Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RSTP password is shown in log #110891

Closed
yjlin0224 opened this issue Feb 18, 2024 · 5 comments · Fixed by #120867
Closed

RSTP password is shown in log #110891

yjlin0224 opened this issue Feb 18, 2024 · 5 comments · Fixed by #120867
Assignees
@hunterjm @allenporter @uvjustin
Labels
integration: stream

Comments

@yjlin0224
Copy link

The problem

I am using https://github.com/JurajNyiri/HomeAssistant-Tapo-Control to control and monitor my Tapo C125 camera.
When the stream of my camera is not working in HA, I check and found this issue.
I report this issue to JurajNyiri/HomeAssistant-Tapo-Control#519, and the issue was closed due to the log was come from https://www.home-assistant.io/integrations/stream/, not tapo's.

In this screenshot, I use green color to block the username and password of rstp uri, and red box show some password is already become *, so I think there may be some places where the password is not processed.
圖片

What version of Home Assistant Core has the issue?

core-2024.2.2

What was the last working version of Home Assistant Core?

core-2024.2.2

What type of installation are you running?

Home Assistant Core

Integration causing the issue

Stream

Link to integration documentation on our website

https://www.home-assistant.io/integrations/stream/

Diagnostics information

No response

Example YAML snippet

No response

Anything in the logs that might be useful for us?

No response

Additional information

No response
@home-assistant
Copy link

Hey there @hunterjm, @uvjustin, @allenporter, mind taking a look at this issue as it has been labeled with an integration (stream) you are listed as a code owner for? Thanks!

Code owner commands

Code owners of stream can trigger bot actions by commenting:

  • @home-assistant close Closes the issue.
  • @home-assistant rename Awesome new title Renames the issue.
  • @home-assistant reopen Reopen the issue.
  • @home-assistant unassign stream Removes the current integration label and assignees on the issue, add the integration domain after the command.
  • @home-assistant add-label needs-more-information Add a label (needs-more-information, problem in dependency, problem in custom component) to the issue.
  • @home-assistant remove-label needs-more-information Remove a label (needs-more-information, problem in dependency, problem in custom component) on the issue.

(message by CodeOwnersMention)

stream documentation
stream source
(message by IssueLinks)

@Headkillah
Copy link

First, i´m using version 0.64 from "reolink_dev". I have 2x E1 Outdoor and 1 Reolink Video Doorbell WiFi.

I can confirm the errors. For some errors, username/password are displayed with ***

I think that the error is in the stream worker code. When it comes to the error "Error demuxing stream: [Errno 110] Operation timed out" then the username/password is displayed as a clear name.

Some additional information about the error, all come from the Reolink Video Doorbell WiFi.

Error from stream worker: Error opening stream (HTTP_NOT_FOUND, Server returned 404 Not Found)

  • NO problem with username/password

Error from stream worker: Error opening stream (ERRORTYPE_110, Operation timed out)

  • NO problem with username/password

Error from stream worker: Error opening stream (INVALIDDATA, Invalid data found when processing input)

  • NO problem with username/password

If the following errors occur, username/password are displayed in plain names:

Error demuxing stream: [Errno 110] Operation timed out:
- last error log: [NULL] Picture timing SEI payload too large
- last error log: [h264] error while decoding
- last error log: [h264] no frame!
- Error demuxing stream while finding first packet

@kernelpanic85
Copy link
Contributor

I see this as well in my logs for the Error demuxing stream message. Could we mask the password so it does not show up in the logs?

@sezlony
Copy link

sezlony commented Apr 30, 2024
edited
Loading

do we really have to have our passwords be visible unencrypted in logs? 😕

Error from stream worker: Error demuxing stream: [Errno 110] Operation timed out: 'rtsp://[redacted]:[redacted]@192.168.1.6:554/Preview_01_sub'

@allenporter allenporter mentioned this issue May 22, 2024
Closed
@allenporter
Copy link
Contributor

Stream today has code to redact credentials and so the update that needs to happen is for this log line to also use it:

core/homeassistant/components/stream/__init__.py

Line 448 in d1bdf73

self._logger.error("Error from stream worker: %s", str(err))
-- that code is printing exceptions thrown by pyav which are including the url.

@allenporter allenporter mentioned this issue Jun 30, 2024
Merged
20 tasks
@github-actions github-actions bot locked and limited conversation to collaborators Aug 4, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@hunterjm hunterjm

@allenporter allenporter

@uvjustin uvjustin

Labels
integration: stream
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Improve redaction for stream error messages allenporter/home-assistant-core
7 participants
@hunterjm @allenporter @yjlin0224 @Headkillah @uvjustin @kernelpanic85 @sezlony