Cleanups and tweaks
This commit is contained in:
Jakob Borg
parent
3662decb8b
commit
6384d1e5a3
File diff suppressed because one or more lines are too long
|
|
@ -56,7 +56,6 @@ func init() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) error {
|
func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) error {
|
||||||
var listener net.Listener
|
|
||||||
var err error
|
var err error
|
||||||
|
|
||||||
cert, err := loadCert(confDir, "https-")
|
cert, err := loadCert(confDir, "https-")
|
||||||
|
|
@ -74,10 +73,11 @@ func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) erro
|
||||||
ServerName: "syncthing",
|
ServerName: "syncthing",
|
||||||
}
|
}
|
||||||
|
|
||||||
listener, err = NewDowngradingListener(cfg.Address, tlsCfg)
|
rawListener, err := net.Listen("tcp", cfg.Address)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
listener := &DowngradingListener{rawListener, tlsCfg}
|
||||||
|
|
||||||
// The GET handlers
|
// The GET handlers
|
||||||
getRestMux := http.NewServeMux()
|
getRestMux := http.NewServeMux()
|
||||||
|
|
@ -139,8 +139,10 @@ func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) erro
|
||||||
handler = basicAuthAndSessionMiddleware(cfg, handler)
|
handler = basicAuthAndSessionMiddleware(cfg, handler)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Add our redirection middleware
|
// Redirect to HTTPS if we are supposed to
|
||||||
handler = redirectionMiddleware(handler, cfg.Address, cfg.UseTLS)
|
if cfg.UseTLS {
|
||||||
|
handler = redirectToHTTPSMiddleware(handler)
|
||||||
|
}
|
||||||
|
|
||||||
go http.Serve(listener, handler)
|
go http.Serve(listener, handler)
|
||||||
return nil
|
return nil
|
||||||
|
|
@ -159,16 +161,17 @@ func getPostHandler(get, post http.Handler) http.Handler {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func redirectionMiddleware(h http.Handler, host string, usingTLS bool) http.Handler {
|
func redirectToHTTPSMiddleware(h http.Handler) http.Handler {
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
if r.TLS == nil && usingTLS {
|
// Add a generous access-control-allow-origin header since we may be
|
||||||
r.URL.Host = host
|
// redirecting REST requests over protocols
|
||||||
|
w.Header().Add("Access-Control-Allow-Origin", "*")
|
||||||
|
|
||||||
|
if r.TLS == nil {
|
||||||
|
// Redirect HTTP requests to HTTPS
|
||||||
|
r.URL.Host = r.Host
|
||||||
r.URL.Scheme = "https"
|
r.URL.Scheme = "https"
|
||||||
http.Redirect(w, r, r.URL.String(), http.StatusFound)
|
http.Redirect(w, r, r.URL.String(), http.StatusFound)
|
||||||
} else if r.TLS != nil && !usingTLS {
|
|
||||||
r.URL.Host = host
|
|
||||||
r.URL.Scheme = "http"
|
|
||||||
http.Redirect(w, r, r.URL.String(), http.StatusFound)
|
|
||||||
} else {
|
} else {
|
||||||
h.ServeHTTP(w, r)
|
h.ServeHTTP(w, r)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bufio"
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
|
|
@ -87,34 +87,26 @@ type WrappedConnection struct {
|
||||||
net.Conn
|
net.Conn
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewDowngradingListener(address string, config *tls.Config) (net.Listener, error) {
|
func (l *DowngradingListener) Accept() (net.Conn, error) {
|
||||||
listener, err := net.Listen("tcp", address)
|
conn, err := l.Listener.Accept()
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
return &DowngradingListener{listener, config}, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (listener *DowngradingListener) Accept() (net.Conn, error) {
|
|
||||||
connection, err := listener.Listener.Accept()
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
var peek [1]byte
|
br := bufio.NewReader(conn)
|
||||||
_, err = io.ReadFull(connection, peek[:])
|
bs, err := br.Peek(1)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
conn.Close()
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
jointReader := io.MultiReader(bytes.NewReader(peek[:]), connection)
|
wrapper := &WrappedConnection{br, conn}
|
||||||
wrapper := &WrappedConnection{jointReader, connection}
|
|
||||||
|
|
||||||
// TLS handshake starts with ASCII SYN
|
// 0x16 is the first byte of a TLS handshake
|
||||||
if peek[0] == 22 {
|
if bs[0] == 0x16 {
|
||||||
return tls.Server(wrapper, listener.TLSConfig), nil
|
return tls.Server(wrapper, l.TLSConfig), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
return wrapper, nil
|
return wrapper, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
20
gui/app.js
20
gui/app.js
|
|
@ -153,13 +153,17 @@ syncthing.controller('SyncthingCtrl', function ($scope, $http, $translate, $loca
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
console.log('UIOnline');
|
if (restarting){
|
||||||
$scope.init();
|
document.location.reload(true);
|
||||||
online = true;
|
} else {
|
||||||
restarting = false;
|
console.log('UIOnline');
|
||||||
$('#networkError').modal('hide');
|
$scope.init();
|
||||||
$('#restarting').modal('hide');
|
online = true;
|
||||||
$('#shutdown').modal('hide');
|
restarting = false;
|
||||||
|
$('#networkError').modal('hide');
|
||||||
|
$('#restarting').modal('hide');
|
||||||
|
$('#shutdown').modal('hide');
|
||||||
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
$scope.$on('UIOffline', function (event, arg) {
|
$scope.$on('UIOffline', function (event, arg) {
|
||||||
|
|
@ -581,7 +585,7 @@ syncthing.controller('SyncthingCtrl', function ($scope, $http, $translate, $loca
|
||||||
|
|
||||||
setTimeout(function(){
|
setTimeout(function(){
|
||||||
window.location.protocol = protocol;
|
window.location.protocol = protocol;
|
||||||
}, 1000);
|
}, 2500);
|
||||||
|
|
||||||
$scope.protocolChanged = false;
|
$scope.protocolChanged = false;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -716,7 +716,6 @@
|
||||||
<li><a href="https://github.com/golang/groupcache">groupcache/lru</a>, Copyright © 2013 Google Inc.</li>
|
<li><a href="https://github.com/golang/groupcache">groupcache/lru</a>, Copyright © 2013 Google Inc.</li>
|
||||||
<li><a href="https://github.com/juju/ratelimit">juju/ratelimit</a>, Copyright © 2014 Canonical Ltd.</li>
|
<li><a href="https://github.com/juju/ratelimit">juju/ratelimit</a>, Copyright © 2014 Canonical Ltd.</li>
|
||||||
<li><a href="https://github.com/syndtr/goleveldb">syndtr/goleveldb</a>, Copyright © 2012, Suryandaru Triandana</li>
|
<li><a href="https://github.com/syndtr/goleveldb">syndtr/goleveldb</a>, Copyright © 2012, Suryandaru Triandana</li>
|
||||||
<li><a href="https://github.com/BenLubar/Rnoadm/tree/master/maybetls">BenLubar/Rnoadm/maybetls</a>, Copyright © 2013 The Rnoadm Authors.</li>
|
|
||||||
<li><a href="https://github.com/vitrun/qart">vitrun/qart</a>, Copyright © The Go Authors.</li>
|
<li><a href="https://github.com/vitrun/qart">vitrun/qart</a>, Copyright © The Go Authors.</li>
|
||||||
<li><a href="https://angularjs.org/">AngularJS</a>, Copyright © 2010-2014 Google, Inc.</li>
|
<li><a href="https://angularjs.org/">AngularJS</a>, Copyright © 2010-2014 Google, Inc.</li>
|
||||||
<li><a href="http://getbootstrap.com/">Bootstrap</a>, Copyright © 2011-2014 Twitter, Inc.</li>
|
<li><a href="http://getbootstrap.com/">Bootstrap</a>, Copyright © 2011-2014 Twitter, Inc.</li>
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue