syncthing/lib/relay/client/methods.go

169 lines
4.5 KiB
Go
Raw Normal View History

2015-06-28 00:52:01 +00:00
// Copyright (C) 2015 Audrius Butkevicius and Contributors (see the CONTRIBUTORS file).
package client
import (
"context"
2015-06-28 00:52:01 +00:00
"crypto/tls"
"fmt"
"net"
"net/url"
"strconv"
"time"
2015-10-12 18:30:14 +00:00
"github.com/syncthing/syncthing/lib/dialer"
2015-09-22 17:38:46 +00:00
syncthingprotocol "github.com/syncthing/syncthing/lib/protocol"
"github.com/syncthing/syncthing/lib/relay/protocol"
2015-06-28 00:52:01 +00:00
)
type incorrectResponseCodeErr struct {
code int32
msg string
}
func (e *incorrectResponseCodeErr) Error() string {
return fmt.Sprintf("incorrect response code %d: %s", e.code, e.msg)
}
func GetInvitationFromRelay(ctx context.Context, uri *url.URL, id syncthingprotocol.DeviceID, certs []tls.Certificate, timeout time.Duration) (protocol.SessionInvitation, error) {
2015-06-28 19:34:28 +00:00
if uri.Scheme != "relay" {
return protocol.SessionInvitation{}, fmt.Errorf("unsupported relay scheme: %v", uri.Scheme)
2015-06-28 19:34:28 +00:00
}
ctx, cancel := context.WithTimeout(ctx, timeout)
defer cancel()
rconn, err := dialer.DialContext(ctx, "tcp", uri.Host)
2015-06-28 00:52:01 +00:00
if err != nil {
return protocol.SessionInvitation{}, err
}
2015-10-12 18:30:14 +00:00
conn := tls.Client(rconn, configForCerts(certs))
2019-02-02 11:16:27 +00:00
conn.SetDeadline(time.Now().Add(timeout))
2015-06-28 00:52:01 +00:00
if err := performHandshakeAndValidation(conn, uri); err != nil {
return protocol.SessionInvitation{}, err
}
defer conn.Close()
request := protocol.ConnectRequest{
ID: id[:],
}
if err := protocol.WriteMessage(conn, request); err != nil {
return protocol.SessionInvitation{}, err
}
message, err := protocol.ReadMessage(conn)
if err != nil {
return protocol.SessionInvitation{}, err
}
switch msg := message.(type) {
case protocol.Response:
return protocol.SessionInvitation{}, &incorrectResponseCodeErr{msg.Code, msg.Message}
2015-06-28 00:52:01 +00:00
case protocol.SessionInvitation:
Implement facility based logger, debugging via REST API This implements a new debug/trace infrastructure based on a slightly hacked up logger. Instead of the traditional "if debug { ... }" I've rewritten the logger to have no-op Debugln and Debugf, unless debugging has been enabled for a given "facility". The "facility" is just a string, typically a package name. This will be slightly slower than before; but not that much as it's mostly a function call that returns immediately. For the cases where it matters (the Debugln takes a hex.Dump() of something for example, and it's not in a very occasional "if err != nil" branch) there is an l.ShouldDebug(facility) that is fast enough to be used like the old "if debug". The point of all this is that we can now toggle debugging for the various packages on and off at runtime. There's a new method /rest/system/debug that can be POSTed a set of facilities to enable and disable debug for, or GET from to get a list of facilities with descriptions and their current debug status. Similarly a /rest/system/log?since=... can grab the latest log entries, up to 250 of them (hardcoded constant in main.go) plus the initial few. Not implemented in this commit (but planned) is a simple debug GUI available on /debug that shows the current log in an easily pasteable format and has checkboxes to enable the various debug facilities. The debug instructions to a user then becomes "visit this URL, check these boxes, reproduce your problem, copy and paste the log". The actual log viewer on the hypothetical /debug URL can poll regularly for new log entries and this bypass the 250 line limit. The existing STTRACE=foo variable is still obeyed and just sets the start state of the system.
2015-10-03 15:25:21 +00:00
l.Debugln("Received invitation", msg, "via", conn.LocalAddr())
2015-06-28 00:52:01 +00:00
ip := net.IP(msg.Address)
if len(ip) == 0 || ip.IsUnspecified() {
msg.Address = remoteIPBytes(conn)
2015-06-28 00:52:01 +00:00
}
return msg, nil
default:
return protocol.SessionInvitation{}, fmt.Errorf("protocol error: unexpected message %v", msg)
}
}
func JoinSession(ctx context.Context, invitation protocol.SessionInvitation) (net.Conn, error) {
2015-06-28 00:52:01 +00:00
addr := net.JoinHostPort(net.IP(invitation.Address).String(), strconv.Itoa(int(invitation.Port)))
ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
defer cancel()
conn, err := dialer.DialContext(ctx, "tcp", addr)
2015-06-28 00:52:01 +00:00
if err != nil {
return nil, err
}
request := protocol.JoinSessionRequest{
Key: invitation.Key,
}
2019-02-02 11:16:27 +00:00
conn.SetDeadline(time.Now().Add(10 * time.Second))
2015-06-28 00:52:01 +00:00
err = protocol.WriteMessage(conn, request)
if err != nil {
return nil, err
}
message, err := protocol.ReadMessage(conn)
if err != nil {
return nil, err
}
2019-02-02 11:16:27 +00:00
conn.SetDeadline(time.Time{})
2015-06-28 00:52:01 +00:00
switch msg := message.(type) {
case protocol.Response:
if msg.Code != 0 {
return nil, fmt.Errorf("incorrect response code %d: %s", msg.Code, msg.Message)
2015-06-28 00:52:01 +00:00
}
return conn, nil
default:
return nil, fmt.Errorf("protocol error: expecting response got %v", msg)
}
}
func TestRelay(ctx context.Context, uri *url.URL, certs []tls.Certificate, sleep, timeout time.Duration, times int) error {
id := syncthingprotocol.NewDeviceID(certs[0].Certificate[0])
invs := make(chan protocol.SessionInvitation, 1)
2015-11-23 21:14:46 +00:00
c, err := NewClient(uri, certs, invs, timeout)
if err != nil {
close(invs)
return fmt.Errorf("creating client: %w", err)
}
go c.Serve()
defer func() {
c.Stop()
close(invs)
}()
for i := 0; i < times; i++ {
_, err = GetInvitationFromRelay(ctx, uri, id, certs, timeout)
if err == nil {
return nil
}
if _, ok := err.(*incorrectResponseCodeErr); !ok {
return fmt.Errorf("getting invitation: %w", err)
}
time.Sleep(sleep)
}
return fmt.Errorf("getting invitation: %w", err) // last of the above errors
}
2015-06-28 00:52:01 +00:00
func configForCerts(certs []tls.Certificate) *tls.Config {
return &tls.Config{
Certificates: certs,
NextProtos: []string{protocol.ProtocolName},
ClientAuth: tls.RequestClientCert,
SessionTicketsDisabled: true,
InsecureSkipVerify: true,
MinVersion: tls.VersionTLS12,
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
},
}
}
func remoteIPBytes(conn net.Conn) []byte {
addr := conn.RemoteAddr().String()
if host, _, err := net.SplitHostPort(addr); err == nil {
addr = host
}
return net.ParseIP(addr)[:]
}