We have moved at community.getvera.com

Author Topic: Battling with UI5 and another Dahua IPCAM  (Read 1254 times)

Offline rlmalisz

  • Sr. Member
  • ****
  • Posts: 400
  • Karma: +1/-0
Battling with UI5 and another Dahua IPCAM
« on: December 03, 2018, 05:07:45 pm »
I have several older models working, but this new guy insists on digest authentication.  Annoying, since that offers zero improvement in security, but seems fashionable.  I've gone a couple rounds trying to add the camera manually to a V+ running UI7, since that supposedly supports digest, but the MCV doc explaining how to manually add a camera is missing some important details, like how you're supposed to add the snapshot URL, etc.  Anyway, I haven't had much luck with UI7, and the "wizard" for adding cameras seems pretty brain-damaged.

I had written my own implementation file for the Dahuas, which work fine.  So I made a modified version that eschews stuffing the user/pass into the front of the URL strings, and instead appends "&auth=XXXXXXXX", where the XX's are the b64 encode of "user:password".  The same URL, assembled by hand, works great with every browser I have tried.  But of course, Vera gives me "camera requires valid user and password".  I've looked at the logs on the Vera, and while you might hope those snapshotURL HTTP requests would be getting logged in NetworkMonitor.log, they're not.  And NetworkMonitor seems to die periodically for no good reason, and no-one starts it back up.  The periodic requests are not coming out of the I-file, the D-file or S-file that I can ascertain, so I can't add scaffolding there.  The camera isn't logging the failed auth attempts in any useful way.  I believe I've got the magic string right, but am pretty sure UI5 is adding some "value" before sending it on that breaks it.  But have not been able to have a good look at the URL and params actually being sent.  Have done some Wiresharking, but it's hard to get the actual traffic that NetworkMonitor should be logging on Vera.  I may set up a dummy "camera" via PHP, and at least get the params being sent, if not the actual request.  And may give up and set up a little proxy that catches the Vera requests, cleans them up and sends them on with auth correctly formatted.

Thought I'd ask here if anyone has any bright ideas on how to attack this.  We really like the camera.  It's not do or die to have them show up in Vera (and Homewave), but this one's replacing a Foscam that lost its mind a week or two back, and it's really nice to be able to do a quick sanity check after leaving home to make sure the garage doors got closed.