Cleanups and tweaks

cmd/syncthing/gui.go

@@ -56,7 +56,6 @@ func init() {
 }
 
 func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) error {
-	var listener net.Listener
 	var err error
 
 	cert, err := loadCert(confDir, "https-")
@@ -74,10 +73,11 @@ func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) erro
 		ServerName:   "syncthing",
 	}
 
-	listener, err = NewDowngradingListener(cfg.Address, tlsCfg)
+	rawListener, err := net.Listen("tcp", cfg.Address)
 	if err != nil {
 		return err
 	}
+	listener := &DowngradingListener{rawListener, tlsCfg}
 
 	// The GET handlers
 	getRestMux := http.NewServeMux()
@@ -139,8 +139,10 @@ func startGUI(cfg config.GUIConfiguration, assetDir string, m *model.Model) erro
 		handler = basicAuthAndSessionMiddleware(cfg, handler)
 	}
 
-	// Add our redirection middleware
-	handler = redirectionMiddleware(handler, cfg.Address, cfg.UseTLS)
+	// Redirect to HTTPS if we are supposed to
+	if cfg.UseTLS {
+		handler = redirectToHTTPSMiddleware(handler)
+	}
 
 	go http.Serve(listener, handler)
 	return nil
@@ -159,16 +161,17 @@ func getPostHandler(get, post http.Handler) http.Handler {
 	})
 }
 
-func redirectionMiddleware(h http.Handler, host string, usingTLS bool) http.Handler {
+func redirectToHTTPSMiddleware(h http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if r.TLS == nil && usingTLS {
-			r.URL.Host = host
+		// Add a generous access-control-allow-origin header since we may be
+		// redirecting REST requests over protocols
+		w.Header().Add("Access-Control-Allow-Origin", "*")
+
+		if r.TLS == nil {
+			// Redirect HTTP requests to HTTPS
+			r.URL.Host = r.Host
 			r.URL.Scheme = "https"
 			http.Redirect(w, r, r.URL.String(), http.StatusFound)
-		} else if r.TLS != nil && !usingTLS {
-			r.URL.Host = host
-			r.URL.Scheme = "http"
-			http.Redirect(w, r, r.URL.String(), http.StatusFound)
 		} else {
 			h.ServeHTTP(w, r)
 		}

cmd/syncthing/tls.go

@@ -5,7 +5,7 @@
 package main
 
 import (
-	"bytes"
+	"bufio"
 	"crypto/rand"
 	"crypto/rsa"
 	"crypto/sha256"
@@ -87,34 +87,26 @@ type WrappedConnection struct {
 	net.Conn
 }
 
-func NewDowngradingListener(address string, config *tls.Config) (net.Listener, error) {
-	listener, err := net.Listen("tcp", address)
+func (l *DowngradingListener) Accept() (net.Conn, error) {
+	conn, err := l.Listener.Accept()
 	if err != nil {
 		return nil, err
 	}
-	return &DowngradingListener{listener, config}, nil
-}
-
-func (listener *DowngradingListener) Accept() (net.Conn, error) {
-	connection, err := listener.Listener.Accept()
 
+	br := bufio.NewReader(conn)
+	bs, err := br.Peek(1)
 	if err != nil {
+		conn.Close()
 		return nil, err
 	}
 
-	var peek [1]byte
-	_, err = io.ReadFull(connection, peek[:])
-	if err != nil {
-		return nil, err
-	}
-
-	jointReader := io.MultiReader(bytes.NewReader(peek[:]), connection)
-	wrapper := &WrappedConnection{jointReader, connection}
+	wrapper := &WrappedConnection{br, conn}
 
-	// TLS handshake starts with ASCII SYN
-	if peek[0] == 22 {
-		return tls.Server(wrapper, listener.TLSConfig), nil
+	// 0x16 is the first byte of a TLS handshake
+	if bs[0] == 0x16 {
+		return tls.Server(wrapper, l.TLSConfig), nil
 	}
+
 	return wrapper, nil
 }
 

gui/app.js

@@ -153,13 +153,17 @@ syncthing.controller('SyncthingCtrl', function ($scope, $http, $translate, $loca
             return;
         }
 
-        console.log('UIOnline');
-        $scope.init();
-        online = true;
-        restarting = false;
-        $('#networkError').modal('hide');
-        $('#restarting').modal('hide');
-        $('#shutdown').modal('hide');
+        if (restarting){
+            document.location.reload(true);
+        } else {
+            console.log('UIOnline');
+            $scope.init();
+            online = true;
+            restarting = false;
+            $('#networkError').modal('hide');
+            $('#restarting').modal('hide');
+            $('#shutdown').modal('hide');
+        }
     });
 
     $scope.$on('UIOffline', function (event, arg) {
@@ -581,7 +585,7 @@ syncthing.controller('SyncthingCtrl', function ($scope, $http, $translate, $loca
 
             setTimeout(function(){
                 window.location.protocol = protocol;
-            }, 1000);
+            }, 2500);
 
             $scope.protocolChanged = false;
         }

gui/index.html

@@ -716,7 +716,6 @@
       <li><a href="https://github.com/golang/groupcache">groupcache/lru</a>, Copyright &copy; 2013 Google Inc.</li>
       <li><a href="https://github.com/juju/ratelimit">juju/ratelimit</a>, Copyright &copy; 2014 Canonical Ltd.</li>
       <li><a href="https://github.com/syndtr/goleveldb">syndtr/goleveldb</a>, Copyright &copy; 2012, Suryandaru Triandana</li>
-      <li><a href="https://github.com/BenLubar/Rnoadm/tree/master/maybetls">BenLubar/Rnoadm/maybetls</a>, Copyright &copy; 2013 The Rnoadm Authors.</li>
       <li><a href="https://github.com/vitrun/qart">vitrun/qart</a>, Copyright &copy; The Go Authors.</li>
       <li><a href="https://angularjs.org/">AngularJS</a>, Copyright &copy; 2010-2014 Google, Inc.</li>
       <li><a href="http://getbootstrap.com/">Bootstrap</a>, Copyright &copy; 2011-2014 Twitter, Inc.</li>