无法使用C#连接到启用OnVif的摄像头

时间:2013-08-09 15:05:35

标签: c# wsdl wireshark digest-authentication onvif

我第一次使用IPCams,我正在尝试连接到OnVif相机。我已经查看了各种论坛和堆栈溢出,我已经提出了以下代码。我知道代码没有做任何有用的事情,但它只是现在的概念证明。它找到了我网络上的所有4个摄像头,然后我手动连接到其中一个摄像头以撤回一些信息,例如 GetServices

我在这个阶段得到400个错误的响应错误。我已经使用WireShark查看了来回流量,看来一切正常,关于生成的密码,据我所知(安全和加密根本不是我的区域!)。

任何人都可以提供帮助或建议吗?

class Program
{

    static void Main(string[] args)
    {
        var endPoint = new UdpDiscoveryEndpoint(DiscoveryVersion.WSDiscoveryApril2005);

        var discoveryClient = new DiscoveryClient(endPoint);

        discoveryClient.FindProgressChanged += discoveryClient_FindProgressChanged;

        discoveryClient.FindCompleted += discoveryClient_FindCompleted;

        FindCriteria findCriteria = new FindCriteria();
        findCriteria.Duration = new TimeSpan(0, 0, 2);//TimeSpan.MaxValue;
        findCriteria.MaxResults = int.MaxValue;
        discoveryClient.FindAsync(findCriteria);

        Console.ReadKey();
    }

    private static void discoveryClient_FindCompleted(object sender, FindCompletedEventArgs e)
    {
        Console.WriteLine("Discovery complete");
    }

    static void discoveryClient_FindProgressChanged(object sender, FindProgressChangedEventArgs e)
    {

        foreach (var u in e.EndpointDiscoveryMetadata.ListenUris)
        {

            string uri = u.OriginalString;

            if (uri.Contains("http://192.168.1.162/onvif/device_service"))
            {

                Console.WriteLine(uri);

                EndpointAddress serviceAddress = new EndpointAddress(uri);

                HttpTransportBindingElement httpBinding = new HttpTransportBindingElement();

                httpBinding.AuthenticationScheme = AuthenticationSchemes.Digest;

                var messegeElement = new TextMessageEncodingBindingElement();

                messegeElement.MessageVersion = MessageVersion.CreateVersion(EnvelopeVersion.Soap12, AddressingVersion.None);

                CustomBinding bind = new CustomBinding(messegeElement, httpBinding);

                DeviceClient client = new DeviceClient(bind, serviceAddress);

                // Add our custom behavior - this require the Microsoft WSE 3.0 SDK
                PasswordDigestBehavior behavior = new PasswordDigestBehavior("test", "test");

                client.Endpoint.Behaviors.Add(behavior);

                foreach (Service s in client.GetServices(false))
                    Console.WriteLine(s.ToString());

                client.Open();

                Console.WriteLine("WSDL = " + client.GetWsdlUrl());
                Console.WriteLine("DateTime = " + client.GetSystemDateAndTime());

                string a1, b1, c1, d1;
                Console.Write(client.GetDeviceInformation(out a1, out b1, out c1, out d1));

            }
        }
    }
}

Wireshark(用户名和密码都是测试)

POST /onvif/device_service HTTP/1.1

Content-Type: application/soap+xml; charset=utf-8; action="http://www.onvif.org/ver10/device/wsdl/GetServices"

Host: 192.168.1.162

Content-Length: 1232

Expect: 100-continue

Accept-Encoding: gzip, deflate

Connection: Keep-Alive



<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope">
  <s:Header>
    <VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo7uVma6HRQNDh2l6T2ZDNzIAAAAA2/ITWE91IUaNFF3UObayz0mz6QvnZppBlYrNJBd1QGsACQAA</VsDebuggerCausalityData>
    <Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <wsse:UsernameToken wsu:Id="SecurityToken-56f9081e-e9b4-4660-9158-7419af1efde0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:Username>test</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">WSKWE5XjP5aPiIiA9JicCOYoDkU=</wsse:Password>
        <wsse:Nonce>6sYgS41VHsWKj7n8TNKFjA==</wsse:Nonce>
        <wsu:Created>2013-08-09T14:52:45Z</wsu:Created>
      </wsse:UsernameToken>
    </Security>
  </s:Header>
  <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
    <GetServices xmlns="http://www.onvif.org/ver10/device/wsdl">
      <IncludeCapability>false</IncludeCapability>
    </GetServices>
  </s:Body>
</s:Envelope>HTTP/1.1 400 Bad Request

Server: gSOAP/2.7

Content-Type: application/soap+xml; charset=utf-8

Content-Length: 2751

Connection: close



<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope" xmlns:SOAP-ENC="http://www.w3.org/2003/05/soap-encoding" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:c14n="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsa5="http://www.w3.org/2005/08/addressing" xmlns:xmime="http://tempuri.org/xmime.xsd" xmlns:xop="http://www.w3.org/2004/08/xop/include" xmlns:wsrfbf="http://docs.oasis-open.org/wsrf/bf-2" xmlns:wstop="http://docs.oasis-open.org/wsn/t-1" xmlns:tt="http://www.onvif.org/ver10/schema" xmlns:wsrfr="http://docs.oasis-open.org/wsrf/r-2" xmlns:aa="http://www.axis.com/vapix/ws/action1" xmlns:aev="http://www.axis.com/vapix/ws/event1" xmlns:tan1="http://www.onvif.org/ver20/analytics/wsdl/RuleEngineBinding" xmlns:tan2="http://www.onvif.org/ver20/analytics/wsdl/AnalyticsEngineBinding" xmlns:tan="http://www.onvif.org/ver20/analytics/wsdl" xmlns:tds="http://www.onvif.org/ver10/device/wsdl" xmlns:tev1="http://www.onvif.org/ver10/events/wsdl/NotificationProducerBinding" xmlns:tev2="http://www.onvif.org/ver10/events/wsdl/EventBinding" xmlns:tev3="http://www.onvif.org/ver10/events/wsdl/SubscriptionManagerBinding" xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2" xmlns:tev4="http://www.onvif.org/ver10/events/wsdl/PullPointSubscriptionBinding" xmlns:tev="http://www.onvif.org/ver10/events/wsdl" xmlns:timg="http://www.onvif.org/ver20/imaging/wsdl" xmlns:tptz="http://www.onvif.org/ver20/ptz/wsdl" xmlns:trt="http://www.onvif.org/ver10/media/wsdl" xmlns:ter="http://www.onvif.org/ver10/error" xmlns:tns1="http://www.onvif.org/ver10/topics" xmlns:tnsaxis="http://www.axis.com/2009/event/topics">
  <SOAP-ENV:Header>
    <VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo7uVma6HRQNDh2l6T2ZDNzIAAAAA2/ITWE91IUaNFF3UObayz0mz6QvnZppBlYrNJBd1QGsACQAA</VsDebuggerCausalityData>
  </SOAP-ENV:Header>
  <SOAP-ENV:Body>
    <SOAP-ENV:Fault SOAP-ENV:encodingStyle="http://www.w3.org/2003/05/soap-encoding">
      <SOAP-ENV:Code>
        <SOAP-ENV:Value>SOAP-ENV:Sender</SOAP-ENV:Value>
        <SOAP-ENV:Subcode>
          <SOAP-ENV:Value>ter:NotAuthorized</SOAP-ENV:Value>
        </SOAP-ENV:Subcode>
      </SOAP-ENV:Code>
      <SOAP-ENV:Reason>
        <SOAP-ENV:Text xml:lang="en">Sender not authorized</SOAP-ENV:Text>
      </SOAP-ENV:Reason>
      <SOAP-ENV:Detail>
        <SOAP-ENV:Text>The action requested requires authorization and the sender is not authorized</SOAP-ENV:Text>
      </SOAP-ENV:Detail>
    </SOAP-ENV:Fault>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

我在相机上启用了onvif(通过创建一个名为“test”的管理员用户,密码为“test”。相机密码是默认的“root”和“pass”,因为它是一个Axis相机。

2 个答案:

答案 0 :(得分:1)

以这种方式配置与摄像机的连接:

    ServicePointManager.Expect100Continue = false;
    var endPointAddress = new EndpointAddress("http://" + cameraAddress + "/onvif/device_service");
    var httpTransportBinding = new HttpTransportBindingElement { AuthenticationScheme = AuthenticationSchemes.Digest };
    var textMessageEncodingBinding = new TextMessageEncodingBindingElement { MessageVersion = MessageVersion.CreateVersion(EnvelopeVersion.Soap12, AddressingVersion.None) };
    var customBinding = new CustomBinding(textMessageEncodingBinding, httpTransportBinding);
    var passwordDigestBehavior = new PasswordDigestBehavior(adminName, adminPassword);
    var deviceClient = new DeviceClient(customBinding, endPointAddress);
    deviceClient.Endpoint.Behaviors.Add(passwordDigestBehavior);

我知道这几乎就是你所做的,但让ServicePointManager.Expect100Continue错误很重要。

答案 1 :(得分:0)

检查相机是否启用了重放攻击保护。如果是这样,请检查计算机时间与相机之间的时差。根据ONVIF的规格,允许的时差必须为+ - 5秒。否则你会收到错误。

如果是这种情况,您有几种选择:

1-禁用重播攻击保护功能。建议不要这样做,因为您需要在需要使用的所有相机中禁用此功能。

2-您可以将相机的时间与计算机时间同步。同样不建议用于第一个选项的相同问题。

3-如果您可以将WSE 3.0更改为其他选项。在WSE3.0中创建 UsernameToken 后,您无法更改已创建属性,该属性用于创建加密。 here

中描述了此问题