mirror of
https://github.com/octoleo/syncthing.git
synced 2025-01-24 15:38:27 +00:00
Use pseudo-random high port for UPnP mapping
This commit is contained in:
parent
a08cba9c85
commit
292a50de04
@ -6,6 +6,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
"log"
|
"log"
|
||||||
|
"math/rand"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
_ "net/http/pprof"
|
_ "net/http/pprof"
|
||||||
@ -103,7 +104,7 @@ func main() {
|
|||||||
fatalErr(err)
|
fatalErr(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
myID = string(certID(cert.Certificate[0]))
|
myID = certID(cert.Certificate[0])
|
||||||
log.SetPrefix("[" + myID[0:5] + "] ")
|
log.SetPrefix("[" + myID[0:5] + "] ")
|
||||||
logger.SetPrefix("[" + myID[0:5] + "] ")
|
logger.SetPrefix("[" + myID[0:5] + "] ")
|
||||||
|
|
||||||
@ -235,6 +236,9 @@ func main() {
|
|||||||
|
|
||||||
var externalPort = 0
|
var externalPort = 0
|
||||||
if cfg.Options.UPnPEnabled {
|
if cfg.Options.UPnPEnabled {
|
||||||
|
// We seed the random number generator with the node ID to get a
|
||||||
|
// repeatable sequence of random external ports.
|
||||||
|
rand.Seed(certSeed(cert.Certificate[0]))
|
||||||
externalPort = setupUPnP()
|
externalPort = setupUPnP()
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -278,9 +282,10 @@ func setupUPnP() int {
|
|||||||
igd, err := upnp.Discover()
|
igd, err := upnp.Discover()
|
||||||
if err == nil {
|
if err == nil {
|
||||||
for i := 0; i < 10; i++ {
|
for i := 0; i < 10; i++ {
|
||||||
err := igd.AddPortMapping(upnp.TCP, port+i, port, "syncthing", 0)
|
r := 1024 + rand.Intn(65535-1024)
|
||||||
|
err := igd.AddPortMapping(upnp.TCP, r, port, "syncthing", 0)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
externalPort = port + i
|
externalPort = r
|
||||||
infoln("Created UPnP port mapping - external port", externalPort)
|
infoln("Created UPnP port mapping - external port", externalPort)
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
|
@ -8,6 +8,7 @@ import (
|
|||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"crypto/x509/pkix"
|
"crypto/x509/pkix"
|
||||||
"encoding/base32"
|
"encoding/base32"
|
||||||
|
"encoding/binary"
|
||||||
"encoding/pem"
|
"encoding/pem"
|
||||||
"math/big"
|
"math/big"
|
||||||
"os"
|
"os"
|
||||||
@ -32,6 +33,13 @@ func certID(bs []byte) string {
|
|||||||
return strings.Trim(base32.StdEncoding.EncodeToString(id), "=")
|
return strings.Trim(base32.StdEncoding.EncodeToString(id), "=")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func certSeed(bs []byte) int64 {
|
||||||
|
hf := sha256.New()
|
||||||
|
hf.Write(bs)
|
||||||
|
id := hf.Sum(nil)
|
||||||
|
return int64(binary.BigEndian.Uint64(id))
|
||||||
|
}
|
||||||
|
|
||||||
func newCertificate(dir string) {
|
func newCertificate(dir string) {
|
||||||
infoln("Generating RSA certificate and key...")
|
infoln("Generating RSA certificate and key...")
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user