windows viewer and 1.21.4

Support and queries relating to all previous versions of ZoneMinder
jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK
Contact:

windows viewer and 1.21.4

Post by jameswilson » Tue Nov 22, 2005 7:21 pm

Phil or anyone wo knows
I have just upgraded my home server to 1.21.4 and my viewer stopped working with it.
But if i change ZM_AUTH_Relay to plain all is ok.
Now obviously this is fine and dandy but does that mean that zm itself will use plain authentication when accessing things?

If so i need to modify the viewer the request a hash every so often
So am i right (please tell me im not LOL)
how would i go about requesting a hash pass and how often do i need to do this to keep the viwer going for days on end?

James

BTW WHAT AN UPGRADE
the timeline thing is amazing and i now have more options than i understand!
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk

User avatar
zoneminder
Site Admin
Posts: 5220
Joined: Wed Jul 09, 2003 2:07 pm
Location: Bristol, UK
Contact:

Post by zoneminder » Wed Nov 23, 2005 10:24 am

Does it work if you use hashed authentication but turn off the include IP option? What method did the viewer use before?

Phil

jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK
Contact:

Post by jameswilson » Wed Nov 23, 2005 11:46 am

the viewer uses zms to get images and adds the current user name and password to the end of the url
ie user=stream&pass=stream
On the old one if i had hashed authetication on i could still request images with plain but all window urls would show hashed auth not plain

James
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk

User avatar
zoneminder
Site Admin
Posts: 5220
Joined: Wed Jul 09, 2003 2:07 pm
Location: Bristol, UK
Contact:

Post by zoneminder » Wed Nov 23, 2005 1:01 pm

Hmm, how did you generate the hashes?

Phil

jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK
Contact:

Post by jameswilson » Wed Nov 23, 2005 1:15 pm

i didnt i thought about it ie generating a hash at login and at regular intervals and sending that instead but decided the benifit was to small for the effort involved.
The reson i found this was i upgraded my server at home and could no longer see my cams in my viewer so i changed auth to plain, restarted then i could. But now i assume that zm will use plain auth internally as well? What i was wondering is can i keep using hashed auth internally on zm but use plain or hashed to access zms?
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk

User avatar
zoneminder
Site Admin
Posts: 5220
Joined: Wed Jul 09, 2003 2:07 pm
Location: Bristol, UK
Contact:

Post by zoneminder » Wed Nov 23, 2005 1:42 pm

I'm a bit confused now :?

Can you give an example of a url that used to work and now doesn't? If it has hashes in it, those hashes should only be valid for a short period of time so if they kept working then something would have been wrong.

Phil

User avatar
cordel
Posts: 5210
Joined: Fri Mar 05, 2004 4:47 pm
Location: /USA/Washington/Seattle
Contact:

Post by cordel » Wed Nov 23, 2005 1:49 pm

I'm pretty sure he loged in like so:
http://192.168.10.20/cgi-bin/zm/zms?mod ... zmuserpass

Regards,
Cordel

User avatar
zoneminder
Site Admin
Posts: 5220
Joined: Wed Jul 09, 2003 2:07 pm
Location: Bristol, UK
Contact:

Post by zoneminder » Wed Nov 23, 2005 1:58 pm

Ah, I get it now I think. So basically even if hashed authentication was selected it would let you use plaintext? Yes, I suspect I may have blatted that in zms. I did the same in zmu and then restored it but I hadn't considered that anyone might use zms like that. I'll put it back in 1.21.5 which won't be too long. In the meantime I can post a patch if you like. Actually I'll do it anyway.

Code: Select all

--- zms.cpp	20 Oct 2005 15:42:40 -0000	1.37
+++ zms.cpp	23 Nov 2005 13:50:14 -0000
@@ -116,14 +116,14 @@
 				ttl = atoi(value);
 			else if ( config.opt_use_auth )
 			{
-				if ( strcmp( config.auth_relay, "hashed" ) == 0 )
+				//if ( strcmp( config.auth_relay, "hashed" ) == 0 )
 				{
 					if ( !strcmp( name, "auth" ) )
 					{
 						strncpy( auth, value, sizeof(auth) );
 					}
 				}
-				else if ( strcmp( config.auth_relay, "plain" ) == 0 )
+				//else if ( strcmp( config.auth_relay, "plain" ) == 0 )
 				{
 					if ( !strcmp( name, "user" ) )
 					{
Phil

jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK
Contact:

Post by jameswilson » Wed Nov 23, 2005 2:04 pm

thanks Phil.
Ill wait for 1.21.5 as im still just on rpms i need to sit down an dlearn how to do all this patching and compliling ec.

BTW will 1.21.5 have the alarm status thing on it too?
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk

User avatar
zoneminder
Site Admin
Posts: 5220
Joined: Wed Jul 09, 2003 2:07 pm
Location: Bristol, UK
Contact:

Post by zoneminder » Wed Nov 23, 2005 2:15 pm

Yes. If you want anything else in there as well don't forget to ask!

Phil

jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK
Contact:

Post by jameswilson » Wed Nov 23, 2005 2:20 pm

will do
Just a thought is it possible to query the bd through html commands, im just thinking that i will have a load of querires about playback not working when i replease that ug, beacuse people would need to allow mysql to accept external ip conns and create the relevant user and permissions hosts etc.
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk

User avatar
cordel
Posts: 5210
Joined: Fri Mar 05, 2004 4:47 pm
Location: /USA/Washington/Seattle
Contact:

Post by cordel » Wed Nov 23, 2005 2:25 pm

how hard would it be to have as an option? I know that the options window is getting a bit busy so maybe for more spacific things like this could just be placed in zm.conf. Since most users will want it say hashed through all modules any one else could overide small things like this as it's more administative there no need to have it accessable in the web page.

Just a thought ;)

Cordel

jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK
Contact:

Post by jameswilson » Wed Nov 23, 2005 2:28 pm

Corey,
Im thinking of having a tabbed option page now as its getting a bit out of control (your ganna need a 21" monitor soon)
Problem is i cant handle hased auth from my app at the mo. It wouldnt be too hard to add (i dont think) as all id need to do is request a hash from the zm box and stire it and pass that instead. Id also need to update the hash at whatever freq as i beleive it times out.
So its not even availabel as an option at the mo and the only security risk is if the used pass has a high level access to zm and its packet sniffed as its not displayed anywhere in the app, just processed internally
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk

jameswilson
Posts: 5111
Joined: Wed Jun 08, 2005 8:07 pm
Location: Midlands UK
Contact:

Post by jameswilson » Wed Nov 23, 2005 2:30 pm

So are you using this viewer corey?
James Wilson

Disclaimer: The above is pure theory and may work on a good day with the wind behind it. etc etc.
http://www.securitywarehouse.co.uk

User avatar
cordel
Posts: 5210
Joined: Fri Mar 05, 2004 4:47 pm
Location: /USA/Washington/Seattle
Contact:

Post by cordel » Wed Nov 23, 2005 3:03 pm

I haven't really got anything to run it on :? All my windooze machines disapeared :lol: They all sucome to a higher power (well and a few got fried in a recent storm).
I want too. I'll have to load it on my laptop. It could use being powered on any way :D

Post Reply

Who is online

Users browsing this forum: No registered users and 30 guests