2015-06-24 11:39:46 +00:00
|
|
|
// Copyright (C) 2015 Audrius Butkevicius and Contributors (see the CONTRIBUTORS file).
|
|
|
|
|
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/rand"
|
2015-06-28 00:52:01 +00:00
|
|
|
"encoding/hex"
|
|
|
|
"fmt"
|
|
|
|
"log"
|
2015-06-24 11:39:46 +00:00
|
|
|
"net"
|
|
|
|
"sync"
|
2015-08-20 10:59:44 +00:00
|
|
|
"sync/atomic"
|
2015-06-24 11:39:46 +00:00
|
|
|
"time"
|
|
|
|
|
2015-07-20 11:25:08 +00:00
|
|
|
"github.com/juju/ratelimit"
|
2015-06-24 11:39:46 +00:00
|
|
|
"github.com/syncthing/relaysrv/protocol"
|
2015-06-28 00:52:01 +00:00
|
|
|
|
|
|
|
syncthingprotocol "github.com/syncthing/protocol"
|
2015-06-24 11:39:46 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
2015-08-20 10:59:44 +00:00
|
|
|
sessionMut = sync.Mutex{}
|
|
|
|
sessions = make(map[string]*session, 0)
|
|
|
|
numProxies int64
|
|
|
|
bytesProxied int64
|
2015-06-24 11:39:46 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type session struct {
|
2015-06-28 00:52:01 +00:00
|
|
|
serverkey []byte
|
|
|
|
clientkey []byte
|
2015-06-24 11:39:46 +00:00
|
|
|
|
2015-07-20 11:25:08 +00:00
|
|
|
rateLimit func(bytes int64)
|
|
|
|
|
2015-06-24 11:39:46 +00:00
|
|
|
conns chan net.Conn
|
|
|
|
}
|
|
|
|
|
2015-07-20 11:25:08 +00:00
|
|
|
func newSession(sessionRateLimit, globalRateLimit *ratelimit.Bucket) *session {
|
2015-06-24 11:39:46 +00:00
|
|
|
serverkey := make([]byte, 32)
|
|
|
|
_, err := rand.Read(serverkey)
|
|
|
|
if err != nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
clientkey := make([]byte, 32)
|
|
|
|
_, err = rand.Read(clientkey)
|
|
|
|
if err != nil {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
ses := &session{
|
|
|
|
serverkey: serverkey,
|
|
|
|
clientkey: clientkey,
|
2015-07-20 11:25:08 +00:00
|
|
|
rateLimit: makeRateLimitFunc(sessionRateLimit, globalRateLimit),
|
2015-06-24 11:39:46 +00:00
|
|
|
conns: make(chan net.Conn),
|
|
|
|
}
|
2015-06-28 00:52:01 +00:00
|
|
|
|
|
|
|
if debug {
|
|
|
|
log.Println("New session", ses)
|
|
|
|
}
|
|
|
|
|
|
|
|
sessionMut.Lock()
|
|
|
|
sessions[string(ses.serverkey)] = ses
|
|
|
|
sessions[string(ses.clientkey)] = ses
|
|
|
|
sessionMut.Unlock()
|
|
|
|
|
|
|
|
return ses
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func findSession(key string) *session {
|
2015-06-28 00:52:01 +00:00
|
|
|
sessionMut.Lock()
|
|
|
|
defer sessionMut.Unlock()
|
2015-06-24 11:39:46 +00:00
|
|
|
lob, ok := sessions[key]
|
|
|
|
if !ok {
|
|
|
|
return nil
|
|
|
|
|
|
|
|
}
|
|
|
|
delete(sessions, key)
|
|
|
|
return lob
|
|
|
|
}
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
func (s *session) AddConnection(conn net.Conn) bool {
|
|
|
|
if debug {
|
|
|
|
log.Println("New connection for", s, "from", conn.RemoteAddr())
|
|
|
|
}
|
|
|
|
|
2015-06-24 11:39:46 +00:00
|
|
|
select {
|
2015-06-28 00:52:01 +00:00
|
|
|
case s.conns <- conn:
|
|
|
|
return true
|
2015-06-24 11:39:46 +00:00
|
|
|
default:
|
|
|
|
}
|
2015-06-28 00:52:01 +00:00
|
|
|
return false
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
func (s *session) Serve() {
|
2015-06-24 11:39:46 +00:00
|
|
|
timedout := time.After(messageTimeout)
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
if debug {
|
|
|
|
log.Println("Session", s, "serving")
|
|
|
|
}
|
2015-06-24 11:39:46 +00:00
|
|
|
|
|
|
|
conns := make([]net.Conn, 0, 2)
|
|
|
|
for {
|
|
|
|
select {
|
2015-06-28 00:52:01 +00:00
|
|
|
case conn := <-s.conns:
|
2015-06-24 11:39:46 +00:00
|
|
|
conns = append(conns, conn)
|
|
|
|
if len(conns) < 2 {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
close(s.conns)
|
2015-06-24 11:39:46 +00:00
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
if debug {
|
2015-08-20 12:02:52 +00:00
|
|
|
log.Println("Session", s, "starting between", conns[0].RemoteAddr(), "and", conns[1].RemoteAddr())
|
2015-06-28 00:52:01 +00:00
|
|
|
}
|
2015-06-24 11:39:46 +00:00
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
wg := sync.WaitGroup{}
|
2015-06-24 11:39:46 +00:00
|
|
|
wg.Add(2)
|
|
|
|
|
2015-08-20 12:02:52 +00:00
|
|
|
var err0 error
|
2015-06-28 00:52:01 +00:00
|
|
|
go func() {
|
2015-08-20 12:02:52 +00:00
|
|
|
err0 = s.proxy(conns[0], conns[1])
|
2015-06-28 00:52:01 +00:00
|
|
|
wg.Done()
|
|
|
|
}()
|
|
|
|
|
2015-08-20 12:02:52 +00:00
|
|
|
var err1 error
|
2015-06-28 00:52:01 +00:00
|
|
|
go func() {
|
2015-08-20 12:02:52 +00:00
|
|
|
err1 = s.proxy(conns[1], conns[0])
|
2015-06-28 00:52:01 +00:00
|
|
|
wg.Done()
|
|
|
|
}()
|
2015-06-24 11:39:46 +00:00
|
|
|
|
|
|
|
wg.Wait()
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
if debug {
|
2015-08-20 12:02:52 +00:00
|
|
|
log.Println("Session", s, "ended, outcomes:", err0, "and", err1)
|
2015-06-28 00:52:01 +00:00
|
|
|
}
|
|
|
|
goto done
|
2015-08-20 12:02:52 +00:00
|
|
|
|
2015-06-24 11:39:46 +00:00
|
|
|
case <-timedout:
|
2015-06-28 00:52:01 +00:00
|
|
|
if debug {
|
|
|
|
log.Println("Session", s, "timed out")
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
2015-06-28 00:52:01 +00:00
|
|
|
goto done
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
|
|
|
}
|
2015-06-28 00:52:01 +00:00
|
|
|
done:
|
|
|
|
sessionMut.Lock()
|
|
|
|
delete(sessions, string(s.serverkey))
|
|
|
|
delete(sessions, string(s.clientkey))
|
|
|
|
sessionMut.Unlock()
|
|
|
|
|
|
|
|
for _, conn := range conns {
|
|
|
|
conn.Close()
|
|
|
|
}
|
|
|
|
|
|
|
|
if debug {
|
|
|
|
log.Println("Session", s, "stopping")
|
|
|
|
}
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
func (s *session) GetClientInvitationMessage(from syncthingprotocol.DeviceID) protocol.SessionInvitation {
|
|
|
|
return protocol.SessionInvitation{
|
|
|
|
From: from[:],
|
|
|
|
Key: []byte(s.clientkey),
|
|
|
|
Address: sessionAddress,
|
|
|
|
Port: sessionPort,
|
2015-06-24 11:39:46 +00:00
|
|
|
ServerSocket: false,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
func (s *session) GetServerInvitationMessage(from syncthingprotocol.DeviceID) protocol.SessionInvitation {
|
|
|
|
return protocol.SessionInvitation{
|
|
|
|
From: from[:],
|
|
|
|
Key: []byte(s.serverkey),
|
|
|
|
Address: sessionAddress,
|
|
|
|
Port: sessionPort,
|
2015-06-24 11:39:46 +00:00
|
|
|
ServerSocket: true,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-07-20 11:25:08 +00:00
|
|
|
func (s *session) proxy(c1, c2 net.Conn) error {
|
2015-06-28 00:52:01 +00:00
|
|
|
if debug {
|
|
|
|
log.Println("Proxy", c1.RemoteAddr(), "->", c2.RemoteAddr())
|
|
|
|
}
|
2015-07-20 11:25:08 +00:00
|
|
|
|
2015-08-20 10:59:44 +00:00
|
|
|
atomic.AddInt64(&numProxies, 1)
|
|
|
|
defer atomic.AddInt64(&numProxies, -1)
|
|
|
|
|
2015-07-20 11:25:08 +00:00
|
|
|
buf := make([]byte, 65536)
|
2015-06-24 11:39:46 +00:00
|
|
|
for {
|
|
|
|
c1.SetReadDeadline(time.Now().Add(networkTimeout))
|
2015-07-20 11:25:08 +00:00
|
|
|
n, err := c1.Read(buf)
|
2015-06-24 11:39:46 +00:00
|
|
|
if err != nil {
|
2015-06-28 00:52:01 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2015-08-20 10:59:44 +00:00
|
|
|
atomic.AddInt64(&bytesProxied, int64(n))
|
|
|
|
|
2015-06-28 00:52:01 +00:00
|
|
|
if debug {
|
|
|
|
log.Printf("%d bytes from %s to %s", n, c1.RemoteAddr(), c2.RemoteAddr())
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
|
|
|
|
2015-07-20 11:25:08 +00:00
|
|
|
if s.rateLimit != nil {
|
|
|
|
s.rateLimit(int64(n))
|
|
|
|
}
|
|
|
|
|
2015-06-24 11:39:46 +00:00
|
|
|
c2.SetWriteDeadline(time.Now().Add(networkTimeout))
|
|
|
|
_, err = c2.Write(buf[:n])
|
|
|
|
if err != nil {
|
2015-06-28 00:52:01 +00:00
|
|
|
return err
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
|
|
|
}
|
2015-06-28 00:52:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (s *session) String() string {
|
|
|
|
return fmt.Sprintf("<%s/%s>", hex.EncodeToString(s.clientkey)[:5], hex.EncodeToString(s.serverkey)[:5])
|
2015-06-24 11:39:46 +00:00
|
|
|
}
|
2015-07-20 11:25:08 +00:00
|
|
|
|
|
|
|
func makeRateLimitFunc(sessionRateLimit, globalRateLimit *ratelimit.Bucket) func(int64) {
|
|
|
|
// This may be a case of super duper premature optimization... We build an
|
|
|
|
// optimized function to do the rate limiting here based on what we need
|
|
|
|
// to do and then use it in the loop.
|
|
|
|
|
|
|
|
if sessionRateLimit == nil && globalRateLimit == nil {
|
|
|
|
// No limiting needed. We could equally well return a func(int64){} and
|
|
|
|
// not do a nil check were we use it, but I think the nil check there
|
|
|
|
// makes it clear that there will be no limiting if none is
|
|
|
|
// configured...
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
if sessionRateLimit == nil {
|
|
|
|
// We only have a global limiter
|
|
|
|
return func(bytes int64) {
|
|
|
|
globalRateLimit.Wait(bytes)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if globalRateLimit == nil {
|
|
|
|
// We only have a session limiter
|
|
|
|
return func(bytes int64) {
|
|
|
|
sessionRateLimit.Wait(bytes)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// We have both. Queue the bytes on both the global and session specific
|
|
|
|
// rate limiters. Wait for both in parallell, so that the actual send
|
|
|
|
// happens when both conditions are satisfied. In practice this just means
|
|
|
|
// wait the longer of the two times.
|
|
|
|
return func(bytes int64) {
|
|
|
|
t0 := sessionRateLimit.Take(bytes)
|
|
|
|
t1 := globalRateLimit.Take(bytes)
|
|
|
|
if t0 > t1 {
|
|
|
|
time.Sleep(t0)
|
|
|
|
} else {
|
|
|
|
time.Sleep(t1)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|