Commit Graph

112 Commits

Author SHA1 Message Date
Audrius Butkevicius
ee746263fb
lib/connections: Do not leak FDs, fix address copy (fixes #5767) (#5768)
* lib/connections: Do not leak FDs, fix address copy (fixes #5767)

* build

* Update quic_listen.go

* Update quic_listen.go
2019-06-09 22:14:00 +01:00
Audrius Butkevicius
e714df013f lib/connections: Add QUIC protocol support (fixes #5377) (#5737) 2019-05-29 09:56:40 +02:00
Jakob Borg
2c866277a2 lib/api, lib/connections, gui: Show connection error for disconnected devices (fixes #3345) (#5727)
* lib/api, lib/connections, gui: Show connection error for disconnected devices (fixes #3345)

This adds functionality in the connetions service to track the last
error per address. That is in turn exposed in the /rest/system/status
API method, as that is also where we already show the listener status
from the connection service.

The GUI uses this info where it lists addresses, showing errors (if any)
in red underneath each address.

I also slightly refactored the existing status method on the connection
service to have a better name and return typed information.

* ok

* review

* formatting

* review
2019-05-16 22:11:45 +01:00
Jakob Borg
f24676ba5a
lib/tlsutil: Enable TLS 1.3 when available, on test builds (fixes #5065) (#5558)
* lib/tlsutil: Enable TLS 1.3 when available, on test builds (fixes #5065)

This enables TLS 1.3 negotiation on Go 1.12 by setting the GODEBUG
variable. For now, this just gets enabled on test versions (those with a
dash in the version number).

Users wishing to enable this on production builds can set GODEBUG
manually.

The string representation of connections now includes the TLS version
and cipher suite. This becomes part of the log output on connections.
That is, when talking to an old client:

    Established secure connection .../TLS1.2-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

and now potentially:

    Established secure connection .../TLS1.3-TLS_AES_128_GCM_SHA256

(The cipher suite was there previously in the log output, but not the
TLS version.)

I also added this info as a new Crypto() method on the connection, and
propagate this out to the API and GUI, where it can be seen in the
connection address hover (although with bad word wrapping sometimes).

* wip

* wip
2019-02-26 11:49:02 +01:00
Simon Frei
722b3fce6a all: Hide implementations behind interfaces for mocked testing (#5548)
* lib/model: Hide implementations behind interfaces for mocked testing

* review
2019-02-26 08:09:25 +00:00
Jakob Borg
c2ddc83509 all: Revert the underscore sillyness 2019-02-02 12:16:27 +01:00
Jakob Borg
9fd270d78e
all: A few more interesting linter fixes (#5502)
A couple of minor bugs and simplifications
2019-02-02 12:09:07 +01:00
Jakob Borg
df5c1eaf01
all: Bunch of more linter fixes (#5500) 2019-02-02 11:02:28 +01:00
Simon Frei
24ffd8be99 all: Send Close BEP msg on intentional disconnect (#5440)
This avoids waiting until next ping and timeout until the connection is actually
closed both by notifying the peer of the disconnect and by immediately closing
the local end of the connection after that. As a nice side effect, info level
logging about dropped connections now have the actual reason in it, not a generic
timeout error which looks like a real problem with the connection.
2019-01-09 17:31:09 +01:00
Simon Frei
01ade9c8ae lib/connections: Don't panic on removed device (fixes #5299) (#5300) 2018-10-30 10:34:19 +01:00
Simon Frei
c9d6366d75 lib/connections: Don't info log about LAN if there are no rate limits (#5242) 2018-10-05 08:22:47 +02:00
Jakob Borg
9e00b619ab all, vendor: Switch back to non-forked thejerf/suture (#5171) 2018-09-08 12:56:56 +03:00
Jakob Borg
48795dba07
all: Don't let Suture capture panics (fixes #4758) (#5119)
Fork with new option.
2018-08-13 20:39:08 +02:00
Jakob Borg
ff441d3b3e
lib/connections: Don't spin on accept failures (fixes #5025) (#5036) 2018-06-27 08:24:30 +02:00
Jakob Borg
bdbaa84989 lib/connections: Wrong context snuck in somehow 2018-03-27 07:18:26 -04:00
Jakob Borg
c49d864f14 lib/connections: Slightly refactor limiter juggling
Two small behavior changes: don't "charge" the data to the global rate
limit until it's been accepted by the device specific limiter, and fix
the send/recv direction in the log print on per device rate limits.
2018-03-26 11:45:02 -04:00
qepasa
2621c6fd2f lib/connections, lib/config: Bandwidth throttling per remote device (fixes #4516) (#4603) 2018-03-26 12:01:59 +02:00
Audrius Butkevicius
2751be57dc lib/connections: Fix relay connections when two devices use the same relay (fixes #4778) (#4779) 2018-02-25 16:12:46 +01:00
Jakob Borg
b97d5bcca8
Remove KCP (fixes #4737) (#4741) 2018-02-09 11:40:57 +01:00
Simon Frei
341b9691a7 lib/connections, lib/model: Additional connection info in logs (fixes #4499)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4665
2018-01-12 11:27:55 +00:00
Audrius Butkevicius
72172d853c vendor: Move back to upstream KCP (fixes #4407)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4614
2017-12-27 11:33:12 +00:00
Audrius Butkevicius
2547a29dd7 lib/connections: Don't close nil connections (fixes #4605) 2017-12-18 14:40:51 +00:00
Audrius Butkevicius
445c4edeca gui, lib/config, lib/model: Support auto-accepting folders (fixes #2299)
Also introduces a new Waiter interface for config changes and segments the
configuration GUI.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4551
2017-12-07 07:08:24 +00:00
Jakob Borg
6daa766fde lib/connections: Actually fix LAN detection, for real (ref #4534) 2017-11-22 09:01:21 +01:00
Audrius Butkevicius
4922b46fbd lib/connections: Fix local address priority
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4534
LGTM: imsodin, calmh
2017-11-22 07:05:49 +00:00
xjtdy888
a17d953334 lib/connections: Actually make connection attempts for lower priority addresses as well
Skip-check: authors

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4535
2017-11-21 14:58:18 +00:00
Audrius Butkevicius
44a542391e lib/connections: Trust the model to tell us if we are connected
This should address issue as described in https://forum.syncthing.net/t/stun-nig-party-with-paused-devices/10942/13
Essentially the model and the connection service goes out of sync in terms of thinking if we are connected or not.
Resort to model as being the ultimate source of truth.

I can't immediately pin down how this happens, yet some ideas.

ConfigSaved happens in separate routine, so it's possbile that we have some sort of device removed yet connection comes in parallel kind of thing.
However, in this case the connection exists in the model, and does not exist in the connection service and the only way for the connection to be removed
in the connection service is device removal from the config.

Given the subject, this might also be related to the device being paused.

Also, adds more info to the logs

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4533
2017-11-21 07:25:38 +00:00
Jakob Borg
72d645865e lib/connections: Fix race condition in parallel dial, minor cleanups (fixes #4526)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4527
2017-11-19 17:38:13 +00:00
Audrius Butkevicius
0518a92cdb lib/connections: Only announce punchable nats (fixes #4519)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4523
2017-11-17 14:46:45 +00:00
Jakob Borg
7ebf58f1bc Fix discovery in the absence of listen addresses (fixes #4418)
This makes it OK to not have any listeners working. Specifically,

- We don't complain about an empty listener address
- We don't complain about not having anything to announce to global
  discovery servers
- We don't send local discovery packets when there is nothing to
  announce.

The last point also fixes a thing where the list of addresses for local
discovery was set at startup time and never refreshed.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4517
2017-11-17 09:12:35 +00:00
AudriusButkevicius
aecd7c64ce lib/connections: Parallel dials in the same priority (fixes #4456)
Well Tested(TM)

Introduces a potential issue where we always pick some connectable but dodgy connection that breaks
soon after the TLS handshake.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4489
2017-11-15 09:36:33 +00:00
Simon Frei
4efff736b3 lib/connections: Consistent log levels & polish (fixes #4510)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4511
2017-11-14 21:49:36 +00:00
AudriusButkevicius
0ee1146e1c lib/connections: Indicate stack in transport (fixes #4463)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4486
2017-11-07 07:25:05 +00:00
AudriusButkevicius
62a4106a79 lib/connections: Fix lan detection (fixes #4421)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4487
2017-11-06 14:05:29 +00:00
HairyFotr
7cbd92e1b1 all: Fix comment typos
Skip-check: authors

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4481
2017-11-04 07:20:11 +00:00
Audrius Butkevicius
a9c221189b lib/connections: Stun resolves server adress beforehand (fixes #4453)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4454
2017-10-22 18:48:06 +00:00
Audrius Butkevicius
b2966957e0 lib/connections: Add KCP blacklist period 2017-10-22 13:56:52 +01:00
Audrius Butkevicius
0d30166357 lib/connections: Use own KCP fork, move listener setup earlier (ref #4446)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4452
2017-10-22 12:36:36 +00:00
Audrius Butkevicius
fb7264a663 cmd/syncthing: Enable KCP by default
Also, use upstream library, as my changes have been merged.
2017-10-17 23:17:10 +01:00
Audrius Butkevicius
2760d032ca cmd/syncthing: Add more stats to usage reports (ref #3628)
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4347
2017-10-12 06:16:46 +00:00
Audrius Butkevicius
9e6a1fdcd4 vendor: Update kcp, removes closeConn (fixes #4343) 2017-09-02 16:11:48 +02:00
Audrius Butkevicius
cbcc3ea132 lib/connections: Use our own fork of kcp (fixes #4063)
This updates kcp and uses our own fork which:

1. Keys sessions not just by remote address, but by remote address +
conversation id 2. Allows not to close connections that were passed directly
to the library. 3. Resets cache key if the session gets terminated.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4339
LGTM: calmh
2017-09-02 06:04:35 +00:00
HairyFotr
0ad10b0fee all: Typos
Skip-check: authors

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4263
2017-07-20 13:10:46 +00:00
Audrius Butkevicius
9667a0a618 lib/connections: Fix race (fixes #4177) 2017-06-07 10:17:01 +02:00
Audrius Butkevicius
51518490c6 lib/connections: Fix KCP from locking up the service (fixes #4072) 2017-05-21 22:16:21 +02:00
Jakob Borg
dd1f7a5ab7 lib/connections: Allow negative ACL entries on devices (fixes #4096)
Prefix an entry with "!" to make it a negative entry. First match wins.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4097
2017-04-13 17:43:29 +00:00
Jakob Borg
c5e0c47989 lib/connections, lib/model, gui: Specify allowed networks per device (fixes #219)
This adds a new config AllowedNetworks per device, which when set should
contain a list of network prefixes (192.168.0.0/126 etc) that are
allowed for the given device. The connection service will not attempt
connections to addresses outside of the given networks and incoming
connections will be rejected as well.

I've added the config to the normal device editor and shown it (when
set) in the device summary on the main screen.

There's a unit test for the IsAllowedNetwork method, I've done some
manual sanity testing on top of that.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4073
2017-04-01 09:52:31 +00:00
Audrius Butkevicius
ceea5ebeb3 lib/connections, vendor: Change KCP mux to SMUX
Closes #4032
2017-03-09 14:03:09 +01:00
Jakob Borg
b3e2665a79 vendor: Update github.com/xtaci/kcp 2017-03-07 14:29:21 +01:00
Jakob Borg
81af29e3e2 lib/config, lib/connections: Configurables for KCP, disable by default
GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4030
2017-03-07 12:55:50 +00:00