Merge pull request #276 from richard-austin/275-certain-features-such…

…-as-save-detection-zone-on-reolink-doorbell-do-not-work-through-web-admin-hosting

275 certain features such as save detection zone on reolink doorbell do not work through web admin hosting

server/src/main/groovy/security/cam/interfaceobjects/CamWebadminHostProxy.java

@@ -75,6 +75,7 @@ private void handleClientRequest(SocketChannel client) {
                 // client, disconnect, and continue waiting for connections.
                 try {
                     SocketChannel server = SocketChannel.open();
+                    server.socket().setReceiveBufferSize(BUFFER_SIZE);
                     //server.configureBlocking(true);
                     final AtomicReference<AccessDetails> accessDetails = new AtomicReference<>();
                     final AtomicReference<ByteBuffer> updatedReq = new AtomicReference<>();
@@ -101,12 +102,12 @@ private void handleClientRequest(SocketChannel client) {
                                         server.connect(new InetSocketAddress(ad.cameraHost, ad.cameraPort));
                                     } else
                                         logService.getCam().error("No accessToken found for request");
+                                    AtomicReference<ByteBuffer> newReq = new AtomicReference<>();
+                                    if (modifyHeader(request, newReq, "Host", accessDetails.get().cameraHost)) {
+                                        request = newReq.get();
+                                    }
                                 }
                                 logService.getCam().trace("pass = " + pass);
-                                AtomicReference<ByteBuffer> newReq = new AtomicReference<>();
-                                if (modifyHeader(request, newReq, "Host", accessDetails.get().cameraHost)) {
-                                    request = newReq.get();
-                                }
                                 int bytesWritten = 0;
                                 long serverPass = 0;
 
@@ -168,15 +169,8 @@ private void handleClientRequest(SocketChannel client) {
                         logService.getCam().trace("handleClientRequest: Ready to read device response");
                         while (server.isOpen() && (server.read(reply)) != -1) {
                             reply.flip();
-                            AtomicReference<ByteBuffer> arNoXFrame = new AtomicReference<>();
                             // Only set the session cookie if it's not already set
                             if (++pass == 1) {
-                                if (camType.get() == none) {
-                                    if (removeHeader(reply, arNoXFrame, "X-Frame-Options"))
-                                        reply = arNoXFrame.get();
-                                    if (removeHeader(reply, arNoXFrame, "X-Xss-Protection"))
-                                        reply = arNoXFrame.get();
-                                }
                                 if (!accessDetails.get().getHasCookie()) {
                                     AtomicReference<ByteBuffer> arReply = new AtomicReference<>();
                                     if (addHeader(reply, arReply, "Set-cookie", "SESSION-ID=" + accessDetails.get().getAccessToken() + "; path=/; HttpOnly"))

server/src/main/java/common/HeaderProcessing.java

@@ -18,8 +18,8 @@ public class HeaderProcessing {
     final byte[] colonSpace = {':', ' '};
     final private Queue<ByteBuffer> bufferQueue = new ConcurrentLinkedQueue<>();
     final private Queue<ByteBuffer> largerBufferQueue = new ConcurrentLinkedQueue<>();
-    public final int BUFFER_SIZE = 6000;
-    public final int LARGER_BUFFER_SIZE = 7500;  // Extra space for addHeader to slip in headers
+    public final int BUFFER_SIZE = 32768;
+    public final int LARGER_BUFFER_SIZE = 36000;  // Extra space for addHeader to slip in headers
     protected ILogService logService;
 
     protected HeaderProcessing(ILogService logService) {
@@ -32,15 +32,15 @@ protected String getHeader(@NotNull ByteBuffer byteBuffer, @NotNull String key)
             BinarySearcher bs = new BinarySearcher();
             // Check that the double CRLF is present
             List<Integer> indexList = bs.searchBytes(byteBuffer.array(), crlfcrlf, 0, byteBuffer.limit());
-            if (indexList.size() > 0) {
+            if (!indexList.isEmpty()) {
                 final int endOfHeadersIdx = indexList.get(0) + crlfcrlf.length - 1;
                 // OK so look for the header key
                 indexList = bs.searchBytes(byteBuffer.array(), key.getBytes(StandardCharsets.UTF_8), 0, endOfHeadersIdx);
-                if (indexList.size() > 0) {
+                if (!indexList.isEmpty()) {
                     final int idx1 = indexList.get(0);
                     // Find the CRLF at the end of this header
                     indexList = bs.searchBytes(byteBuffer.array(), crlf, idx1, endOfHeadersIdx);
-                    if (indexList.size() > 0) {
+                    if (!indexList.isEmpty()) {
                         final int endIdx = indexList.get(0);
                         //Find the start of the header value
                         indexList = bs.searchBytes(byteBuffer.array(), colonSpace, idx1, endIdx);
@@ -61,14 +61,14 @@ protected boolean addHeader(@NotNull ByteBuffer src, AtomicReference<ByteBuffer>
         boolean retVal = false;
         // Check if the header is already present
         if (!getHeader(src, key).equals(value)) {
-            final ByteBuffer srcClone = getBuffer(true);
+            final ByteBuffer srcClone = getBuffer(false);
             srcClone.put(src.array(), 0, src.limit());
             srcClone.flip();
             ByteBuffer dest = getBuffer(true);
             BinarySearcher bs = new BinarySearcher();
             // Find the first CRLF in the source buffer
             List<Integer> indexList = bs.searchBytes(srcClone.array(), crlf, 0, srcClone.limit());
-            if (indexList.size() > 0) {
+            if (!indexList.isEmpty()) {
                 final int idx1 = indexList.get(0) + crlf.length;
                 // Copy up to just after the first crlf to the dest buffer
                 dest.put(srcClone.array(), 0, idx1);
@@ -97,10 +97,10 @@ protected boolean removeHeader(@NotNull ByteBuffer src, AtomicReference<ByteBuff
         BinarySearcher bs = new BinarySearcher();
         // Find the first CRLF in the source buffer
         List<Integer> indexList = bs.searchBytes(src.array(), key.getBytes(), 0, src.limit());
-        if (indexList.size() > 0) {
+        if (!indexList.isEmpty()) {
             final int startIdx = indexList.get(0);
             indexList = bs.searchBytes(src.array(), crlf, startIdx, src.limit());
-            if (indexList.size() > 0) {
+            if (!indexList.isEmpty()) {
                 final int endIdx = indexList.get(0) + crlf.length;
                 final ByteBuffer dest = getBuffer(false);
                 dest.put(src.array(), 0, startIdx);
@@ -116,7 +116,7 @@ protected boolean removeHeader(@NotNull ByteBuffer src, AtomicReference<ByteBuff
 
     protected boolean modifyHeader(@NotNull ByteBuffer src, AtomicReference<ByteBuffer> arDest, @NotNull String key, @NotNull String newValue) {
         boolean retVal = false;
-        final ByteBuffer srcClone = getBuffer(false);
+        final ByteBuffer srcClone = getBuffer(true);
         srcClone.put(src.array(), 0, src.limit());
         srcClone.flip();
         AtomicReference<ByteBuffer> headerRemoved = new AtomicReference<>();
@@ -138,11 +138,11 @@ protected String getHTTPHeader(@NotNull ByteBuffer byteBuffer) {
         // Check there is a double CRLF
         BinarySearcher bs = new BinarySearcher();
         List<Integer> indexList = bs.searchBytes(byteBuffer.array(), crlfcrlf, 0, byteBuffer.limit());
-        if (indexList.size() > 0) {
+        if (!indexList.isEmpty()) {
             final int endOfHeadersIdx = indexList.get(0) + crlfcrlf.length - 1;
             // Find the first crlf
             indexList = bs.searchBytes(byteBuffer.array(), crlf, 0, endOfHeadersIdx);
-            if (indexList.size() > 0) {
+            if (!indexList.isEmpty()) {
                 String firstLine = new String(byteBuffer.array(), 0, endOfHeadersIdx);
                 if (firstLine.contains("HTTP"))
                     httpHeader = firstLine;
@@ -158,11 +158,11 @@ protected String getRTSPHeader(@NotNull ByteBuffer byteBuffer) {
         // Check there is a double CRLF
         BinarySearcher bs = new BinarySearcher();
         List<Integer> indexList = bs.searchBytes(byteBuffer.array(), crlfcrlf, 0, byteBuffer.limit());
-        if (indexList.size() > 0) {
+        if (!indexList.isEmpty()) {
             final int endOfHeadersIdx = indexList.get(0) + crlfcrlf.length - 1;
             // Find the first crlf
             indexList = bs.searchBytes(byteBuffer.array(), crlf, 0, endOfHeadersIdx);
-            if (indexList.size() > 0) {
+            if (!indexList.isEmpty()) {
                 String firstLine = new String(byteBuffer.array(), 0, indexList.get(0));
                 if (firstLine.contains("RTSP/"))
                     rtspHeader = firstLine;

xtrn-scripts-and-config/nginx.conf

@@ -163,6 +163,8 @@ http {
            # redirect all HTTP traffic to localhost:8446
            proxy_pass http://localhost:8446/;
            proxy_redirect http://localhost:8446 https://$http_host;
+           proxy_hide_header X-Frame-Options;
+           proxy_hide_header X-Xss-Protection;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;