func main() { var reset bool var showVersion bool var doUpgrade bool var doUpgradeCheck bool var noBrowser bool var generateDir string var guiAddress string var guiAuthentication string var guiAPIKey string flag.StringVar(&confDir, "home", getDefaultConfDir(), "Set configuration directory") flag.BoolVar(&reset, "reset", false, "Prepare to resync from cluster") flag.BoolVar(&showVersion, "version", false, "Show version") flag.BoolVar(&doUpgrade, "upgrade", false, "Perform upgrade") flag.BoolVar(&doUpgradeCheck, "upgrade-check", false, "Check for available upgrade") flag.BoolVar(&noBrowser, "no-browser", false, "Do not start browser") flag.StringVar(&generateDir, "generate", "", "Generate key in specified dir") flag.StringVar(&guiAddress, "gui-address", "", "Override GUI address") flag.StringVar(&guiAuthentication, "gui-authentication", "", "Override GUI authentication. Expects 'username:password'") flag.StringVar(&guiAPIKey, "gui-apikey", "", "Override GUI API key") flag.IntVar(&logFlags, "logflags", logFlags, "Set log flags") flag.Usage = usageFor(flag.CommandLine, usage, extraUsage) flag.Parse() if showVersion { fmt.Println(LongVersion) return } l.SetFlags(logFlags) if generateDir != "" { dir := expandTilde(generateDir) info, err := os.Stat(dir) l.FatalErr(err) if !info.IsDir() { l.Fatalln(dir, "is not a directory") } cert, err := loadCert(dir, "") if err == nil { l.Warnln("Key exists; will not overwrite.") l.Infoln("Node ID:", protocol.NewNodeID(cert.Certificate[0])) return } newCertificate(dir, "") cert, err = loadCert(dir, "") l.FatalErr(err) if err == nil { l.Infoln("Node ID:", protocol.NewNodeID(cert.Certificate[0])) } return } if doUpgrade || doUpgradeCheck { rel, err := upgrade.LatestRelease(strings.Contains(Version, "-beta")) if err != nil { l.Fatalln("Upgrade:", err) // exits 1 } if upgrade.CompareVersions(rel.Tag, Version) <= 0 { l.Infof("No upgrade available (current %q >= latest %q).", Version, rel.Tag) os.Exit(2) } l.Infof("Upgrade available (current %q < latest %q)", Version, rel.Tag) if doUpgrade { err = upgrade.UpgradeTo(rel, GoArchExtra) if err != nil { l.Fatalln("Upgrade:", err) // exits 1 } l.Okf("Upgraded to %q", rel.Tag) return } else { return } } var err error lockPort, err = getLockPort() if err != nil { l.Fatalln("Opening lock port:", err) } if len(os.Getenv("GOGC")) == 0 { debug.SetGCPercent(25) } if len(os.Getenv("GOMAXPROCS")) == 0 { runtime.GOMAXPROCS(runtime.NumCPU()) } confDir = expandTilde(confDir) events.Default.Log(events.Starting, map[string]string{"home": confDir}) if _, err := os.Stat(confDir); err != nil && confDir == getDefaultConfDir() { // We are supposed to use the default configuration directory. It // doesn't exist. In the past our default has been ~/.syncthing, so if // that directory exists we move it to the new default location and // continue. We don't much care if this fails at this point, we will // be checking that later. var oldDefault string if runtime.GOOS == "windows" { oldDefault = filepath.Join(os.Getenv("AppData"), "Syncthing") } else { oldDefault = expandTilde("~/.syncthing") } if _, err := os.Stat(oldDefault); err == nil { os.MkdirAll(filepath.Dir(confDir), 0700) if err := os.Rename(oldDefault, confDir); err == nil { l.Infoln("Moved config dir", oldDefault, "to", confDir) } } } // Ensure that our home directory exists and that we have a certificate and key. ensureDir(confDir, 0700) cert, err = loadCert(confDir, "") if err != nil { newCertificate(confDir, "") cert, err = loadCert(confDir, "") l.FatalErr(err) } myID = protocol.NewNodeID(cert.Certificate[0]) l.SetPrefix(fmt.Sprintf("[%s] ", myID.String()[:5])) l.Infoln(LongVersion) l.Infoln("My ID:", myID) // Prepare to be able to save configuration cfgFile := filepath.Join(confDir, "config.xml") go saveConfigLoop(cfgFile) var myName string // Load the configuration file, if it exists. // If it does not, create a template. cf, err := os.Open(cfgFile) if err == nil { // Read config.xml cfg, err = config.Load(cf, myID) if err != nil { l.Fatalln(err) } cf.Close() myCfg := cfg.GetNodeConfiguration(myID) if myCfg == nil || myCfg.Name == "" { myName, _ = os.Hostname() } else { myName = myCfg.Name } } else { l.Infoln("No config file; starting with empty defaults") myName, _ = os.Hostname() defaultRepo := filepath.Join(getHomeDir(), "Sync") cfg, err = config.Load(nil, myID) cfg.Repositories = []config.RepositoryConfiguration{ { ID: "default", Directory: defaultRepo, Nodes: []config.RepositoryNodeConfiguration{{NodeID: myID}}, }, } cfg.Nodes = []config.NodeConfiguration{ { NodeID: myID, Addresses: []string{"dynamic"}, Name: myName, }, } port, err := getFreePort("127.0.0.1", 8080) l.FatalErr(err) cfg.GUI.Address = fmt.Sprintf("127.0.0.1:%d", port) port, err = getFreePort("0.0.0.0", 22000) l.FatalErr(err) cfg.Options.ListenAddress = []string{fmt.Sprintf("0.0.0.0:%d", port)} saveConfig() l.Infof("Edit %s to taste or use the GUI\n", cfgFile) } if reset { resetRepositories() return } if len(os.Getenv("STRESTART")) > 0 { waitForParentExit() } if profiler := os.Getenv("STPROFILER"); len(profiler) > 0 { go func() { l.Debugln("Starting profiler on", profiler) runtime.SetBlockProfileRate(1) err := http.ListenAndServe(profiler, nil) if err != nil { l.Fatalln(err) } }() } // The TLS configuration is used for both the listening socket and outgoing // connections. tlsCfg := &tls.Config{ Certificates: []tls.Certificate{cert}, NextProtos: []string{"bep/1.0"}, ServerName: myID.String(), ClientAuth: tls.RequestClientCert, SessionTicketsDisabled: true, InsecureSkipVerify: true, MinVersion: tls.VersionTLS12, } // If the write rate should be limited, set up a rate limiter for it. // This will be used on connections created in the connect and listen routines. if cfg.Options.MaxSendKbps > 0 { rateBucket = ratelimit.NewBucketWithRate(float64(1000*cfg.Options.MaxSendKbps), int64(5*1000*cfg.Options.MaxSendKbps)) } // If this is the first time the user runs v0.9, archive the old indexes and config. archiveLegacyConfig() db, err := leveldb.OpenFile(filepath.Join(confDir, "index"), nil) if err != nil { l.Fatalln("Cannot open database:", err, "- Is another copy of Syncthing already running?") } m := model.NewModel(confDir, &cfg, myName, "syncthing", Version, db) nextRepo: for i, repo := range cfg.Repositories { if repo.Invalid != "" { continue } repo.Directory = expandTilde(repo.Directory) fi, err := os.Stat(repo.Directory) if m.LocalVersion(repo.ID) > 0 { // Safety check. If the cached index contains files but the // repository doesn't exist, we have a problem. We would assume // that all files have been deleted which might not be the case, // so mark it as invalid instead. if err != nil || !fi.IsDir() { cfg.Repositories[i].Invalid = "repo directory missing" continue nextRepo } } else if os.IsNotExist(err) { // If we don't have ny files in the index, and the directory does // exist, try creating it. err = os.MkdirAll(repo.Directory, 0700) } if err != nil { // If there was another error or we could not create the // directory, the repository is invalid. cfg.Repositories[i].Invalid = err.Error() continue nextRepo } m.AddRepo(repo) } // GUI guiCfg := overrideGUIConfig(cfg.GUI, guiAddress, guiAuthentication, guiAPIKey) if guiCfg.Enabled && guiCfg.Address != "" { addr, err := net.ResolveTCPAddr("tcp", guiCfg.Address) if err != nil { l.Fatalf("Cannot start GUI on %q: %v", guiCfg.Address, err) } else { var hostOpen, hostShow string switch { case addr.IP == nil: hostOpen = "localhost" hostShow = "0.0.0.0" case addr.IP.IsUnspecified(): hostOpen = "localhost" hostShow = addr.IP.String() default: hostOpen = addr.IP.String() hostShow = hostOpen } var proto = "http" if guiCfg.UseTLS { proto = "https" } l.Infof("Starting web GUI on %s://%s:%d/", proto, hostShow, addr.Port) err := startGUI(guiCfg, os.Getenv("STGUIASSETS"), m) if err != nil { l.Fatalln("Cannot start GUI:", err) } if !noBrowser && cfg.Options.StartBrowser && len(os.Getenv("STRESTART")) == 0 { openURL(fmt.Sprintf("%s://%s:%d", proto, hostOpen, addr.Port)) } } } // Clear out old indexes for other nodes. Otherwise we'll start up and // start needing a bunch of files which are nowhere to be found. This // needs to be changed when we correctly do persistent indexes. for _, repoCfg := range cfg.Repositories { for _, node := range repoCfg.NodeIDs() { m.Index(node, repoCfg.ID, nil) } } // Walk the repository and update the local model before establishing any // connections to other nodes. m.CleanRepos() l.Infoln("Performing initial repository scan") m.ScanRepos() // Remove all .idx* files that don't belong to an active repo. validIndexes := make(map[string]bool) for _, repo := range cfg.Repositories { dir := expandTilde(repo.Directory) id := fmt.Sprintf("%x", sha1.Sum([]byte(dir))) validIndexes[id] = true } allIndexes, err := filepath.Glob(filepath.Join(confDir, "*.idx*")) if err == nil { for _, idx := range allIndexes { bn := filepath.Base(idx) fs := strings.Split(bn, ".") if len(fs) > 1 { if _, ok := validIndexes[fs[0]]; !ok { l.Infoln("Removing old index", bn) os.Remove(idx) } } } } // UPnP if cfg.Options.UPnPEnabled { setupUPnP() } // Routine to connect out to configured nodes discoverer = discovery(externalPort) go listenConnect(myID, m, tlsCfg) for _, repo := range cfg.Repositories { if repo.Invalid != "" { continue } // Routine to pull blocks from other nodes to synchronize the local // repository. Does not run when we are in read only (publish only) mode. if repo.ReadOnly { l.Okf("Ready to synchronize %s (read only; no external updates accepted)", repo.ID) m.StartRepoRO(repo.ID) } else { l.Okf("Ready to synchronize %s (read-write)", repo.ID) m.StartRepoRW(repo.ID, cfg.Options.ParallelRequests) } } if cpuprof := os.Getenv("STCPUPROFILE"); len(cpuprof) > 0 { f, err := os.Create(fmt.Sprintf("cpu-%d.pprof", os.Getpid())) if err != nil { log.Fatal(err) } pprof.StartCPUProfile(f) defer pprof.StopCPUProfile() } for _, node := range cfg.Nodes { if len(node.Name) > 0 { l.Infof("Node %s is %q at %v", node.NodeID, node.Name, node.Addresses) } } if cfg.Options.URAccepted > 0 && cfg.Options.URAccepted < usageReportVersion { l.Infoln("Anonymous usage report has changed; revoking acceptance") cfg.Options.URAccepted = 0 } if cfg.Options.URAccepted >= usageReportVersion { go usageReportingLoop(m) go func() { time.Sleep(10 * time.Minute) err := sendUsageReport(m) if err != nil { l.Infoln("Usage report:", err) } }() } events.Default.Log(events.StartupComplete, nil) go generateEvents() <-stop l.Okln("Exiting") }
func listenConnect(myID protocol.NodeID, m *model.Model, tlsCfg *tls.Config) { var conns = make(chan *tls.Conn) // Listen for _, addr := range cfg.Options.ListenAddress { go listenTLS(conns, addr, tlsCfg) } // Connect go dialTLS(m, conns, tlsCfg) next: for conn := range conns { certs := conn.ConnectionState().PeerCertificates if cl := len(certs); cl != 1 { l.Infof("Got peer certificate list of length %d != 1 from %s; protocol error", cl, conn.RemoteAddr()) conn.Close() continue } remoteCert := certs[0] remoteID := protocol.NewNodeID(remoteCert.Raw) if remoteID == myID { l.Infof("Connected to myself (%s) - should not happen", remoteID) conn.Close() continue } if m.ConnectedTo(remoteID) { l.Infof("Connected to already connected node (%s)", remoteID) conn.Close() continue } for _, nodeCfg := range cfg.Nodes { if nodeCfg.NodeID == remoteID { // Verify the name on the certificate. By default we set it to // "syncthing" when generating, but the user may have replaced // the certificate and used another name. certName := nodeCfg.CertName if certName == "" { certName = "syncthing" } err := remoteCert.VerifyHostname(certName) if err != nil { // Incorrect certificate name is something the user most // likely wants to know about, since it's an advanced // config. Warn instead of Info. l.Warnf("Bad certificate from %s (%v): %v", remoteID, conn.RemoteAddr(), err) conn.Close() continue next } // If rate limiting is set, we wrap the write side of the // connection in a limiter. var wr io.Writer = conn if rateBucket != nil { wr = &limitedWriter{conn, rateBucket} } name := fmt.Sprintf("%s-%s", conn.LocalAddr(), conn.RemoteAddr()) protoConn := protocol.NewConnection(remoteID, conn, wr, m, name, nodeCfg.Compression) l.Infof("Established secure connection to %s at %s", remoteID, name) if debugNet { l.Debugf("cipher suite %04X", conn.ConnectionState().CipherSuite) } events.Default.Log(events.NodeConnected, map[string]string{ "id": remoteID.String(), "addr": conn.RemoteAddr().String(), }) m.AddConnection(conn, protoConn) continue next } } events.Default.Log(events.NodeRejected, map[string]string{ "node": remoteID.String(), "address": conn.RemoteAddr().String(), }) l.Infof("Connection from %s with unknown node ID %s; ignoring", conn.RemoteAddr(), remoteID) conn.Close() } }
func main() { flag.StringVar(&confDir, "home", getDefaultConfDir(), "Set configuration directory") flag.BoolVar(&reset, "reset", false, "Prepare to resync from cluster") flag.BoolVar(&showVersion, "version", false, "Show version") flag.BoolVar(&doUpgrade, "upgrade", false, "Perform upgrade") flag.BoolVar(&doUpgradeCheck, "upgrade-check", false, "Check for available upgrade") flag.BoolVar(&noBrowser, "no-browser", false, "Do not start browser") flag.StringVar(&generateDir, "generate", "", "Generate key in specified dir") flag.StringVar(&guiAddress, "gui-address", "", "Override GUI address") flag.StringVar(&guiAuthentication, "gui-authentication", "", "Override GUI authentication. Expects 'username:password'") flag.StringVar(&guiAPIKey, "gui-apikey", "", "Override GUI API key") flag.IntVar(&logFlags, "logflags", logFlags, "Set log flags") flag.Usage = usageFor(flag.CommandLine, usage, extraUsage) flag.Parse() if showVersion { fmt.Println(LongVersion) return } l.SetFlags(logFlags) if generateDir != "" { dir := expandTilde(generateDir) info, err := os.Stat(dir) l.FatalErr(err) if !info.IsDir() { l.Fatalln(dir, "is not a directory") } cert, err := loadCert(dir, "") if err == nil { l.Warnln("Key exists; will not overwrite.") l.Infoln("Node ID:", protocol.NewNodeID(cert.Certificate[0])) return } newCertificate(dir, "") cert, err = loadCert(dir, "") l.FatalErr(err) if err == nil { l.Infoln("Node ID:", protocol.NewNodeID(cert.Certificate[0])) } return } if doUpgrade || doUpgradeCheck { rel, err := upgrade.LatestRelease(strings.Contains(Version, "-beta")) if err != nil { l.Fatalln("Upgrade:", err) // exits 1 } if upgrade.CompareVersions(rel.Tag, Version) <= 0 { l.Infof("No upgrade available (current %q >= latest %q).", Version, rel.Tag) os.Exit(exitNoUpgradeAvailable) } l.Infof("Upgrade available (current %q < latest %q)", Version, rel.Tag) if doUpgrade { err = upgrade.UpgradeTo(rel, GoArchExtra) if err != nil { l.Fatalln("Upgrade:", err) // exits 1 } l.Okf("Upgraded to %q", rel.Tag) return } else { return } } if reset { resetRepositories() return } if os.Getenv("STNORESTART") != "" { syncthingMain() } else { monitorMain() } }