octoleo/syncthing
1
0
Fork 0
mirror of https://github.com/octoleo/syncthing.git synced 2025-01-22 14:48:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add DowngradingListener

Browse Source 
"Inspired" by https://github.com/BenLubar/Rnoadm/maybetls
but avoids pulling the whole game as a dependency, and has the API slightly changed,
as it makes no sense to have non-tcp TLS listeners.
This commit is contained in:
Audrius Butkevicius 2014-09-11 20:18:08 +01:00
parent bf7a128142
commit 583bcfb3c7
3 changed files with 50 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
auto/gui.files.go
View File

File diff suppressed because one or more lines are too long

48
cmd/syncthing/tls.go
View File

@ -5,6 +5,7 @@
package main
import (
"bytes"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
@ -13,8 +14,10 @@ import (
"crypto/x509/pkix"
"encoding/binary"
"encoding/pem"
"io"
"math/big"
mr "math/rand"
"net"
"os"
"path/filepath"
"time"
@ -73,3 +76,48 @@ func newCertificate(dir string, prefix string) {
pem.Encode(keyOut, &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
keyOut.Close()
}
type DowngradingListener struct {
net.Listener
TLSConfig *tls.Config
}
type WrappedConnection struct {
io.Reader
net.Conn
}
func NewDowngradingListener(address string, config *tls.Config) (net.Listener, error) {
listener, err := net.Listen("tcp", address)
if err != nil {
return nil, err
}
return &DowngradingListener{listener, config}, nil
}
func (listener *DowngradingListener) Accept() (net.Conn, error) {
connection, err := listener.Listener.Accept()
if err != nil {
return nil, err
}
var peek [1]byte
_, err = io.ReadFull(connection, peek[:])
if err != nil {
return nil, err
}
jointReader := io.MultiReader(bytes.NewReader(peek[:]), connection)
wrapper := &WrappedConnection{jointReader, connection}
// TLS handshake starts with ASCII SYN
if peek[0] == 22 {
return tls.Server(wrapper, listener.TLSConfig), nil
}
return wrapper, nil
}
func (c *WrappedConnection) Read(b []byte) (n int, err error) {
return c.Reader.Read(b)
}

1
gui/index.html
View File

@ -716,6 +716,7 @@
<li><a href="https://github.com/golang/groupcache">groupcache/lru</a>, Copyright &copy; 2013 Google Inc.</li>
<li><a href="https://github.com/juju/ratelimit">juju/ratelimit</a>, Copyright &copy; 2014 Canonical Ltd.</li>
<li><a href="https://github.com/syndtr/goleveldb">syndtr/goleveldb</a>, Copyright &copy; 2012, Suryandaru Triandana</li>
<li><a href="https://github.com/BenLubar/Rnoadm/tree/master/maybetls">BenLubar/Rnoadm/maybetls</a>, Copyright &copy; 2013 The Rnoadm Authors.</li>
<li><a href="https://github.com/vitrun/qart">vitrun/qart</a>, Copyright &copy; The Go Authors.</li>
<li><a href="https://angularjs.org/">AngularJS</a>, Copyright &copy; 2010-2014 Google, Inc.</li>
<li><a href="http://getbootstrap.com/">Bootstrap</a>, Copyright &copy; 2011-2014 Twitter, Inc.</li>