document that was referenced by the RTSP specification.)

Therefore, Vivotek should update their cameras to remove the 
	qop="auth",
string from their "WWW-Authenticate:" strings, and thereby properly conform to the RTSP standard.  (Note that if they do this, they will still be compatible with any RTSP client implementation that happens to use the RFC 2617 specification, because - in that document - qop="auth" is defined to be the default behavior, to be used if the "qop" parameter is not present.)

(Feel free to forward this message to Vivotek's technical support.)

Ross Finlayson
Live Networks, Inc.
http://www.live555.com/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.live555.com/pipermail/live-devel/attachments/20120324/b89ddc21/attachment-0001.html>


More information about the live-devel mailing list