Support more special chars in camera passwords (#4259)

* Support more special chars in camera passwords

* End password test with double @ chars

* Escape passwords in paths for go2rtc

* Fixes for formatting
This commit is contained in:
Nate Meyer 2022-11-05 22:42:32 -04:00 committed by GitHub
parent 95343b6094
commit 40cb5102b0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 15 additions and 7 deletions

View File

@ -9,4 +9,4 @@ PLUS_API_HOST = "https://api.frigate.video"
# Regex Consts
REGEX_CAMERA_NAME = "^[a-zA-Z0-9_-]+$"
REGEX_CAMERA_USER_PASS = "[a-zA-Z0-9_-]+:[a-zA-Z0-9!*'();:@&=+$,?%#_-]+@"
REGEX_CAMERA_USER_PASS = ":\/\/[a-zA-Z0-9_-]+:[\S]+@"

View File

@ -3,6 +3,7 @@
import logging
import requests
from frigate.util import escape_special_characters
from frigate.config import FrigateConfig
@ -34,10 +35,12 @@ class RestreamApi:
input.path.startswith("rtsp")
and not camera.restream.force_audio
):
self.relays[cam_name] = input.path
self.relays[cam_name] = escape_special_characters(input.path)
else:
# go2rtc only supports rtsp for direct relay, otherwise ffmpeg is used
self.relays[cam_name] = get_manual_go2rtc_stream(input.path)
self.relays[cam_name] = get_manual_go2rtc_stream(
escape_special_characters(input.path)
)
for name, path in self.relays.items():
params = {"src": path, "name": name}

View File

@ -8,7 +8,9 @@ from frigate.util import clean_camera_user_pass, escape_special_characters
class TestUserPassCleanup(unittest.TestCase):
def setUp(self) -> None:
self.rtsp_with_pass = "rtsp://user:password@192.168.0.2:554/live"
self.rtsp_with_special_pass = "rtsp://user:password#$@@192.168.0.2:554/live"
self.rtsp_with_special_pass = (
"rtsp://user:password`~!@#$%^&*()-_;',.<>:\"\{\}\[\]@@192.168.0.2:554/live"
)
self.rtsp_no_pass = "rtsp://192.168.0.3:554/live"
def test_cleanup(self):
@ -25,7 +27,10 @@ class TestUserPassCleanup(unittest.TestCase):
def test_special_char_password(self):
"""Test that special characters in pw are escaped, but not others."""
escaped = escape_special_characters(self.rtsp_with_special_pass)
assert escaped == "rtsp://user:password%23%24%40@192.168.0.2:554/live"
assert (
escaped
== "rtsp://user:password%60~%21%40%23%24%25%5E%26%2A%28%29-_%3B%27%2C.%3C%3E%3A%22%5C%7B%5C%7D%5C%5B%5C%5D%40@192.168.0.2:554/live"
)
def test_no_special_char_password(self):
"""Test that no change is made to path with no special characters."""

View File

@ -635,13 +635,13 @@ def load_labels(path, encoding="utf-8"):
def clean_camera_user_pass(line: str) -> str:
"""Removes user and password from line."""
# todo also remove http password like reolink
return re.sub(REGEX_CAMERA_USER_PASS, "*:*@", line)
return re.sub(REGEX_CAMERA_USER_PASS, "://*:*@", line)
def escape_special_characters(path: str) -> str:
"""Cleans reserved characters to encodings for ffmpeg."""
try:
found = re.search(REGEX_CAMERA_USER_PASS, path).group(0)[:-1]
found = re.search(REGEX_CAMERA_USER_PASS, path).group(0)[3:-1]
pw = found[(found.index(":") + 1) :]
return path.replace(pw, urllib.parse.quote_plus(pw))
except AttributeError: