cmd/syncthing, lib/config: Enable HTTP CPU/heap profile collection for users

This adds a config to enable debug functions on the API server, which is
by default disabled. When enabled, the /rest/debug things become
available and become available without requiring a CSRF token (although
authentication is required if configured).

We also add a new endpoint /rest/debug/cpuprof?duration=15s (with the
duration being configurable, defaulting to 30s). This runs a CPU profile
for the duration and returns it as a file. It sets headers so that a
browser will save the file with an informative name.

The same is done for heap profiles, /rest/debug/heapprof, which does not
take any parameters.

The purpose of this is that any user can enable debugging under
advanced, then point their browser to the endpoint above and get a file
that contains a CPU or heap profile we can use, with the filename
telling us what version and architecture the profile is from.

On the command line, this becomes

    curl -O -J http://localhost:8082/rest/debug/cpuprof?duration=5s
    curl: Saved to filename
    'syncthing-cpu-darwin-amd64-v0.14.3+4-g935bcc0-110307.pprof'

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/3467

cmd/syncthing/gui.go

@@ -17,6 +17,7 @@ import (
 	"path/filepath"
 	"reflect"
 	"runtime"
+	"runtime/pprof"
 	"sort"
 	"strconv"
 	"strings"
@@ -268,8 +269,12 @@ func (s *apiService) Serve() {
 	postRestMux.HandleFunc("/rest/system/debug", s.postSystemDebug)            // [enable] [disable]
 
 	// Debug endpoints, not for general use
-	getRestMux.HandleFunc("/rest/debug/peerCompletion", s.getPeerCompletion)
-	getRestMux.HandleFunc("/rest/debug/httpmetrics", s.getSystemHTTPMetrics)
+	debugMux := http.NewServeMux()
+	debugMux.HandleFunc("/rest/debug/peerCompletion", s.getPeerCompletion)
+	debugMux.HandleFunc("/rest/debug/httpmetrics", s.getSystemHTTPMetrics)
+	debugMux.HandleFunc("/rest/debug/cpuprof", s.getCPUProf) // duration
+	debugMux.HandleFunc("/rest/debug/heapprof", s.getHeapProf)
+	getRestMux.Handle("/rest/debug/", s.whenDebugging(debugMux))
 
 	// A handler that splits requests between the two above and disables
 	// caching
@@ -364,6 +369,9 @@ func (s *apiService) VerifyConfiguration(from, to config.Configuration) error {
 }
 
 func (s *apiService) CommitConfiguration(from, to config.Configuration) bool {
+	// No action required when this changes, so mask the fact that it changed at all.
+	from.GUI.Debugging = to.GUI.Debugging
+
 	if to.GUI == from.GUI {
 		return true
 	}
@@ -487,6 +495,18 @@ func withDetailsMiddleware(id protocol.DeviceID, h http.Handler) http.Handler {
 	})
 }
 
+func (s *apiService) whenDebugging(h http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if s.cfg.GUI().Debugging {
+			h.ServeHTTP(w, r)
+			return
+		}
+
+		http.Error(w, "Debugging disabled", http.StatusBadRequest)
+		return
+	})
+}
+
 func (s *apiService) restPing(w http.ResponseWriter, r *http.Request) {
 	sendJSON(w, map[string]string{"ping": "pong"})
 }
@@ -1166,6 +1186,32 @@ func (s *apiService) getSystemBrowse(w http.ResponseWriter, r *http.Request) {
 	sendJSON(w, ret)
 }
 
+func (s *apiService) getCPUProf(w http.ResponseWriter, r *http.Request) {
+	duration, err := time.ParseDuration(r.FormValue("duration"))
+	if err != nil {
+		duration = 30 * time.Second
+	}
+
+	filename := fmt.Sprintf("syncthing-cpu-%s-%s-%s-%s.pprof", runtime.GOOS, runtime.GOARCH, Version, time.Now().Format("150405")) // hhmmss
+
+	w.Header().Set("Content-Type", "application/octet-stream")
+	w.Header().Set("Content-Disposition", "attachment; filename="+filename)
+
+	pprof.StartCPUProfile(w)
+	time.Sleep(duration)
+	pprof.StopCPUProfile()
+}
+
+func (s *apiService) getHeapProf(w http.ResponseWriter, r *http.Request) {
+	filename := fmt.Sprintf("syncthing-heap-%s-%s-%s-%s.pprof", runtime.GOOS, runtime.GOARCH, Version, time.Now().Format("150405")) // hhmmss
+
+	w.Header().Set("Content-Type", "application/octet-stream")
+	w.Header().Set("Content-Disposition", "attachment; filename="+filename)
+
+	runtime.GC()
+	pprof.WriteHeapProfile(w)
+}
+
 func (s *apiService) toNeedSlice(fs []db.FileInfoTruncated) []jsonDBFileInfo {
 	res := make([]jsonDBFileInfo, len(fs))
 	for i, f := range fs {

cmd/syncthing/gui_csrf.go

@@ -41,6 +41,13 @@ func csrfMiddleware(unique string, prefix string, cfg config.GUIConfiguration, n
 			return
 		}
 
+		if strings.HasPrefix(r.URL.Path, "/rest/debug") {
+			// Debugging functions are only available when explicitly
+			// enabled, and can be accessed without a CSRF token
+			next.ServeHTTP(w, r)
+			return
+		}
+
 		// Allow requests for anything not under the protected path prefix,
 		// and set a CSRF cookie if there isn't already a valid one.
 		if !strings.HasPrefix(r.URL.Path, prefix) {

cmd/syncthing/main.go

@@ -16,7 +16,6 @@ import (
 	"log"
 	"net"
 	"net/http"
-	_ "net/http/pprof"
 	"net/url"
 	"os"
 	"os/signal"

lib/config/guiconfiguration.go

@@ -21,6 +21,7 @@ type GUIConfiguration struct {
 	APIKey              string `xml:"apikey,omitempty" json:"apiKey"`
 	InsecureAdminAccess bool   `xml:"insecureAdminAccess,omitempty" json:"insecureAdminAccess"`
 	Theme               string `xml:"theme" json:"theme" default:"default"`
+	Debugging           bool   `xml:"debugging,attr" json:"debugging"`
 }
 
 func (c GUIConfiguration) Address() string {

test/h1/config.xml

@@ -50,7 +50,7 @@
     <device id="7PBCTLL-JJRYBSA-MOWZRKL-MSDMN4N-4US4OMX-SYEXUS4-HSBGNRY-CZXRXAT" name="s4" compression="metadata" introducer="false">
         <address>tcp://127.0.0.1:22004</address>
     </device>
-    <gui enabled="true" tls="false">
+    <gui enabled="true" tls="false" debugging="true">
         <address>127.0.0.1:8081</address>
         <user>testuser</user>
         <password>$2a$10$7tKL5uvLDGn5s2VLPM2yWOK/II45az0mTel8hxAUJDRQN1Tk2QYwu</password>

test/h2/config.xml

@@ -62,7 +62,7 @@
     <device id="373HSRP-QLPNLIE-JYKZVQF-P4PKZ63-R2ZE6K3-YD442U2-JHBGBQG-WWXAHAU" name="s3" compression="metadata" introducer="false">
         <address>tcp://127.0.0.1:22003</address>
     </device>
-    <gui enabled="true" tls="false">
+    <gui enabled="true" tls="false" debugging="true">
         <address>127.0.0.1:8082</address>
         <apikey>abc123</apikey>
         <theme>default</theme>

test/h3/config.xml

@@ -45,7 +45,7 @@
     <device id="373HSRP-QLPNLIE-JYKZVQF-P4PKZ63-R2ZE6K3-YD442U2-JHBGBQG-WWXAHAU" name="s3" compression="metadata" introducer="false">
         <address>tcp://127.0.0.1:22003</address>
     </device>
-    <gui enabled="true" tls="false">
+    <gui enabled="true" tls="false" debugging="true">
         <address>127.0.0.1:8083</address>
         <apikey>abc123</apikey>
         <theme>default</theme>

test/h4/config.xml

@@ -18,7 +18,7 @@
     <device id="7PBCTLL-JJRYBSA-MOWZRKL-MSDMN4N-4US4OMX-SYEXUS4-HSBGNRY-CZXRXAT" name="s4" compression="metadata" introducer="false">
         <address>dynamic</address>
     </device>
-    <gui enabled="true" tls="false">
+    <gui enabled="true" tls="false" debugging="true">
         <address>127.0.0.1:8084</address>
         <apikey>PMA5yUTG-Mw98nJ0YEtWTCHlM5O4aNi0</apikey>
         <theme>default</theme>