nothing: Dummy commit

.codecov.yml

@@ -1,20 +0,0 @@
-comment: false
-
-coverage:
-  range: "40...100"
-  precision: 1
-  status:
-    patch:
-      default:
-        informational: true
-    project:
-      default:
-        informational: true
-
-github_checks:
-  annotations: false
-
-ignore:
-  - "**.pb.go"
-  - "**_mocked.go"
-  - "**/mocks/*"

.deepsource.toml

@@ -1,12 +0,0 @@
-version = 1
-
-exclude_patterns = ["**/*.pb.go"]
-test_patterns = ["**/*_test.go"]
-
-[[analyzers]]
-name = "go"
-enabled = true
-
-  [analyzers.meta]
-  import_paths = ["github.com/syncthing/syncthing"]
-  build_tags = ["noassets"]

.github/FUNDING.yml

@@ -1,11 +0,0 @@
-github: syncthing
-custom: "https://syncthing.net/donations/"
-
-# patreon: # Replace with a single Patreon username
-# open_collective: # Replace with a single Open Collective username
-# ko_fi: # Replace with a single Ko-fi username
-# tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
-# community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
-# liberapay: # Replace with a single Liberapay username
-# issuehunt: # Replace with a single IssueHunt username
-# otechie: # Replace with a single Otechie username

.github/ISSUE_TEMPLATE/01-feature.yml

@@ -1,29 +0,0 @@
-name: Feature request
-description: File a new feature request
-labels: ["enhancement", "needs-triage"]
-type: Feature
-body:
-
-  - type: textarea
-    id: feature
-    attributes:
-      label: Feature description
-      description: Please describe the behavior you'd like to see.
-    validations:
-      required: true
-
-  - type: textarea
-    id: problem-usecase
-    attributes:
-      label: Problem or use case
-      description: Please explain which problem this would solve, or what the use case is for the feature. Keep in mind that it's more likely to be implemented if it's generally useful for a larger number of users.
-    validations:
-      required: true
-
-  - type: textarea
-    id: alternatives
-    attributes:
-      label: Alternatives or workarounds
-      description: Please describe any alternatives or workarounds you have considered and, possibly, rejected.
-    validations:
-      required: true

.github/ISSUE_TEMPLATE/02-bug.yml

@@ -1,52 +0,0 @@
-name: Bug report
-description: If you're actually looking for support instead, see "I need help / I have a question".
-labels: ["bug", "needs-triage"]
-type: Bug
-body:
-  - type: markdown
-    attributes:
-      value: |
-        :no_entry_sign: If you want to report a security issue, please see [our Security Policy](https://syncthing.net/security/) and do not report the issue here.
-
-        :interrobang: If you are not sure if there is a bug, but something isn't working right and you need help, please [use the forum](https://forum.syncthing.net/).
-
-  - type: textarea
-    id: what-happened
-    attributes:
-      label: What happened?
-      description: Also tell us, what did you expect to happen, and any steps we might use to reproduce the problem.
-      placeholder: Tell us what you see!
-    validations:
-      required: true
-
-  - type: input
-    id: version
-    attributes:
-      label: Syncthing version
-      description: What version of Syncthing are you running?
-      placeholder: v1.27.4
-    validations:
-      required: true
-
-  - type: input
-    id: platform
-    attributes:
-      label: Platform & operating system
-      description: On what platform(s) are you seeing the problem?
-      placeholder: Linux arm64
-    validations:
-      required: true
-
-  - type: input
-    id: browser
-    attributes:
-      label: Browser version
-      description: If the problem is related to the GUI, describe your browser and version.
-      placeholder: Safari 17.3.1
-
-  - type: textarea
-    id: logs
-    attributes:
-      label: Relevant log output
-      description: Please copy and paste any relevant log output or crash backtrace. This will be automatically formatted into code, so no need for backticks.
-      render: shell

.github/ISSUE_TEMPLATE/config.yml

@@ -1,8 +0,0 @@
-blank_issues_enabled: false
-contact_links:
-  - name: I need help / I have a question
-    url: https://forum.syncthing.net/
-    about: Ask questions, get support, and discuss with other community members.
-  - name: Android issues
-    url: https://github.com/syncthing/syncthing-android/issues/
-    about: The Android app has its own issue tracker.

.github/SECURITY.md

@@ -1,10 +0,0 @@
-## Reporting a Vulnerability
-
-If you believe that you've found a Syncthing-related security vulnerability,
-please report it by sending email to the address security@syncthing.net. The
-[PGP key for security@syncthing.net
-(B683AD7B76CAB013)](https://syncthing.net/security-key.txt) can be used to
-send encrypted mail or to verify responses received from that address.
-
-You can read more about Syncthing security at
-https://syncthing.net/security/.

.github/dependabot.yml

@@ -1,13 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: monthly
-    open-pull-requests-limit: 10
-
-  - package-ecosystem: "gomod"
-    directory: "/"
-    schedule:
-      interval: monthly
-    open-pull-requests-limit: 10

.github/labeler.yml

@@ -1,23 +0,0 @@
-version: 1
-labels:
-
-- label: enhancement
-  title: ^feat\b
-
-- label: bug
-  title: ^fix\b
-
-- label: documentation
-  title: ^docs\b
-
-- label: chore
-  title: ^chore\b
-
-- label: chore
-  title: ^refactor\b
-
-- label: build
-  title: ^build\b
-
-- label: dependencies
-  title: ^build\(deps\)\b

.github/regsync.yml

@@ -1,52 +0,0 @@
-  version: 1
-  creds:
-    - registry: docker.io
-      user: "{{env \"DOCKERHUB_USERNAME\"}}"
-      pass: "{{env \"DOCKERHUB_TOKEN\"}}"
-
-  defaults:
-    ratelimit:
-      min: 100
-      retry: 1m
-    parallel: 4
-
-  sync:
-
-    - source: ghcr.io/syncthing/syncthing
-      target: docker.io/syncthing/syncthing
-      type: repository
-      tags:
-        allow:
-          - latest
-          - rc
-          - edge
-          - \d+
-          - \d+\.\d+
-          - \d+\.\d+\.\d+
-          - \d+\.\d+\.\d+-rc\.\d+
-
-    - source: ghcr.io/syncthing/relaysrv
-      target: docker.io/syncthing/relaysrv
-      type: repository
-      tags:
-        allow:
-          - latest
-          - rc
-          - edge
-          - \d+
-          - \d+\.\d+
-          - \d+\.\d+\.\d+
-          - \d+\.\d+\.\d+-rc\.\d+
-
-    - source: ghcr.io/syncthing/discosrv
-      target: docker.io/syncthing/discosrv
-      type: repository
-      tags:
-        allow:
-          - latest
-          - rc
-          - edge
-          - \d+
-          - \d+\.\d+
-          - \d+\.\d+\.\d+
-          - \d+\.\d+\.\d+-rc\.\d+

.github/release.yml

@@ -1,17 +0,0 @@
-changelog:
-  exclude:
-    labels:
-      - dependencies
-
-  categories:
-    - title: Fixes
-      labels:
-        - bug
-
-    - title: Features
-      labels:
-        - enhancement
-
-    - title: Other
-      labels:
-        - '*'

.github/workflows/build-infra-dockers.yaml

@@ -1,85 +0,0 @@
-name: Build Infrastructure Images
-
-on:
-  push:
-    branches:
-      - infrastructure
-      - infra-*
-
-env:
-  GO_VERSION: "~1.25.0"
-  CGO_ENABLED: "0"
-  BUILD_USER: docker
-  BUILD_HOST: github.syncthing.net
-
-permissions:
-  contents: read
-  packages: write
-
-jobs:
-  docker-syncthing:
-    name: Build and push Docker images
-    if: github.repository == 'syncthing/syncthing'
-    runs-on: ubuntu-latest
-    environment: docker
-    strategy:
-      matrix:
-        pkg:
-          - stcrashreceiver
-          - strelaypoolsrv
-          - stupgrades
-          - ursrv
-    steps:
-      - uses: actions/checkout@v5
-        with:
-          fetch-depth: 0
-
-      - uses: actions/setup-go@v6
-        with:
-          go-version: ${{ env.GO_VERSION }}
-          check-latest: true
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v3
-        with:
-          username: ${{ secrets.DOCKERHUB_USERNAME }}
-          password: ${{ secrets.DOCKERHUB_TOKEN }}
-
-      - name: Login to GHCR
-        uses: docker/login-action@v3
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build binaries
-        run: |
-          for arch in arm64 amd64; do
-            go run build.go -goos linux -goarch "$arch" build ${{ matrix.pkg }}
-            mv ${{ matrix.pkg }} ${{ matrix.pkg }}-linux-"$arch"
-          done
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Set Docker tags (all branches)
-        run: |
-          tags=docker.io/syncthing/${{ matrix.pkg }}:${{ github.sha }},ghcr.io/syncthing/infra/${{ matrix.pkg }}:${{ github.sha }}
-          echo "TAGS=$tags" >> $GITHUB_ENV
-
-      - name: Set Docker tags (latest)
-        if: github.ref == 'refs/heads/infrastructure'
-        run: |
-          tags=docker.io/syncthing/${{ matrix.pkg }}:latest,ghcr.io/syncthing/infra/${{ matrix.pkg }}:latest,${{ env.TAGS }}
-          echo "TAGS=$tags" >> $GITHUB_ENV
-
-      - name: Build and push
-        uses: docker/build-push-action@v5
-        with:
-          context: .
-          file: ./Dockerfile.${{ matrix.pkg }}
-          platforms: linux/amd64,linux/arm64
-          push: true
-          tags: ${{ env.TAGS }}
-          labels: |
-            org.opencontainers.image.revision=${{ github.sha }}

.github/workflows/build-nightly.yaml

@@ -1,18 +0,0 @@
-name: Build Syncthing (Nightly)
-
-on:
-  schedule:
-    # Run nightly build at 05:00 UTC
-    - cron: '00 05 * * *'
-  workflow_dispatch:
-
-permissions:
-  contents: write
-  packages: write
-
-jobs:
-  build-syncthing:
-    uses: ./.github/workflows/build-syncthing.yaml
-    # if we only want nightlies to run for specific users:
-    # if: contains(fromJSON('["syncthing", "calmh"]'), github.repository_owner)
-    secrets: inherit

.github/workflows/mirrors.yaml

@@ -1,18 +0,0 @@
-name: Mirrors
-
-on: [push, delete]
-
-jobs:
-  codeberg:
-    name: Mirror to Codeberg
-    if: github.repository_owner == 'syncthing'
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - uses: yesolutions/mirror-action@master
-        with:
-          REMOTE: ssh://git@codeberg.org/${{ github.repository }}.git
-          GIT_SSH_PRIVATE_KEY: ${{ secrets.CODEBERG_PUSH_KEY }}
-          GIT_SSH_NO_VERIFY_HOST: "true"

.github/workflows/org-members.yaml

@@ -1,20 +0,0 @@
-name: Org membership recommendations
-
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '0 0 1 * *'
-
-jobs:
-
-  run-recommendation:
-    runs-on: ubuntu-latest
-    name: Check for a recommendation
-    steps:
-
-      - uses: docker://ghcr.io/calmh/github-org-members:latest
-        env:
-          GITHUB_ORGANISATION: syncthing
-          GITHUB_TOKEN: ${{ secrets.GOM_GITHUB_TOKEN }}
-          GOM_IGNORE_USERS: ${{ secrets.GOM_IGNORE_USERS }}
-          GOM_ALSO_REPOS: ${{ secrets.GOM_ALSO_REPOS }}

.github/workflows/pr-metadata.yaml

@@ -1,27 +0,0 @@
-name: PR metadata
-
-on:
-  pull_request_target:
-    types:
-      - opened
-      - reopened
-      - edited
-      - synchronize
-
-permissions:
-  contents: read
-  pull-requests: write
-
-jobs:
-
-  #
-  # Set labels on PRs, which are then used to categorise release notes
-  #
-
-  labels:
-    name: Set labels
-    runs-on: ubuntu-latest
-    steps:
-    - uses: srvaroa/labeler@v1
-      env:
-        GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"

.github/workflows/release-syncthing.yaml

@@ -1,60 +0,0 @@
-name: Release Syncthing
-
-on:
-  push:
-    branches:
-      - release
-      - release-rc*
-
-permissions:
-  contents: write
-
-jobs:
-  create-release-tag:
-    name: Create release tag
-    runs-on: ubuntu-latest
-    environment: release
-    steps:
-      - uses: actions/checkout@v5
-        with:
-          fetch-depth: 0
-          ref: ${{ github.ref }} # https://github.com/actions/checkout/issues/882
-          token: ${{ secrets.ACTIONS_GITHUB_TOKEN }}
-
-      - uses: actions/setup-go@v6
-        with:
-          go-version: stable
-
-      - name: Determine version to release
-        run: |
-          if [[ "$GITHUB_REF_NAME" == "release" ]] ; then
-            next=$(go run ./script/next-version.go)
-          else
-            next=$(go run ./script/next-version.go --pre)
-          fi
-          echo "NEXT=$next" >> $GITHUB_ENV
-          echo "Next version is $next"
-
-          prev=$(git describe --exclude "*-*" --abbrev=0)
-          echo "PREV=$prev" >> $GITHUB_ENV
-          echo "Previous version is $prev"
-
-      - name: Determine release notes
-        run: |
-          go run ./script/relnotes.go --new-ver "$NEXT" --branch "$GITHUB_REF_NAME" --prev-ver "$PREV" > notes.md
-        env:
-          GITHUB_TOKEN: ${{ secrets.ACTIONS_GITHUB_TOKEN }}
-
-      - name: Create and push tag
-        run: |
-          git config --global user.name 'Syncthing Release Automation'
-          git config --global user.email 'release@syncthing.net'
-          git tag -a -F notes.md --cleanup=whitespace "$NEXT"
-          git push origin "$NEXT"
-
-      - name: Trigger the build
-        uses: benc-uk/workflow-dispatch@v1
-        with:
-          workflow: build-syncthing.yaml
-          ref: refs/tags/${{ env.NEXT }}
-          token: ${{ secrets.ACTIONS_GITHUB_TOKEN }}

.github/workflows/trigger-nightly.yaml

@@ -1,22 +0,0 @@
-name: Trigger nightly build & release
-on:
-  workflow_dispatch:
-  schedule:
-    # Run nightly build at 01:00 UTC
-    - cron: '00 01 * * *'
-
-jobs:
-
-  trigger-nightly:
-    if: github.repository_owner == 'syncthing'
-    runs-on: ubuntu-latest
-    name: Push to release-nightly to trigger build
-    steps:
-
-      - uses: actions/checkout@v5
-        with:
-          token: ${{ secrets.ACTIONS_GITHUB_TOKEN }}
-          fetch-depth: 0
-
-      - run: |
-          git push origin main:release-nightly

.github/workflows/update-docs-translations.yaml

@@ -1,28 +0,0 @@
-name: Update translations and documentation
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '42 3 * * 1'
-
-jobs:
-
-  update_transifex_docs:
-    runs-on: ubuntu-latest
-    name: Update translations and documentation
-    steps:
-      - uses: actions/checkout@v5
-        with:
-          fetch-depth: 0
-          token: ${{ secrets.ACTIONS_GITHUB_TOKEN }}
-      - uses: actions/setup-go@v6
-        with:
-          go-version: stable
-      - run: |
-          set -euo pipefail
-          git config --global user.name 'Syncthing Release Automation'
-          git config --global user.email 'release@syncthing.net'
-          bash build.sh translate
-          bash build.sh prerelease
-          git push
-        env:
-          WEBLATE_TOKEN: ${{ secrets.WEBLATE_TOKEN }}

.gitignore

@@ -1,10 +1,11 @@
-/syncthing
-/stdiscosrv
+syncthing
+!gui/syncthing
+!debian/syncthing
+!Godeps/_workspace/src/github.com/syncthing
+syncthing.exe
 *.tar.gz
 *.zip
 *.asc
-*.deb
-*.exe
 .jshintrc
 coverage.out
 files/pidx
@@ -14,7 +15,4 @@ coverage.xml
 syncthing.sig
 RELEASE
 deb
-*.bz2
-/repos
-/proto/scripts/protoc-gen-gosyncthing
-/compat.json
+lib/auto/gui.files.go

.golangci.yml

@@ -1,96 +0,0 @@
-version: "2"
-linters:
-  default: all
-  disable:
-    - cyclop
-    - depguard
-    - err113
-    - exhaustive
-    - exhaustruct
-    - forbidigo
-    - funcorder
-    - funlen
-    - gochecknoglobals
-    - gochecknoinits
-    - gocognit
-    - goconst
-    - gocyclo
-    - godot
-    - godox
-    - gomoddirectives
-    - inamedparam
-    - interfacebloat
-    - ireturn
-    - lll
-    - maintidx
-    - mnd
-    - musttag
-    - nestif
-    - nlreturn
-    - noinlineerr
-    - nonamedreturns
-    - paralleltest
-    - prealloc
-    - predeclared
-    - protogetter
-    - recvcheck
-    - revive
-    - tagalign
-    - tagliatelle
-    - testpackage
-    - usetesting # go 1.24
-    - varnamelen
-    - whitespace
-    - wrapcheck
-    - wsl
-    - wsl_v5
-  exclusions:
-    generated: lax
-    presets:
-      - comments
-      - common-false-positives
-      - legacy
-      - std-error-handling
-    paths:
-      - internal/gen
-      - internal/db/olddb
-      - cmd/dev
-      - repos
-      - third_party$
-      - builtin$
-      - examples$
-      - _test\.go$
-    rules:
-      # relax the slog rules for debug lines, for now
-      - linters: [sloglint]
-        source: Debug
-      # contexts are irrelevant for SQLite
-      - linters: [noctx]
-        text: database/sql
-      # Rollback errors can be ignored
-      - linters: [errcheck]
-        source: Rollback
-      # Embedded fields named in selectors may add clarity
-      - linters: [staticcheck]
-        text: QF1008
-      # Don't necessarily rewrite !(foo || bar) to !foo && !bar
-      - linters: [staticcheck]
-        text: QF1001
-  settings:
-    sloglint:
-      context: "scope"
-      static-msg: true
-      msg-style: capitalized
-      key-naming-case: camel
-formatters:
-  enable:
-    - gofumpt
-  exclusions:
-    generated: lax
-    paths:
-      - internal/gen
-      - cmd/dev
-      - repos
-      - third_party$
-      - builtin$
-      - examples$

.mailmap

@@ -0,0 +1 @@
+NICKS

.policy.yml

@@ -1,111 +0,0 @@
-# This is the policy-bot configuration for this repository. It controls
-# which approvals are required for any given pull request. The format is
-# described at https://github.com/palantir/policy-bot. The syntax of the
-# policy can be verified by the bot:
-# curl https://pb.syncthing.net/api/validate -X PUT -T .policy.yml
-
-# The policy below is what is required for any pull request.
-policy:
-  approval:
-    - subject is conventional commit
-    - or:
-      - project metadata requires maintainer approval
-      - a maintainer claims responsibility
-    - or:
-      - is approved by a syncthing contributor
-      - is a translation or dependency update by a contributor
-      - is a trivial change by a contributor
-      - a maintainer claims responsibility
-
-  # Additionally, maintainers can disapprove of a PR
-  disapproval:
-    requires:
-      teams:
-        - syncthing/maintainers
-
-# The rules for the policy are described below.
-
-approval_rules:
-
-  # All commits (PRs before squashing) should have a valid conventional
-  # commit type subject.
-  - name: subject is conventional commit
-    requires:
-      conditions:
-        title:
-          matches:
-            - '^(feat|fix|docs|chore|refactor|build): [a-z].+'
-            - '^(feat|fix|docs|chore|refactor|build)\(\w+(, \w+)*\): [a-z].+'
-
-  # Changes to important project metadata and documentation, including this
-  # policy, require signoff by a maintainer
-  - name: project metadata requires maintainer approval
-    if:
-      changed_files:
-        paths:
-          - ^[^/]+\.md
-          - ^\.policy\.yml
-          - ^LICENSE
-    requires:
-      count: 1
-      teams:
-        - syncthing/maintainers
-    options:
-      ignore_update_merges: true
-      allow_non_author_contributor: true
-
-  # Regular pull requests require approval by an active contributor
-  - name: is approved by a syncthing contributor
-    requires:
-      count: 1
-      teams:
-        - syncthing/contributors
-    options:
-      ignore_update_merges: true
-      allow_non_author_contributor: true
-
-  # Changes to some files (translations, dependencies, compatibility) do not
-  # require approval if they were proposed by a contributor and have a
-  # matching commit subject
-  - name: is a translation or dependency update by a contributor
-    if:
-      only_changed_files:
-        paths:
-          - ^gui/default/assets/lang/
-          - ^go\.mod$
-          - ^go\.sum$
-          - ^compat\.yaml$
-      title:
-        matches:
-          - '^chore\(gui\):'
-          - '^build\(deps\):'
-          - '^build\(compat\):'
-      has_author_in:
-        teams:
-          - syncthing/contributors
-
-  # If the change is small and the label "trivial" is added, we accept that
-  # on trust. These PRs can be audited after the fact as appropriate.
-  # Features are not trivial.
-  - name: is a trivial change by a contributor
-    if:
-      modified_lines:
-        total: "< 25"
-      title:
-        not_matches:
-          - '^feat'
-      has_labels:
-        - trivial
-      has_author_in:
-        teams:
-          - syncthing/contributors
-
-  # A member of the maintainers group can take responsibility by adding the
-  # appropriate label.
-  - name: a maintainer claims responsibility
-    if:
-      has_labels:
-        - maintainer-responsibility
-      has_author_in:
-        teams:
-          - syncthing/maintainers

.yamlfmt

@@ -1,4 +0,0 @@
-line_ending: lf
-formatter:
-  type: basic
-  retain_line_breaks: true

AUTHORS

@@ -1,322 +1,89 @@
 # This is the official list of Syncthing authors for copyright purposes.
-#
-# THIS FILE IS MOSTLY AUTO GENERATED. IF YOU'VE MADE A COMMIT TO THE
-# REPOSITORY YOU WILL BE ADDED HERE AUTOMATICALLY WITHOUT THE NEED FOR
-# ANY MANUAL ACTION.
-#
-# That said, you are welcome to correct your name or add a nickname / GitHub
-# user name as appropriate. The format is:
-#
-#    Name Name Name (nickname) <email1@example.com> <email2@example.com>
-#
-# The in-GUI authors list is periodically automatically updated from the
-# contents of this file.
-#
 
-Jakob Borg (calmh) <jakob@nym.se> <jakob@kastelo.net> <jborg@coreweave.com>
-Audrius Butkevicius (AudriusButkevicius) <audrius.butkevicius@gmail.com> <github@audrius.rocks>
-Simon Frei (imsodin) <freisim93@gmail.com>
-Tomasz Wilczyński <5626656+tomasz1986@users.noreply.github.com> <twilczynski@naver.com>
-Alexander Graf (alex2108) <register-github@alex-graf.de>
-Alexandre Viau (aviau) <alexandre@alexandreviau.net> <aviau@debian.org>
-Anderson Mesquita (andersonvom) <andersonvom@gmail.com>
-André Colomb (acolomb) <src@andre.colomb.de> <github.com@andre.colomb.de>
-Antony Male (canton7) <antony.male@gmail.com>
-Ben Schulz (uok) <ueomkail@gmail.com> <uok@users.noreply.github.com>
-bt90 <btom1990@googlemail.com>
-Caleb Callaway (cqcallaw) <enlightened.despot@gmail.com>
-Daniel Harte (norgeous) <daniel@harte.me> <daniel@danielharte.co.uk> <norgeous@users.noreply.github.com>
-Emil Lundberg <emil@emlun.se>
-Eric P <eric@kastelo.net>
-Evgeny Kuznetsov <evgeny@kuznetsov.md>
-greatroar <61184462+greatroar@users.noreply.github.com>
-Lars K.W. Gohlke (lkwg82) <lkwg82@gmx.de>
-Lode Hoste (Zillode) <zillode@zillode.be>
-Marcus B Spencer <marcus@marcusspencer.xyz> <marcus@marcusspencer.us>
-Michael Ploujnikov (plouj) <ploujj@gmail.com>
-Ross Smith II (rasa) <ross@smithii.com>
-Stefan Tatschner (rumpelsepp) <stefan@sevenbyte.org> <rumpelsepp@sevenbyte.org> <stefan@rumpelsepp.org>
-Tommy van der Vorst <tommy-github@pixelspark.nl> <tommy@pixelspark.nl>
-Wulf Weich (wweich) <wweich@users.noreply.github.com> <wweich@gmx.de> <wulf@weich-kr.de>
-Adam Piggott (ProactiveServices) <aD@simplypeachy.co.uk> <simplypeachy@users.noreply.github.com> <ProactiveServices@users.noreply.github.com> <adam@proactiveservices.co.uk>
-Adel Qalieh (adelq) <aqalieh95@gmail.com> <adelq@users.noreply.github.com>
-Aleksey Vasenev <margtu-fivt@ya.ru>
-Alessandro G. (alessandro.g89) <alessandro.g89@gmail.com>
-Alex Ionescu <github@ionescu.sh>
-Alex Lindeman <139387+aelindeman@users.noreply.github.com>
-Alex Xu <alex.hello71@gmail.com>
-Alexander Seiler <seileralex@gmail.com>
-Alexandre Alves <alexandrealvesdb.contact@gmail.com>
-Aman Gupta <aman@tmm1.net>
-Andreas Sommer <andreas.sommer87@googlemail.com>
-andresvia <andres.via@gmail.com>
-Andrew Rabert (nvllsvm) <ar@nullsum.net> <6550543+nvllsvm@users.noreply.github.com>
-Andrey D (scienmind) <scintertech@cryptolab.net> <scienmind@users.noreply.github.com>
-andyleap <andyleap@gmail.com>
-Anjan Momi <anjan@momi.ca>
-Anthony Goeckner <agoeckner@users.noreply.github.com>
-Antoine Lamielle (0x010C) <antoine.lamielle@0x010c.fr> <gh@0x010c.fr>
-Anur <anurnomeru@163.com>
-Aranjedeath <Aranjedeath@users.noreply.github.com>
-ardevd <ardevd@users.noreply.github.com>
-Arkadiusz Tymiński <gevleeog@gmail.com>
-Aroun <login@b-vo.fr>
-Arthur Axel fREW Schmidt (frioux) <frew@afoolishmanifesto.com> <frioux@gmail.com>
-Artur Zubilewicz <AkaZecik@users.noreply.github.com>
-Ashish Bhate <bhate.ashish@gmail.com>
-Aurélien Rainone <476650+arl@users.noreply.github.com>
-BAHADIR YILMAZ <bahadiryilmaz32@gmail.com>
-Bart De Vries (mogwa1) <devriesb@gmail.com>
-Beat Reichenbach <44111292+beatreichenbach@users.noreply.github.com>
-Ben Shepherd (benshep) <bjashepherd@gmail.com>
-Ben Sidhom (bsidhom) <bsidhom@gmail.com>
-Benedikt Heine (bebehei) <bebe@bebehei.de>
-Benno Fünfstück <benno.fuenfstueck@gmail.com>
-Benny Ng (tpng) <benny.tpng@gmail.com>
-boomsquared <54829195+boomsquared@users.noreply.github.com>
-Boqin Qin <bobbqqin@bupt.edu.cn>
-Boris Rybalkin <ribalkin@gmail.com>
-Brendan Long (brendanlong) <self@brendanlong.com>
-Catfriend1 <16361913+Catfriend1@users.noreply.github.com>
-Cathryne Linenweaver (Cathryne) <cathryne.linenweaver@gmail.com> <Cathryne@users.noreply.github.com> <katrinleinweber@MAC.local>
-Cedric Staniewski (xduugu) <cedric@gmx.ca>
-Chih-Hsuan Yen <yan12125@gmail.com> <1937689+yan12125@users.noreply.github.com>
-Choongkyu <choongkyu.kim+gh@gmail.com> <vapidlyrapid+gh@gmail.com>
-Chris Howie (cdhowie) <me@chrishowie.com>
-Chris Joel (cdata) <chris@scriptolo.gy>
-Christian Kujau <ckujau@users.noreply.github.com>
-Christian Prescott <me@christianprescott.com>
-chucic <chucic@seznam.cz>
-cjc7373 <niuchangcun@gmail.com>
-Colin Kennedy (moshen) <moshen.colin@gmail.com>
-Cromefire_ <tim.l@nghorst.net> <26320625+cromefire@users.noreply.github.com>
-Cyprien Devillez <cypx@users.noreply.github.com>
-d-volution <49024624+d-volution@users.noreply.github.com>
-Dan <benda.daniel@gmail.com>
-Daniel Barczyk <46358936+DanielBarczyk@users.noreply.github.com>
-Daniel Bergmann (brgmnn) <dan.arne.bergmann@gmail.com> <brgmnn@users.noreply.github.com>
-Daniel Martí (mvdan) <mvdan@mvdan.cc>
-Daniel Padrta <64928366+danpadcz@users.noreply.github.com>
-Daniil Gentili <daniil@daniil.it>
-Darshil Chanpura (dtchanpura) <dtchanpura@gmail.com> <dcprime314@gmail.com>
-dashangcun <907225865@qq.com>
-David Rimmer (dinosore) <dinosore@dbrsoftware.co.uk>
-DeflateAwning <11021263+DeflateAwning@users.noreply.github.com>
-Denis A. (dva) <denisva@gmail.com>
-Dennis Wilson (snnd) <dw@risu.io>
-derekriemer <derek.riemer@colorado.edu>
-DerRockWolf <50499906+DerRockWolf@users.noreply.github.com>
-desbma <desbma@users.noreply.github.com>
-Devon G. Redekopp <devon@redekopp.com>
-digital <didev@dinid.net>
-Dimitri Papadopoulos Orfanos <3234522+DimitriPapadopoulos@users.noreply.github.com>
-Dmitry Saveliev (dsaveliev) <d.e.saveliev@gmail.com>
-domain <32405309+szu17dmy@users.noreply.github.com>
-Domenic Horner <domenic@tgxn.net>
-Dominik Heidler (asdil12) <dominik@heidler.eu>
-Elias Jarlebring (jarlebring) <jarlebring@gmail.com>
-Elliot Huffman <thelich2@gmail.com>
-Emil Hessman (ceh) <emil@hessman.se>
-Eng Zer Jun <engzerjun@gmail.com>
-entity0xfe <109791748+entity0xfe@users.noreply.github.com> <entity0xfe@my.domain>
-Eric Lesiuta <elesiuta@gmail.com>
-Erik Meitner (WSGCSysadmin) <e.meitner@willystreet.coop>
-Evan Spensley <94762716+0evan@users.noreply.github.com>
-Federico Castagnini (facastagnini) <federico.castagnini@gmail.com>
-Felix <53702818+f-eliks@users.noreply.github.com>
-Felix Ableitner (Nutomic) <me@nutomic.com>
-Felix Lampe <mail@flampe.de>
-Felix Unterpaintner (bigbear2nd) <bigbear2nd@gmail.com>
-Francois-Xavier Gsell (zukoo) <fxgsell@gmail.com>
-Frank Isemann (fti7) <frank@isemann.name>
-Gahl Saraf <saraf.gahl@gmail.com> <gahl@raftt.io>
-georgespatton <georgespatton@users.noreply.github.com>
-ghjklw <malo@jaffre.info>
-Gilli Sigurdsson (gillisig) <gilli@vx.is>
-Gleb Sinyavskiy <zhulik.gleb@gmail.com>
-Graham Miln (grahammiln) <graham.miln@dssw.co.uk> <graham.miln@miln.eu>
-Greg <gco@jazzhaiku.com>
-guangwu <guoguangwu@magic-shield.com>
-gudvinr <gudvinr@gmail.com>
-Gusted <postmaster@gusted.xyz> <williamzijl7@hotmail.com>
-Han Boetes <han@boetes.org>
-HansK-p <42314815+HansK-p@users.noreply.github.com>
-Harrison Jones (harrisonhjones) <harrisonhjones@users.noreply.github.com>
-Hazem Krimi <me@hazemkrimi.tech>
-Heiko Zuerker (Smiley73) <heiko@zuerker.org>
-Hireworks <129852174+hireworksltd@users.noreply.github.com>
-Hugo Locurcio <hugo.locurcio@hugo.pro>
-Iain Barnett <iainspeed@gmail.com>
-Ian Johnson (anonymouse64) <ian.johnson@canonical.com> <person.uwsome@gmail.com>
-ignacy123 <ignacy.buczek@onet.pl>
-Iskander Sharipov (Alex) <quasilyte@gmail.com>
-Jaakko Hannikainen (jgke) <jgke@jgke.fi>
-Jack Croft <jccroft1@users.noreply.github.com>
-Jacob <jyundt@gmail.com>
-Jake Peterson (acogdev) <jake@acogdev.com>
-James O'Beirne <wild-github@au92.org>
-James Patterson (jpjp) <jamespatterson@operamail.com> <jpjp@users.noreply.github.com>
-Jaroslav Lichtblau <svetlemodry@users.noreply.github.com>
-Jaroslav Malec (dzarda) <dzardacz@gmail.com>
-Jaspitta <ste.scarpitta@gmail.com>
-Jaya Chithra (jayachithra) <s.k.jayachithra@gmail.com>
-Jaya Kumar <jaya.kumar@ict.nl>
-Jeffery To <jeffery.to@gmail.com>
-jelle van der Waa <jelle@vdwaa.nl>
-Jens Diemer (jedie) <github.com@jensdiemer.de> <git@jensdiemer.de>
-Jochen Voss (seehuhn) <voss@seehuhn.de>
-Johan Vromans (sciurius) <jvromans@squirrel.nl>
-John Rinehart (fuzzybear3965) <johnrichardrinehart@gmail.com>
-Jonas Thelemann <e-mail@jonas-thelemann.de>
-Jonathan <artback@protonmail.com> <jonagn@gmail.com>
-Jose Manuel Delicado (jmdaweb) <jmdaweb@hotmail.com> <jmdaweb@users.noreply.github.com>
-jtagcat <git-514635f7@jtag.cat> <git-12dbd862@jtag.cat>
-Julian Lehrhuber <jul13579@users.noreply.github.com>
-Jörg Thalheim <Mic92@users.noreply.github.com>
-Jędrzej Kula <kula.jedrek@gmail.com>
-Kapil Sareen <kapilsareen584@gmail.com>
-Karol Różycki (krozycki) <rozycki.karol@gmail.com>
-Kebin Liu <lkebin@gmail.com>
-Keith Harrison <keithh@protonmail.com>
-Kelong Cong (kc1212) <kc04bc@gmx.com> <kc1212@users.noreply.github.com>
-Ken'ichi Kamada (kamadak) <kamada@nanohz.org>
-Kevin Allen (ironmig) <kma1660@gmail.com>
-Kevin Bushiri (keevBush) <keevbush@gmail.com> <36192217+keevBush@users.noreply.github.com>
-Kevin White, Jr. (kwhite17) <kevinwhite1710@gmail.com>
-klemens <ka7@github.com>
-Kurt Fitzner (Kudalufi) <kurt@va1der.ca> <kurt.fitzner@gmail.com>
-kylosus <33132401+kylosus@users.noreply.github.com>
-Lars Lehtonen <lars.lehtonen@gmail.com>
-Laurent Etiemble (letiemble) <laurent.etiemble@gmail.com> <laurent.etiemble@monobjc.net>
-Leo Arias (elopio) <yo@elopio.net>
-Liu Siyuan (liusy182) <liusy182@gmail.com> <liusy182@hotmail.com>
-Lord Landon Agahnim (LordLandon) <lordlandon@gmail.com>
-LSmithx2 <42276854+lsmithx2@users.noreply.github.com>
-Lukas Lihotzki <lukas@lihotzki.de>
-Luke Hamburg <1992842+luckman212@users.noreply.github.com>
-luzpaz <luzpaz@users.noreply.github.com>
-Majed Abdulaziz (majedev) <majed.alhajry@gmail.com>
-Marc Laporte (marclaporte) <marc@marclaporte.com> <marc@laporte.name>
-Marcel Meyer <mm.marcelmeyer@gmail.com>
-Marcin Dziadus (marcindziadus) <dziadus.marcin@gmail.com>
-Marcus Legendre <marcus.legendre@gmail.com>
-Mario Majila <mariustshipichik@gmail.com>
-Mark Pulford (mpx) <mark@kyne.com.au>
-Martchus <martchus@gmx.net>
-Mateusz Naściszewski (mateon1) <matin1111@wp.pl>
-Mateusz Ż <thedead4fun@live.com>
-mathias4833 <67101597+mathias4833@users.noreply.github.com>
-Matic Potočnik <hairyfotr@gmail.com>
-Matt Burke (burkemw3) <mburke@amplify.com> <burkemw3@gmail.com>
-Matt Robenolt <matt@ydekproductions.com>
-Matteo Ruina <matteo.ruina@gmail.com>
-Maurizio Tomasi <ziotom78@gmail.com>
-Max <github@germancoding.com>
-Max Schulze (kralo) <max.schulze@online.de> <kralo@users.noreply.github.com>
-MaximAL <almaximal@ya.ru>
-Maximilian <maxi.rostock@outlook.de> <public@complexvector.space>
-Michael Jephcote (Rewt0r) <rewt0r@gmx.com> <Rewt0r@users.noreply.github.com>
-Michael Rienstra <mrienstra@gmail.com>
-MichaIng <micha@dietpi.com>
-Migelo <miha@filetki.si>
-Mike Boone <mike@boonedocks.net>
-MikeLund <MikeLund@users.noreply.github.com>
-MikolajTwarog <43782609+MikolajTwarog@users.noreply.github.com>
-Mingxuan Lin <gdlmx@users.noreply.github.com>
-mv1005 <49659413+mv1005@users.noreply.github.com>
-Nate Morrison (nrm21) <natemorrison@gmail.com>
-nf <nf@wh3rd.net>
-Nicholas Rishel (PrototypeNM1) <rishel.nick@gmail.com> <PrototypeNM1@users.noreply.github.com>
-Nick Busey <NickBusey@users.noreply.github.com>
-Nico Stapelbroek <3368018+nstapelbroek@users.noreply.github.com>
-Nicolas Braud-Santoni <nicolas@braud-santoni.eu>
-Nicolas Perraut <n.perraut@gmail.com>
-Niels Peter Roest (Niller303) <nielsproest@hotmail.com> <seje.niels@hotmail.com>
-Nils Jakobi (thunderstorm99) <jakobi.nils@gmail.com>
-NinoM4ster <ninom4ster@gmail.com>
-Nitroretro <43112364+Nitroretro@users.noreply.github.com>
-NoLooseEnds <jon.koslung@gmail.com>
-Oliver Freyermuth <o.freyermuth@googlemail.com>
-orangekame3 <miya.org.0309@gmail.com>
-otbutz <tbutz@optitool.de>
-overkill <22098433+0verk1ll@users.noreply.github.com>
-Oyebanji Jacob Mayowa <oyebanji05@gmail.com>
-Pablo <pbaeyens31+github@gmail.com>
-Pascal Jungblut (pascalj) <github@pascalj.com> <mail@pascal-jungblut.com>
-Paul Brit <paulbrit44@gmail.com>
-Paul Donald <newtwen+github@gmail.com>
-Pawel Palenica (qepasa) <pawelpalenica11@gmail.com>
-perewa <cavalcante.ten@gmail.com>
-Peter Badida <KeyWeeUsr@users.noreply.github.com>
-Peter Dave Hello <hsu@peterdavehello.org>
-Peter Hoeg (peterhoeg) <peter@speartail.com>
-Peter Marquardt (wwwutz) <wwwutz@gmail.com> <wwwutz@googlemail.com>
-Phani Rithvij <phanirithvij2000@gmail.com>
-Phil Davis <phil.davis@inf.org>
-Philippe Schommers (filoozoom) <philippe@schommers.be>
-Phill Luby (pluby) <phill.luby@newredo.com>
-Piotr Bejda (piobpl) <piotrb10@gmail.com>
-polyfloyd <polyfloyd@users.noreply.github.com>
-pullmerge <166967364+pullmerge@users.noreply.github.com>
-Quentin Hibon <qh.public@yahoo.com>
-Rahmi Pruitt <rjpruitt16@gmail.com>
-red_led <red-led@users.noreply.github.com>
-Robert Carosi (nov1n) <robert@carosi.nl>
-Roberto Santalla <roobre@users.noreply.github.com>
-Robin Schoonover <robin@cornhooves.org>
-Roman Zaynetdinov (zaynetro) <romanznet@gmail.com>
-rubenbe <github-com-00ff86@vandamme.email>
-Ruslan Yevdokymov <38809160+ruslanye@users.noreply.github.com>
-Ryan Qian <i@bitbili.net>
-Ryan Sullivan (KayoticSully) <kayoticsully@gmail.com>
-Sacheendra Talluri (sacheendra) <sacheendra.t@gmail.com>
-Scott Klupfel (kluppy) <kluppy@going2blue.com>
-sec65 <106604020+sec65@users.noreply.github.com>
-Sergey Mishin (ralder) <ralder@yandex.ru>
-Sertonix <83883937+Sertonix@users.noreply.github.com>
-Severin von Wnuck-Lipinski <ss7@live.de>
-Shaarad Dalvi <60266155+shaaraddalvi@users.noreply.github.com> <shdalv@microsoft.com>
-Simon Mwepu <simonmwepu@gmail.com>
-Simon Pickup <simon@pickupinfinity.com>
-Sly_tom_cat <slytomcat@mail.ru>
-Sonu Kumar Saw <31889738+dev-saw99@users.noreply.github.com>
-Stefan Kuntz (Stefan-Code) <stefan.github@gmail.com> <Stefan.github@gmail.com>
-Steven Eckhoff <steven.eckhoff.opensource@gmail.com>
-Suhas Gundimeda (snugghash) <suhas.gundimeda@gmail.com> <snugghash@gmail.com>
-Sven Bachmann <dev@mcbachmann.de>
-Sébastien WENSKE <sebastien@wenske.fr>
-Taylor Khan (nelsonkhan) <nelsonkhan@gmail.com>
-Terrance <git@terrance.allofti.me>
-TheCreeper <TheCreeper@users.noreply.github.com>
-Thomas <9749173+uhthomas@users.noreply.github.com>
-Thomas Hipp <thomashipp@gmail.com>
-Tim Abell (timabell) <tim@timwise.co.uk>
-Tim Howes (timhowes) <timhowes@berkeley.edu>
-Tobias Frölich <40638719+tobifroe@users.noreply.github.com>
-Tobias Klauser <tobias.klauser@gmail.com>
-Tobias Nygren (tnn2) <tnn@nygren.pp.se>
-Tobias Tom (tobiastom) <t.tom@succont.de>
-Tom Jakubowski <tom@crystae.net>
-Tully Robinson (tojrobinson) <tully@tojr.org>
-Tyler Brazier (tylerbrazier) <tyler@tylerbrazier.com>
-Tyler Kropp <kropptyler@gmail.com>
-Unrud (Unrud) <unrud@openaliasbox.org> <Unrud@users.noreply.github.com>
-vapatel2 <149737089+vapatel2@users.noreply.github.com>
-Veeti Paananen (veeti) <veeti.paananen@rojekti.fi>
-Victor Buinsky (buinsky) <vix_booja@tut.by>
-Vik <63919734+ViktorOn@users.noreply.github.com>
-Vil Brekin (Vilbrekin) <vilbrekin@gmail.com>
-villekalliomaki <53118179+villekalliomaki@users.noreply.github.com>
-Vladimir Rusinov <vrusinov@google.com> <vladimir.rusinov@gmail.com>
-wangguoliang <liangcszzu@163.com>
-WangXi <xib1102@icloud.com>
-Will Rouesnel <wrouesnel@wrouesnel.com>
-William A. Kennington III (wkennington) <william@wkennington.com>
-wouter bolsterlee <wouter@bolsterl.ee>
-xarx00 <xarx00@users.noreply.github.com>
-Xavier O. (damajor) <damajor@gmail.com>
-xjtdy888 (xjtdy888) <xjtdy888@163.com> <xjtdy888@gmail.com>
-Yannic A. (eipiminus1) <eipiminusone+github@gmail.com> <eipiminus1@users.noreply.github.com>
-yparitcher <y@paritcher.com>
-佛跳墙 <daoquan@qq.com>
-落心 <luoxin.ttt@gmail.com>
+Aaron Bieber <qbit@deftly.net>
+Adam Piggott <aD@simplypeachy.co.uk> <simplypeachy@users.noreply.github.com>
+Alessandro G. <alessandro.g89@gmail.com>
+Alexander Graf <register-github@alex-graf.de>
+Anderson Mesquita <andersonvom@gmail.com>
+Andrew Dunham <andrew@du.nham.ca>
+Antony Male <antony.male@gmail.com>
+Arthur Axel fREW Schmidt <frew@afoolishmanifesto.com> <frioux@gmail.com>
+Audrius Butkevicius <audrius.butkevicius@gmail.com>
+Bart De Vries <devriesb@gmail.com>
+Ben Curthoys <ben@bencurthoys.com>
+Ben Schulz <ueomkail@gmail.com> <uok@users.noreply.github.com>
+Ben Sidhom <bsidhom@gmail.com>
+Benny Ng <benny.tpng@gmail.com>
+Brandon Philips <brandon@ifup.org>
+Brendan Long <self@brendanlong.com>
+Brian R. Becker <brbecker@gmail.com>
+Caleb Callaway <enlightened.despot@gmail.com>
+Carsten Hagemann <moter8@gmail.com>
+Cathryne Linenweaver <cathryne.linenweaver@gmail.com> <Cathryne@users.noreply.github.com>
+Chris Howie <me@chrishowie.com>
+Chris Joel <chris@scriptolo.gy>
+Colin Kennedy <moshen.colin@gmail.com>
+Daniel Bergmann <dan.arne.bergmann@gmail.com> <brgmnn@users.noreply.github.com>
+Daniel Harte <daniel@harte.me> <daniel@danielharte.co.uk> <norgeous@users.noreply.github.com>
+Daniel Martí <mvdan@mvdan.cc>
+David Rimmer <dinosore@dbrsoftware.co.uk>
+Denis A. <denisva@gmail.com>
+Dennis Wilson <dw@risu.io>
+Dominik Heidler <dominik@heidler.eu>
+Elias Jarlebring <jarlebring@gmail.com>
+Emil Hessman <emil@hessman.se>
+Erik Meitner <e.meitner@willystreet.coop>
+Federico Castagnini <federico.castagnini@gmail.com>
+Felix Ableitner <me@nutomic.com>
+Felix Unterpaintner <bigbear2nd@gmail.com>
+Francois-Xavier Gsell <fxgsell@gmail.com>
+Frank Isemann <frank@isemann.name>
+Gilli Sigurdsson <gilli@vx.is>
+Jaakko Hannikainen <jgke@jgke.fi>
+Jacek Szafarkiewicz <szafar@linux.pl>
+Jake Peterson <jake@acogdev.com>
+Jakob Borg <jakob@nym.se>
+James Patterson <jamespatterson@operamail.com> <jpjp@users.noreply.github.com>
+Jaroslav Malec <dzardacz@gmail.com>
+Jens Diemer <github.com@jensdiemer.de> <git@jensdiemer.de>
+Jochen Voss <voss@seehuhn.de>
+Johan Vromans <jvromans@squirrel.nl>
+Karol Różycki <rozycki.karol@gmail.com>
+Kelong Cong <kc04bc@gmx.com> <kc1212@users.noreply.github.com>
+Ken'ichi Kamada <kamada@nanohz.org>
+Kevin Allen <kma1660@gmail.com>
+Lars K.W. Gohlke <lkwg82@gmx.de>
+Laurent Etiemble <laurent.etiemble@gmail.com> <laurent.etiemble@monobjc.net>
+Lode Hoste <zillode@zillode.be>
+Lord Landon Agahnim <lordlandon@gmail.com>
+Marc Laporte <marc@marclaporte.com> <marc@laporte.name>
+Marc Pujol <kilburn@la3.org>
+Marcin Dziadus <dziadus.marcin@gmail.com>
+Mateusz Naściszewski <matin1111@wp.pl>
+Matt Burke <mburke@amplify.com> <burkemw3@gmail.com>
+Max Schulze <max.schulze@online.de> <kralo@users.noreply.github.com>
+Michael Jephcote <rewt0r@gmx.com> <Rewt0r@users.noreply.github.com>
+Michael Ploujnikov <ploujj@gmail.com>
+Michael Tilli <pyfisch@gmail.com>
+Nate Morrison <natemorrison@gmail.com>
+Pascal Jungblut <github@pascalj.com> <mail@pascal-jungblut.com>
+Peter Hoeg <peter@speartail.com>
+Philippe Schommers <philippe@schommers.be>
+Phill Luby <phill.luby@newredo.com>
+Piotr Bejda <piotrb10@gmail.com>
+Ryan Sullivan <kayoticsully@gmail.com>
+Scott Klupfel <kluppy@going2blue.com>
+Sergey Mishin <ralder@yandex.ru>
+Stefan Kuntz <stefan.github@gmail.com> <Stefan.github@gmail.com>
+Stefan Tatschner <stefan@sevenbyte.org> <rumpelsepp@sevenbyte.org>
+Tim Abell <tim@timwise.co.uk>
+Tobias Nygren <tnn@nygren.pp.se>
+Tomas Cerveny <kozec@kozec.com>
+Tully Robinson <tully@tojr.org>
+Tyler Brazier <tyler@tylerbrazier.com>
+Veeti Paananen <veeti.paananen@rojekti.fi>
+Victor Buinsky <vix_booja@tut.by>
+Vil Brekin <vilbrekin@gmail.com>
+William A. Kennington III <william@wkennington.com>
+Wulf Weich <wweich@users.noreply.github.com> <wweich@gmx.de>
+Yannic A. <eipiminusone+github@gmail.com> <eipiminus1@users.noreply.github.com>

CONDUCT.md

@@ -1,73 +1,92 @@
-# Contributor Covenant Code of Conduct
+## Conduct
 
-## Our Pledge
+* We are committed to providing a friendly, safe and welcoming
+  environment for all, regardless of gender, sexual orientation,
+  disability, ethnicity, religion, or similar personal characteristic.
 
-In the interest of fostering an open and welcoming environment, we as
-contributors and maintainers pledge to making participation in our project and
-our community a harassment-free experience for everyone, regardless of age, body
-size, disability, ethnicity, gender identity and expression, level of experience,
-education, socio-economic status, nationality, personal appearance, race,
-religion, or sexual identity and orientation.
+* On IRC, please avoid using overtly sexual nicknames or other nicknames
+  that might detract from a friendly, safe and welcoming environment for
+  all.
 
-## Our Standards
+* Please be kind and courteous. There's no need to be mean or rude.
 
-Examples of behavior that contributes to creating a positive environment
-include:
+* Respect that people have differences of opinion and that every design
+  or implementation choice carries a trade-off and numerous costs. There
+  is seldom a right answer.
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+* Please keep unstructured critique to a minimum. If you have solid
+  ideas you want to experiment with, make a fork and see how it works.
 
-Examples of unacceptable behavior by participants include:
+* We will exclude you from interaction if you insult, demean or harass
+  anyone. That is not welcome behaviour. We interpret the term
+  "harassment" as including the definition in the <a
+  href="http://citizencodeofconduct.org/">Citizen Code of Conduct</a>;
+  if you have any lack of clarity about what might be included in that
+  concept, please read their definition. In particular, we don't
+  tolerate behavior that excludes people in socially marginalized
+  groups.
 
-* The use of sexualized language or imagery and unwelcome sexual attention or
-  advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic
-  address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
+* Private harassment is also unacceptable. No matter who you are, if you
+  feel you have been or are being harassed or made uncomfortable by a
+  community member, please contact one of the channel ops or any of the
+  Syncthing core team immediately. Whether you're a regular  contributor
+  or a newcomer, we care about making this community a safe place for
+  you and we've got your back.
 
-## Our Responsibilities
+* Likewise any spamming, trolling, flaming, baiting or other
+  attention-stealing behaviour is not welcome.
 
-Project maintainers are responsible for clarifying the standards of acceptable
-behavior and are expected to take appropriate and fair corrective action in
-response to any instances of unacceptable behavior.
+## Moderation
 
-Project maintainers have the right and responsibility to remove, edit, or
-reject comments, commits, code, wiki edits, issues, and other contributions
-that are not aligned to this Code of Conduct, or to ban temporarily or
-permanently any contributor for other behaviors that they deem inappropriate,
-threatening, offensive, or harmful.
+These are the policies for upholding our community's standards of
+conduct in our communication channels, most notably in Syncthing-related
+IRC channels and on the web forum.
 
-## Scope
+1. Remarks that violate the Syncthing standards of conduct, including
+   hateful, hurtful, oppressive, or exclusionary remarks, are not
+   allowed. (Cursing is allowed, but never targeting another user, and
+   never in a hateful manner.)
 
-This Code of Conduct applies both within project spaces and in public spaces
-when an individual is representing the project or its community. Examples of
-representing a project or community include using an official project e-mail
-address, posting via an official social media account, or acting as an appointed
-representative at an online or offline event. Representation of a project may be
-further defined and clarified by project maintainers.
+2. Remarks that moderators find inappropriate, whether listed in the
+   code of conduct or not, are also not allowed.
 
-## Enforcement
+3. Moderators will first respond to such remarks with a warning.
 
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported by contacting the project team at security@syncthing.net. All
-complaints will be reviewed and investigated and will result in a response that
-is deemed necessary and appropriate to the circumstances. The project team is
-obligated to maintain confidentiality with regard to the reporter of an incident.
-Further details of specific enforcement policies may be posted separately.
+4. If the warning is unheeded, the user will be "kicked," i.e., kicked
+   out of the communication channel to cool off.
 
-Project maintainers who do not follow or enforce the Code of Conduct in good
-faith may face temporary or permanent repercussions as determined by other
-members of the project's leadership.
+5. If the user comes back and continues to make trouble, they will be
+   banned, i.e., indefinitely excluded.
 
-## Attribution
+6. Moderators may choose at their discretion to un-ban the user if it
+   was a first offense and they offer the offended party a genuine
+   apology.
 
-This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
-available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
+7. If a moderator bans someone and you think it was unjustified, please
+   take it up with that moderator, or with a different moderator, **in
+   private**. Complaints about bans in-channel are not allowed.
 
-[homepage]: https://www.contributor-covenant.org
+8. Moderators are held to a higher standard than other community
+   members. If a moderator creates an inappropriate situation, they
+   should expect less leeway than others.
+
+In the Syncthing community we strive to go the extra step to look out
+for each other. Don't just aim to be technically unimpeachable, try to
+be your best self. In particular, avoid flirting with offensive or
+sensitive issues, particularly if they're off-topic; this all too
+often leads to unnecessary fights, hurt feelings, and damaged trust;
+worse, it can drive people away from the community entirely.
+
+And if someone takes issue with something you said or did, resist the
+urge to be defensive. Just stop doing what it was they complained about
+and apologize. Even if you feel you were misinterpreted or unfairly
+accused, chances are good there was something you could've communicated
+better — remember that it's your responsibility to make your fellow
+community members comfortable. Everyone wants to get along and we are
+all here first and foremost because we want to talk about cool
+technology. You will find that people will be eager to assume good
+intent and forgive as long as you earn their trust.
+
+*Adapted from the [Rust Code of Conduct](https://github.com/rust-lang/rust/wiki/Note-development-policy#conduct)*
+
+*Adapted from the [Node.js Policy on Trolling](http://blog.izs.me/post/30036893703/policy-on-trolling)*

CONTRIBUTING.md

@@ -1,6 +1,6 @@
 ## Reporting Bugs
 
-Please file bugs in the [GitHub Issue
+Please file bugs in the [Github Issue
 Tracker](https://github.com/syncthing/syncthing/issues). Include at
 least the following:
 
@@ -24,185 +24,29 @@ too much information will never get you yelled at. :)
 ## Contributing Translations
 
 All translations are done via
-[Weblate](https://hosted.weblate.org/projects/syncthing/). If you wish
-to contribute to a translation, just head over there and sign up.
+[Transifex](https://www.transifex.com/projects/p/syncthing/). If you
+wish to contribute to a translation, just head over there and sign up.
 Before every release, the language resources are updated from the
-latest info on Weblate.
-
-Note that the previously used service at
-[Transifex](https://www.transifex.com/projects/p/syncthing/) is being
-retired and we kindly ask you to sign up on Weblate for continued
-involvement.
-
-## Contributing Documentation
-
-Updates to the [documentation site](https://docs.syncthing.net/) can be
-made as pull requests on the [documentation
-repository](https://github.com/syncthing/docs).
+latest info on Transifex.
 
 ## Contributing Code
 
 Every contribution is welcome. If you want to contribute but are unsure
-where to start, any open issues are fair game! Here's a short rundown of
-what you need to keep in mind:
+where to start, any open issues are fair game! See the [Contribution
+Guidelines](http://docs.syncthing.net/dev/contributing.html) for the full
+story on committing code.
 
-- Don't worry. You are not expected to get everything right on the first
-  attempt, we'll guide you through it.
+## Contributing Documentation
 
-- Make sure there is an
-  [issue](https://github.com/syncthing/syncthing/issues) that describes the
-  change you want to do. If the thing you want to do does not have an issue
-  yet, please file one before starting work on it.
-
-- Fork the repository and make your changes in a new branch. Once it's ready
-  for review, create a pull request.
-
-### Authorship
-
-All code authors are listed in the AUTHORS file. When your first pull
-request is accepted your details are added to the AUTHORS file and the list
-of authors in the GUI. Commits must be made with the same name and email as
-listed in the AUTHORS file. To accomplish this, ensure that your git
-configuration is set correctly prior to making your first commit:
-
-    $ git config --global user.name "Jane Doe"
-    $ git config --global user.email janedoe@example.com
-
-You must be reachable on the given email address. If you do not wish to use
-your real name for whatever reason, using a nickname or pseudonym is
-perfectly acceptable.
-
-### The Developer Certificate of Origin (DCO)
-
-The Syncthing project requires the Developer Certificate of Origin (DCO)
-sign-off on pull requests (PRs). This means that all commit messages must
-contain a signature line to indicate that the developer accepts the DCO.
-
-The DCO is a lightweight way for contributors to certify that they wrote (or
-otherwise have the right to submit) the code and changes they are
-contributing to the project. Here is the full [text of the
-DCO](https://developercertificate.org):
-
----
-
-By making a contribution to this project, I certify that:
-
-1. The contribution was created in whole or in part by me and I have the
-   right to submit it under the open source license indicated in the file;
-   or
-
-2. The contribution is based upon previous work that, to the best of my
-   knowledge, is covered under an appropriate open source license and I have
-   the right under that license to submit that work with modifications,
-   whether created in whole or in part by me, under the same open source
-   license (unless I am permitted to submit under a different license), as
-   indicated in the file; or
-
-3. The contribution was provided directly to me by some other person who
-   certified (1), (2) or (3) and I have not modified it.
-
-4. I understand and agree that this project and the contribution are public
-   and that a record of the contribution (including all personal information
-   I submit with it, including my sign-off) is maintained indefinitely and
-   may be redistributed consistent with this project or the open source
-   license(s) involved.
-
----
-
-Contributors indicate that they adhere to these requirements by adding
-a `Signed-off-by` line to their commit messages.  For example:
-
-    This is my commit message
-
-    Signed-off-by: Random J Developer <random@developer.example.org>
-
-The name and email address in this line must match those of the committing
-author, and be the same as what you want in the AUTHORS file as per above.
-
-### Coding Style
-
-#### General
-
-- All text files use Unix line endings. The git settings already present in
-  the repository attempt to enforce this.
-
-- When making changes, follow the brace and parenthesis style of the
-  surrounding code.
-
-#### Go Specific
-
-- Follow the conventions laid out in [Effective
-  Go](https://go.dev/doc/effective_go) as much as makes sense. The review
-  guidelines in [Go Code Review
-  Comments](https://github.com/golang/go/wiki/CodeReviewComments) should
-  generally be followed.
-
-- Each commit should be `go fmt` clean.
-
-- Imports are grouped per `goimports` standard; that is, standard
-  library first, then third party libraries after a blank line.
-
-### Commits
-
-- Commit messages (and pull request titles) should follow the [conventional
-  commits](https://www.conventionalcommits.org/en/v1.0.0/) specification and
-  be in lower case.
-
-- We use a scope description in the commit message subject. This is the
-  component of Syncthing that the commit affects. For example, `gui`,
-  `protocol`, `scanner`, `upnp`, etc -- typically, the part after
-  `internal/`, `lib/` or `cmd/` in the package path. If the commit doesn't
-  affect a specific component, such as for changes to the build system or
-  documentation, the scope should be omitted. The same goes for changes that
-  affect many components which would be cumbersome to list.
-
-- Commits that resolve an existing issue must include the issue number
-  as `(fixes #123)` at the end of the commit message subject. A correctly
-  formatted commit message subject looks like this:
-
-      feat(dialer): add env var to disable proxy fallback (fixes #3006)
-
-- If the commit message subject doesn't say it all, one or more paragraphs of
-  describing text should be added to the commit message. This should explain
-  why the change is made and what it accomplishes.
-
-- When drafting a pull request, please feel free to add commits with
-  corrections and merge from `main` when necessary. This provides a clear time
-  line with changes and simplifies review. Do not, in general, rebase your
-  commits, as this makes review harder.
-
-- Pull requests are merged to `main` using squash merge. The "stream of
-  consciousness" set of commits described in the previous point will be reduced
-  to a single commit at merge time. The pull request title and description will
-  be used as the commit message.
-
-### Tests
-
-Yes please, do add tests when adding features or fixing bugs. Also, when a
-pull request is filed a number of automatic tests are run on the code. This
-includes:
-
-- That the code actually builds and the test suite passes.
-
-- That the code is correctly formatted (`go fmt`).
-
-- That the commits are based on a reasonably recent `main`.
-
-- That the output from `go lint` and `go vet` is clean. (This checks for a
-  number of potential problems the compiler doesn't catch.)
+Updates to the [documentation site](http://docs.syncthing.net/) can be
+made as pull requests on the [documentation
+repository](https://github.com/syncthing/docs).
 
 ## Licensing
 
-All contributions are made available under the same license as the already
-existing material being contributed to. For most of the project and unless
-otherwise stated this means MPLv2, but there are exceptions:
-
-- Certain commands (under cmd/...) may have a separate license, indicated by
-  the presence of a LICENSE file in the corresponding directory.
-
-- The documentation (man/...) is licensed under the Creative Commons
-  Attribution 4.0 International License.
-
-Regardless of the license in effect, you retain the copyright to your
-contribution.
+All contributions are made under the same MPLv2 license as the rest of
+the project, except documentation, user interface text and translation
+strings which are licensed under the Creative Commons Attribution 4.0
+International License. You retain the copyright to code you have
+written.
 

Dockerfile

@@ -1,57 +0,0 @@
-ARG GOVERSION=latest
-
-#
-# Maybe build Syncthing. This is a bit ugly as we can't make an entire
-# section of the Dockerfile conditional, so we end up always pulling the
-# golang image as builder. Then we check if the executable we need already
-# exists (pre-built) otherwise we build it.
-#
-
-FROM golang:$GOVERSION AS builder
-ARG BUILD_USER
-ARG BUILD_HOST
-ARG TARGETARCH
-
-WORKDIR /src
-COPY . .
-
-ENV CGO_ENABLED=0
-RUN if [ ! -f syncthing-linux-$TARGETARCH ] ; then \
-    go run build.go -no-upgrade build syncthing ; \
-    mv syncthing syncthing-linux-$TARGETARCH ; \
-  fi
-
-#
-# The rest of the Dockerfile uses the binary from the builder, prebuilt or
-# not.
-#
-
-FROM alpine
-ARG TARGETARCH
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing"
-
-EXPOSE 8384 22000/tcp 22000/udp 21027/udp
-
-VOLUME ["/var/syncthing"]
-
-RUN apk add --no-cache ca-certificates curl libcap su-exec tzdata
-
-COPY --from=builder /src/syncthing-linux-$TARGETARCH /bin/syncthing
-COPY --from=builder /src/script/docker-entrypoint.sh /bin/entrypoint.sh
-
-ENV PUID=1000 PGID=1000 HOME=/var/syncthing
-
-HEALTHCHECK --interval=1m --timeout=10s \
-  CMD curl -fkLsS -m 2 127.0.0.1:8384/rest/noauth/health | grep -o --color=never OK || exit 1
-
-ENV STGUIADDRESS=0.0.0.0:8384
-ENV STHOMEDIR=/var/syncthing/config
-RUN chmod 755 /bin/entrypoint.sh
-ENTRYPOINT ["/bin/entrypoint.sh", "/bin/syncthing"]

Dockerfile.builder

@@ -1,17 +0,0 @@
-ARG GOVERSION=latest
-FROM golang:$GOVERSION
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing Builder"
-
-# FPM to build Debian packages
-RUN apt-get update && apt-get install -y --no-install-recommends \
-	locales rubygems ruby-dev build-essential git \
-	&& apt-get clean \
-	&& rm -rf /var/lib/apt/lists/* \
-	&& gem install fpm

Dockerfile.stcrashreceiver

@@ -1,16 +0,0 @@
-FROM alpine
-ARG TARGETARCH
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing Crash Receiver"
-
-EXPOSE 8080
-
-COPY stcrashreceiver-linux-${TARGETARCH} /bin/stcrashreceiver
-
-ENTRYPOINT [ "/bin/stcrashreceiver" ]

Dockerfile.stdiscosrv

@@ -1,42 +0,0 @@
-ARG GOVERSION=latest
-FROM golang:$GOVERSION AS builder
-ARG BUILD_USER
-ARG BUILD_HOST
-ARG TARGETARCH
-
-WORKDIR /src
-COPY . .
-
-ENV CGO_ENABLED=0
-RUN if [ ! -f stdiscosrv-linux-$TARGETARCH ] ; then \
-    go run build.go -no-upgrade build stdiscosrv ; \
-    mv stdiscosrv stdiscosrv-linux-$TARGETARCH ; \
-  fi
-
-FROM alpine
-ARG TARGETARCH
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing Discovery Server"
-
-EXPOSE 19200 8443
-
-VOLUME ["/var/stdiscosrv"]
-
-RUN apk add --no-cache ca-certificates su-exec
-
-COPY --from=builder /src/stdiscosrv-linux-$TARGETARCH /bin/stdiscosrv
-COPY --from=builder /src/script/docker-entrypoint.sh /bin/entrypoint.sh
-
-ENV PUID=1000 PGID=1000 HOME=/var/stdiscosrv
-
-HEALTHCHECK --interval=1m --timeout=10s \
-  CMD nc -z localhost 8443 || exit 1
-
-WORKDIR /var/stdiscosrv
-ENTRYPOINT ["/bin/entrypoint.sh", "/bin/stdiscosrv"]

Dockerfile.strelaypoolsrv

@@ -1,16 +0,0 @@
-FROM alpine
-ARG TARGETARCH
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing Relay Pool Server"
-
-EXPOSE 8080
-
-COPY strelaypoolsrv-linux-${TARGETARCH} /bin/strelaypoolsrv
-
-ENTRYPOINT ["/bin/strelaypoolsrv", "-listen", ":8080"]

Dockerfile.strelaysrv

@@ -1,42 +0,0 @@
-ARG GOVERSION=latest
-FROM golang:$GOVERSION AS builder
-ARG BUILD_USER
-ARG BUILD_HOST
-ARG TARGETARCH
-
-WORKDIR /src
-COPY . .
-
-ENV CGO_ENABLED=0
-RUN if [ ! -f strelaysrv-linux-$TARGETARCH ] ; then \
-    go run build.go -no-upgrade build strelaysrv ; \
-    mv strelaysrv strelaysrv-linux-$TARGETARCH ; \
-  fi
-
-FROM alpine
-ARG TARGETARCH
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing Relay Server"
-
-EXPOSE 22067 22070
-
-VOLUME ["/var/strelaysrv"]
-
-RUN apk add --no-cache ca-certificates su-exec
-
-COPY --from=builder /src/strelaysrv-linux-$TARGETARCH /bin/strelaysrv
-COPY --from=builder /src/script/docker-entrypoint.sh /bin/entrypoint.sh
-
-ENV PUID=1000 PGID=1000 HOME=/var/strelaysrv
-
-HEALTHCHECK --interval=1m --timeout=10s \
-  CMD nc -z localhost 22067 || exit 1
-
-WORKDIR /var/strelaysrv
-ENTRYPOINT ["/bin/entrypoint.sh", "/bin/strelaysrv"]

Dockerfile.stupgrades

@@ -1,16 +0,0 @@
-FROM alpine
-ARG TARGETARCH
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing Upgrades"
-
-EXPOSE 8080
-
-COPY stupgrades-linux-${TARGETARCH} /bin/stupgrades
-
-ENTRYPOINT [ "/bin/stupgrades" ]

Dockerfile.ursrv

@@ -1,16 +0,0 @@
-FROM alpine
-ARG TARGETARCH
-
-LABEL org.opencontainers.image.authors="The Syncthing Project" \
-      org.opencontainers.image.url="https://syncthing.net" \
-      org.opencontainers.image.documentation="https://docs.syncthing.net" \
-      org.opencontainers.image.source="https://github.com/syncthing/syncthing" \
-      org.opencontainers.image.vendor="The Syncthing Project" \
-      org.opencontainers.image.licenses="MPL-2.0" \
-      org.opencontainers.image.title="Syncthing Usage Reporting Server"
-
-EXPOSE 8080
-
-COPY ursrv-linux-${TARGETARCH} /bin/ursrv
-
-ENTRYPOINT [ "/bin/ursrv" ]

GOALS.md

@@ -1,83 +0,0 @@
-# The Syncthing Goals
-
-Syncthing is a **continuous file synchronization program**. It synchronizes
-files between two or more computers. We strive to fulfill the goals below.
-The goals are listed in order of importance, the most important one being
-the first.
-
-> "Syncing files" here is precise. It means we specifically exclude things
-> that are not files - calendar items, instant messages, and so on. If those
-> are in fact stored as files on disk, they can of course be synced as
-> files.
-
-Syncthing should be:
-
-### 1. Safe From Data Loss
-
-Protecting the user's data is paramount. We take every reasonable precaution
-to avoid corrupting the user's files.
-
-> This is the overriding goal, without which synchronizing files becomes
-> pointless. This means that we do not make unsafe trade offs for the sake
-> of performance or, in some cases, even usability.
-
-### 2. Secure Against Attackers
-
-Again, protecting the user's data is paramount. Regardless of our other
-goals, we must never allow the user's data to be susceptible to eavesdropping
-or modification by unauthorized parties.
-
-> This should be understood in context. It is not necessarily reasonable to
-> expect Syncthing to be resistant against well equipped state level
-> attackers. We will, however, do our best. Note also that this is different
-> from anonymity which is not, currently, a goal.
-
-### 3. Easy to Use
-
-Syncthing should be approachable, understandable, and inclusive.
-
-> Complex concepts and maths form the base of Syncthing's functionality.
-> This should nonetheless be abstracted or hidden to a degree where
-> Syncthing is usable by the general public.
-
-### 4. Automatic
-
-User interaction should be required only when absolutely necessary.
-
-> Specifically this means that changes to files are picked up without
-> prompting, conflicts are resolved without prompting and connections are
-> maintained without prompting. We only prompt the user when it is required
-> to fulfill one of the (overriding) Secure, Safe or Easy goals.
-
-### 5. Universally Available
-
-Syncthing should run on every common computer. We are mindful that the
-latest technology is not always available to every individual.
-
-> Computers include desktops, laptops, servers, virtual machines, small
-> general purpose computers such as Raspberry Pis and, *where possible*,
-> tablets and phones. NAS appliances, toasters, cars, firearms, thermostats,
-> and so on may include computing capabilities but it is not our goal for
-> Syncthing to run smoothly on these devices.
-
-### 6. For Individuals
-
-Syncthing is primarily about empowering the individual user with safe,
-secure, and easy to use file synchronization.
-
-> We acknowledge that it's also useful in an enterprise setting and include
-> functionality to support that. If this is in conflict with the
-> requirements of the individual, those will however take priority.
-
-### 7. Everything Else
-
-There are many things we care about that don't make it on to the list. It is
-fine to optimize for these values as well, as long as they are not in
-conflict with the stated goals above.
-
-> For example, performance is a thing we care about. We just don't care more
-> about it than safety, security, etc. Maintainability of the code base and
-> providing entertainment value for the maintainers are also things that
-> matter. It is understood that there are aspects of Syncthing that are
-> suboptimal or even in opposition with the goals above. However, we
-> continuously strive to align Syncthing more and more with these goals.

ISSUE_TEMPLATE.md

@@ -0,0 +1,24 @@
+If your issue is a support request ("How do I get my devices to connect?"
+or similar), please use the support forum at https://forum.syncthing.net/
+where a large number of helpful people hang out. This issue tracker is for
+reporting bugs or feature requests directly to the developers. 
+
+If your issue is a bug report, replace this boilerplate with a description
+of the problem, being sure to include at least:
+
+ - what happened,
+ - what you expected to happen instead, and
+ - any steps to reproduce the problem.
+
+Also fill out the version information below and add log output or
+screenshots as appropriate.
+
+If your issue is a feature request, simply replace this template text in
+its entirety.
+
+### Version Information
+
+Syncthing Version: v0.x.y
+OS Version: Windows 7 / Ubuntu 14.04 / ...
+Browser Version: (if applicable, for GUI issues)
+

LICENSE

@@ -357,7 +357,7 @@ Exhibit A - Source Code Form License Notice
 
   This Source Code Form is subject to the terms of the Mozilla Public
   License, v. 2.0. If a copy of the MPL was not distributed with this
-  file, You can obtain one at https://mozilla.org/MPL/2.0/.
+  file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 If it is not possible or desirable to put the notice in a particular
 file, then You may include the notice in a location (such as a LICENSE

NICKS

@@ -0,0 +1,88 @@
+# This file maps email addresses used in commits to nicks used the changelog.
+
+acogdev		<jake@acogdev.com>
+alex2108	<register-github@alex-graf.de>
+alessandro.g89	<alessandro.g89@gmail.com>
+andersonvom	<andersonvom@gmail.com>
+andrew-d	<andrew@du.nham.ca>
+asdil12		<dominik@heidler.eu>
+AudriusButkevicius	<audrius.butkevicius@gmail.com>
+bencurthoys	<ben@bencurthoys.com>
+bigbear2nd	<bigbear2nd@gmail.com>
+brbecker	<brbecker@gmail.com>
+brendanlong	<self@brendanlong.com>
+brgmnn      <dan.arne.bergmann@gmail.com> <brgmnn@users.noreply.github.com>
+bsidhom		<bsidhom@gmail.com>
+buinsky	<vix_booja@tut.by>
+burkemw3	<mburke@amplify.com> <burkemw3@gmail.com>
+calmh		<jakob@nym.se>
+canton7	<antony.male@gmail.com>
+Cathryne	<cathryne.linenweaver@gmail.com> <Cathryne@users.noreply.github.com>
+cdata		<chris@scriptolo.gy>
+cdhowie	<me@chrishowie.com>
+ceh		<emil@hessman.se>
+cqcallaw	<enlightened.despot@gmail.com>
+dinosore	<dinosore@dbrsoftware.co.uk>
+dva	<denisva@gmail.com>
+dzarda		<dzardacz@gmail.com>
+eipiminus1	<eipiminusone+github@gmail.com> <eipiminus1@users.noreply.github.com>
+facastagnini	<federico.castagnini@gmail.com>
+filoozoom	<philippe@schommers.be>
+frioux		<frew@afoolishmanifesto.com> <frioux@gmail.com>
+fti7	<frank@isemann.name>
+gillisig	<gilli@vx.is>
+hadogenes	<szafar@linux.pl>
+ironmig	<kma1660@gmail.com>
+jarlebring	<jarlebring@gmail.com>
+jedie		<github.com@jensdiemer.de> <git@jensdiemer.de>
+jgke	<jgke@jgke.fi>
+jpjp		<jamespatterson@operamail.com> <jpjp@users.noreply.github.com>
+kamadak		<kamada@nanohz.org>
+KayoticSully	<kayoticsully@gmail.com>
+kilburn		<kilburn@la3.org>
+kluppy	<kluppy@going2blue.com>
+kozec		<kozec@kozec.com>
+kralo	<max.schulze@online.de>
+krozycki	<rozycki.karol@gmail.com>
+letiemble	<laurent.etiemble@gmail.com> <laurent.etiemble@monobjc.net>
+LordLandon	<lordlandon@gmail.com>
+lkwg82	<lkwg82@gmx.de>
+marcindziadus	<dziadus.marcin@gmail.com>
+marclaporte <marc@marclaporte.com>
+mateon1	<matin1111@wp.pl>
+mogwa1	<devriesb@gmail.com>
+moshen		<moshen.colin@gmail.com>
+Moter8		<moter8@gmail.com>
+mvdan		<mvdan@mvdan.cc>
+norgeous	<daniel@harte.me> <daniel@danielharte.co.uk> <norgeous@users.noreply.github.com>
+nrm21	<natemorrison@gmail.com>
+Nutomic		<me@nutomic.com>
+pascalj		<github@pascalj.com> <mail@pascal-jungblut.com>
+peterhoeg	<peter@speartail.com>
+philips		<brandon@ifup.org>
+piobpl		<piotrb10@gmail.com>
+plouj	<ploujj@gmail.com>
+pluby		<phill.luby@newredo.com>
+pyfisch		<pyfisch@gmail.com>
+qbit		<qbit@deftly.net>
+ralder		<ralder@yandex.ru>
+Rewt0r		<rewt0r@gmx.com> <Rewt0r@users.noreply.github.com>
+rumpelsepp	<stefan@sevenbyte.org> <rumpelsepp@sevenbyte.org>
+sciurius	<jvromans@squirrel.nl>
+seehuhn		<voss@seehuhn.de>
+simplypeachy	<aD@simplypeachy.co.uk> <simplypeachy@users.noreply.github.com>
+snnd		<dw@risu.io>
+Stefan-Code	<stefan.github@gmail.com> <Stefan.github@gmail.com>
+timabell	<tim@timwise.co.uk>
+tnn2		<tnn@nygren.pp.se>
+tojrobinson	<tully@tojr.org>
+tpng		<benny.tpng@gmail.com>
+tylerbrazier	<tyler@tylerbrazier.com>
+uok		<ueomkail@gmail.com> <uok@users.noreply.github.com>
+veeti		<veeti.paananen@rojekti.fi>
+Vilbrekin	<vilbrekin@gmail.com>
+wkennington	<william@wkennington.com>
+wsgcsysadmin	<e.meitner@willystreet.coo>
+wweich	<wweich@users.noreply.github.com> <wweich@gmx.de>
+Zillode		<zillode@zillode.be>
+zukoo		<fxgsell@gmail.com>

PULL_REQUEST_TEMPLATE.md

@@ -20,8 +20,13 @@ If this is a user visible change (including API and protocol changes), add a lin
 to the corresponding pull request on https://github.com/syncthing/docs or describe
 the documentation changes necessary.
 
-## Authorship
-
-Your name and email will be added automatically to the AUTHORS file
-based on the commit metadata.
+### Authorship
 
+Every author of a code contribution (Go, Javascript, HTML, CSS etc, with the
+possible exception of minor typo corrections and similar) is recorded in the
+AUTHORS and NICKS files and the in-GUI credits. If this is your first
+contribution, a maintainer will add you properly before accepting the
+contribution. You need not do so yourself or worry about the fact that the
+"authors" automated test fails. However, if your name (such as you want it
+presented in the credits) is not visible on your Github profile or in your
+commit messages, please assist by providing it here.

README-Docker.md

@@ -1,78 +0,0 @@
-# Docker Container for Syncthing
-
-Use the Dockerfile in this repo, or pull the `syncthing/syncthing` image
-from Docker Hub.
-
-Use the `/var/syncthing` volume to have the synchronized files available on the
-host. You can add more folders and map them as you prefer.
-
-Note that Syncthing runs as UID 1000 and GID 1000 by default. These may be
-altered with the `PUID` and `PGID` environment variables. In addition
-the name of the Syncthing instance can be optionally defined by using
-`--hostname=syncthing` parameter.
-
-To grant Syncthing additional capabilities without running as root, use the
-`PCAP` environment variable with the same syntax as that for `setcap(8)`.
-For example, `PCAP=cap_chown,cap_fowner+ep`.
-
-To set a different umask value, use the `UMASK` environment variable. For
-example `UMASK=002`.
-
-## Example Usage
-
-**Docker cli**
-```
-$ docker pull syncthing/syncthing
-$ docker run --network=host  -e STGUIADDRESS= \
-    -v /wherever/st-sync:/var/syncthing \
-    syncthing/syncthing:latest
-```
-
-**Docker compose**
-```yml
----
-version: "3"
-services:
-  syncthing:
-    image: syncthing/syncthing
-    container_name: syncthing
-    hostname: my-syncthing
-    environment:
-      - PUID=1000
-      - PGID=1000
-      - STGUIADDRESS=
-    volumes:
-      - /wherever/st-sync:/var/syncthing
-    network_mode: host
-    restart: unless-stopped
-    healthcheck:
-      test: curl -fkLsS -m 2 127.0.0.1:8384/rest/noauth/health | grep -o --color=never OK || exit 1
-      interval: 1m
-      timeout: 10s
-      retries: 3
-```
-
-## Discovery
-
-Please note that Docker's default network mode prevents local IP addresses
-from being discovered, as Syncthing can only see the internal IP address of
-the container on the `172.17.0.0/16` subnet. This would likely break the ability
-for nodes to establish LAN connections properly, resulting in poor transfer
-rates unless local device addresses are configured manually.
-
-It is therefore strongly recommended to stick to the [host network mode](https://docs.docker.com/network/host/),
-as shown above.
-
-Be aware that syncthing alone is now in control of what interfaces and ports it
-listens on. You can edit the syncthing configuration to change the defaults if
-there are conflicts.
-
-## GUI Security
-
-By default Syncthing inside the Docker image listens on `0.0.0.0:8384`. This
-allows GUI connections when running without host network mode. The example
-above unsets the `STGUIADDRESS` environment variable to have Syncthing fall
-back to listening on what has been configured in the configuration file or the
-GUI settings dialog. By default this is the localhost IP address `127.0.0.1`.
-If you configure your GUI to be externally reachable, make sure you set up
-authentication and enable TLS.

README.md

@@ -1,55 +1,23 @@
-[![Syncthing][14]][15]
-
----
+# Syncthing
 
+[![Latest Build (Official)](https://img.shields.io/jenkins/s/http/build.syncthing.net/syncthing.svg?style=flat-square&label=unix%20build)](http://build.syncthing.net/job/syncthing/lastBuild/)
+[![API Documentation](https://img.shields.io/badge/api-Godoc-blue.svg?style=flat-square)](http://godoc.org/github.com/syncthing/syncthing)
 [![MPLv2 License](https://img.shields.io/badge/license-MPLv2-blue.svg?style=flat-square)](https://www.mozilla.org/MPL/2.0/)
-[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/88/badge)](https://bestpractices.coreinfrastructure.org/projects/88)
-[![Go Report Card](https://goreportcard.com/badge/github.com/syncthing/syncthing)](https://goreportcard.com/report/github.com/syncthing/syncthing)
 
-## Goals
+This is the Syncthing project which pursues the following goals:
 
-Syncthing is a **continuous file synchronization program**. It synchronizes
-files between two or more computers. We strive to fulfill the goals below.
-The goals are listed in order of importance, the most important ones first.
-This is the summary version of the goal list - for more
-commentary, see the full [Goals document][13].
+ 1. Define a protocol for synchronization of a folder between a number of
+    collaborating devices. This protocol should be well defined, unambiguous,
+    easily understood, free to use, efficient, secure and language neutral.
+    This is called the [Block Exchange Protocol][1].
 
-Syncthing should be:
+ 2. Provide the reference implementation to demonstrate the usability of
+    said protocol. This is the `syncthing` utility. We hope that
+    alternative, compatible implementations of the protocol will arise.
 
-1. **Safe From Data Loss**
-
-   Protecting the user's data is paramount. We take every reasonable
-   precaution to avoid corrupting the user's files.
-
-2. **Secure Against Attackers**
-
-   Again, protecting the user's data is paramount. Regardless of our other
-   goals, we must never allow the user's data to be susceptible to
-   eavesdropping or modification by unauthorized parties.
-
-3. **Easy to Use**
-
-   Syncthing should be approachable, understandable, and inclusive.
-
-4. **Automatic**
-
-   User interaction should be required only when absolutely necessary.
-
-5. **Universally Available**
-
-   Syncthing should run on every common computer. We are mindful that the
-   latest technology is not always available to every individual.
-
-6. **For Individuals**
-
-   Syncthing is primarily about empowering the individual user with safe,
-   secure, and easy to use file synchronization.
-
-7. **Everything Else**
-
-   There are many things we care about that don't make it on to the list. It
-   is fine to optimize for these values, as long as they are not in conflict
-   with the stated goals above.
+The two are evolving together; the protocol is not to be considered
+stable until Syncthing 1.0 is released, at which point it is locked down
+for incompatible changes.
 
 ## Getting Started
 
@@ -57,54 +25,44 @@ Take a look at the [getting started guide][2].
 
 There are a few examples for keeping Syncthing running in the background
 on your system in [the etc directory][3]. There are also several [GUI
-implementations][11] for Windows, Mac, and Linux.
-
-## Docker
-
-To run Syncthing in Docker, see [the Docker README][16].
+implementations][11] for Windows, Mac and Linux.
 
 ## Getting in Touch
 
-The first and best point of contact is the [Forum][8].
-If you've found something that is clearly a
+The first and best point of contact is the [Forum][8]. There is also an IRC
+channel, `#syncthing` on [freenode][4] (with a [web client][9]), for talking
+directly to developers and users. If you've found something that is clearly a
 bug, feel free to report it in the [GitHub issue tracker][10].
 
-If you believe that you’ve found a Syncthing-related security vulnerability,
-please report it by emailing security@syncthing.net. Do not report it in the
-Forum or issue tracker.
-
 ## Building
 
-Building Syncthing from source is easy. After extracting the source bundle from
-a release or checking out git, you just need to run `go run build.go` and the
-binaries are created in `./bin`. There's [a guide][5] with more details on the
-build process.
+Building Syncthing from source is easy, and there's a [guide][5]
+that describes it for both Unix and Windows systems.
 
 ## Signed Releases
 
-Release binaries are GPG signed with the key available from
-https://syncthing.net/security/. There is also a built-in automatic
-upgrade mechanism (disabled in some distribution channels) which uses a
-compiled in ECDSA signature. macOS and Windows binaries are also
-code-signed.
+As of v0.10.15 and onwards release binaries are GPG signed with the key
+D26E6ED000654A3E, available from https://syncthing.net/security.html and
+most key servers.
+
+There is also a built in automatic upgrade mechanism (disabled in some
+distribution channels) which uses a compiled in ECDSA signature. Mac OS
+X binaries are also properly code signed.
 
 ## Documentation
 
-Please see the Syncthing [documentation site][6] [[source]][17].
+Please see the [Syncthing documentation site][6].
 
 All code is licensed under the [MPLv2 License][7].
 
-[1]: https://docs.syncthing.net/specs/bep-v1.html
-[2]: https://docs.syncthing.net/intro/getting-started.html
-[3]: https://github.com/syncthing/syncthing/blob/main/etc
-[5]: https://docs.syncthing.net/dev/building.html
-[6]: https://docs.syncthing.net/
-[7]: https://github.com/syncthing/syncthing/blob/main/LICENSE
+[1]: http://docs.syncthing.net/specs/bep-v1.html
+[2]: http://docs.syncthing.net/intro/getting-started.html
+[3]: https://github.com/syncthing/syncthing/blob/master/etc
+[4]: http://www.freenode.net/irc_servers.shtml
+[5]: http://docs.syncthing.net/dev/building.html
+[6]: http://docs.syncthing.net/
+[7]: https://github.com/syncthing/syncthing/blob/master/LICENSE
 [8]: https://forum.syncthing.net/
+[9]: https://kiwiirc.com/client/irc.freenode.net/#syncthing
 [10]: https://github.com/syncthing/syncthing/issues
-[11]: https://docs.syncthing.net/users/contrib.html#gui-wrappers
-[13]: https://github.com/syncthing/syncthing/blob/main/GOALS.md
-[14]: assets/logo-text-128.png
-[15]: https://syncthing.net/
-[16]: https://github.com/syncthing/syncthing/blob/main/README-Docker.md
-[17]: https://github.com/syncthing/docs
+[11]: http://docs.syncthing.net/users/contrib.html#gui-wrappers

buf.gen.yaml

@@ -1,12 +0,0 @@
-version: v2
-managed:
-  enabled: true
-  override:
-    - file_option: go_package_prefix
-      value: github.com/syncthing/syncthing/internal/gen
-plugins:
-  - remote: buf.build/protocolbuffers/go:v1.35.1
-    out: .
-    opt: module=github.com/syncthing/syncthing
-inputs:
-  - directory: proto

buf.yaml

@@ -1,10 +0,0 @@
-version: v2
-modules:
-  - path: proto
-    name: github.com/syncthing/syncthing
-lint:
-  use:
-    - STANDARD
-breaking:
-  use:
-    - WIRE_JSON

build.ps1

@@ -1,20 +0,0 @@
-function build {
-    go run build.go @args
-}
-
-$cmd, $rest = $args
-switch ($cmd) {
-    "test" {
-        $env:LOGGER_DISCARD=1
-        build test
-    }
-
-    "bench" {
-        $env:LOGGER_DISCARD=1
-        build bench
-    }
-
-    default {
-        build @rest
-    }
-}

build.sh

@@ -2,6 +2,8 @@
 set -euo pipefail
 IFS=$'\n\t'
 
+STTRACE=${STTRACE:-}
+
 script() {
 	name="$1"
 	shift
@@ -13,24 +15,172 @@ build() {
 }
 
 case "${1:-default}" in
+	default)
+		build
+		;;
+
+	clean)
+		build "$@"
+		;;
+
+	tar)
+		build "$@"
+		;;
+
+	assets)
+		build "$@"
+		;;
+
+	xdr)
+		build "$@"
+		;;
+
+	translate)
+		build "$@"
+		;;
+
+	deb)
+		build "$@"
+		;;
+
+	setup)
+		build "$@"
+		;;
+
 	test)
+		ulimit -t 600 &>/dev/null || true
+		ulimit -d 512000 &>/dev/null || true
+		ulimit -m 512000 &>/dev/null || true
 		LOGGER_DISCARD=1 build test
 		;;
 
 	bench)
-		LOGGER_DISCARD=1 build bench
+		LOGGER_DISCARD=1 build bench | script benchfilter
 		;;
 
 	prerelease)
-		script authors
-		script copyrights
-		build weblate
+		go run script/authors.go
+		build transifex
+		git add -A gui/default/assets/ lib/auto/
 		pushd man ; ./refresh.sh ; popd
-		git add -A gui man AUTHORS
-		git commit -m 'chore(gui, man, authors): update docs, translations, and contributors'
+		git add -A man
+		;;
+
+	noupgrade)
+		build -no-upgrade tar
+		;;
+
+	all)
+		platforms=(
+			darwin-amd64 dragonfly-amd64 freebsd-amd64 linux-amd64 netbsd-amd64 openbsd-amd64 solaris-amd64 windows-amd64
+			freebsd-386 linux-386 netbsd-386 openbsd-386 windows-386
+			linux-arm linux-arm64 linux-ppc64 linux-ppc64le
+		)
+
+		for plat in "${platforms[@]}"; do
+			echo Building "$plat"
+
+			goos="${plat%-*}"
+			goarch="${plat#*-}"
+			dist="tar"
+
+			if [[ $goos == "windows" ]]; then
+				dist="zip"
+			fi
+
+			build -goos "$goos" -goarch "$goarch" "$dist"
+			echo
+		done
+		;;
+
+	test-cov)
+		ulimit -t 600 &>/dev/null || true
+		ulimit -d 512000 &>/dev/null || true
+		ulimit -m 512000 &>/dev/null || true
+
+		echo "mode: set" > coverage.out
+		fail=0
+
+		# For every package in the repo
+		for dir in $(go list ./lib/... ./cmd/...) ; do
+			# run the tests
+			GOPATH="$(pwd)/Godeps/_workspace:$GOPATH" go test -race -coverprofile=profile.out $dir
+			if [ -f profile.out ] ; then
+				# and if there was test output, append it to coverage.out
+				grep -v "mode: " profile.out >> coverage.out
+				rm profile.out
+			fi
+		done
+
+		gocov convert coverage.out | gocov-xml > coverage.xml
+
+		# This is usually run from within Jenkins. If it is, we need to
+		# tweak the paths in coverage.xml so cobertura finds the
+		# source.
+		if [[ "${WORKSPACE:-default}" != "default" ]] ; then
+			sed "s#$WORKSPACE##g" < coverage.xml > coverage.xml.new && mv coverage.xml.new coverage.xml
+		fi
+		;;
+
+	test-xunit)
+		ulimit -t 600 &>/dev/null || true
+		ulimit -d 512000 &>/dev/null || true
+		ulimit -m 512000 &>/dev/null || true
+
+		(GOPATH="$(pwd)/Godeps/_workspace:$GOPATH" go test -v -race ./lib/... ./cmd/... || true) > tests.out
+		go2xunit -output tests.xml -fail < tests.out
+		;;
+
+	docker-all)
+		img=${DOCKERIMG:-syncthing/build:latest}
+		docker run --rm -h syncthing-builder -u $(id -u) -t \
+			-v $(pwd):/go/src/github.com/syncthing/syncthing \
+			-w /go/src/github.com/syncthing/syncthing \
+			-e "STTRACE=$STTRACE" \
+			"$img" \
+			sh -c './build.sh clean \
+				&& ./build.sh test-cov \
+				&& ./build.sh bench \
+				&& ./build.sh all'
+		;;
+
+	docker-test)
+		img=${DOCKERIMG:-syncthing/build:latest}
+		docker run --rm -h syncthing-builder -u $(id -u) -t \
+			-v $(pwd):/go/src/github.com/syncthing/syncthing \
+			-w /go/src/github.com/syncthing/syncthing \
+			-e "STTRACE=$STTRACE" \
+			"$img" \
+			sh -euxc './build.sh clean \
+				&& go run build.go -race \
+				&& export GOPATH=$(pwd)/Godeps/_workspace:$GOPATH \
+				&& cd test \
+				&& go test -tags integration -v -timeout 90m -short \
+				&& git clean -fxd .'
+		;;
+
+	docker-lint)
+		img=${DOCKERIMG:-syncthing/build:latest}
+		docker run --rm -h syncthing-builder -u $(id -u) -t \
+			-v $(pwd):/go/src/github.com/syncthing/syncthing \
+			-w /go/src/github.com/syncthing/syncthing \
+			-e "STTRACE=$STTRACE" \
+			"$img" \
+			sh -euxc 'go run build.go lint'
+		;;
+
+
+	docker-vet)
+		img=${DOCKERIMG:-syncthing/build:latest}
+		docker run --rm -h syncthing-builder -u $(id -u) -t \
+			-v $(pwd):/go/src/github.com/syncthing/syncthing \
+			-w /go/src/github.com/syncthing/syncthing \
+			-e "STTRACE=$STTRACE" \
+			"$img" \
+			sh -euxc 'go run build.go vet'
 		;;
 
 	*)
-		build "$@"
+		echo "Unknown build command $1"
 		;;
 esac

cmd/dev/stfindignored/main.go

@@ -1,45 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-// Command stfindignored lists ignored files under a given folder root.
-package main
-
-import (
-	"flag"
-	"fmt"
-	"os"
-
-	_ "github.com/syncthing/syncthing/lib/automaxprocs"
-	"github.com/syncthing/syncthing/lib/fs"
-	"github.com/syncthing/syncthing/lib/ignore"
-)
-
-func main() {
-	flag.Parse()
-	root := flag.Arg(0)
-	if root == "" {
-		root = "."
-	}
-
-	vfs := fs.NewWalkFilesystem(fs.NewFilesystem(fs.FilesystemTypeBasic, root))
-
-	ign := ignore.New(vfs)
-	if err := ign.Load(".stignore"); err != nil {
-		fmt.Fprintf(os.Stderr, "Fatal: loading ignores: %v\n", err)
-		os.Exit(1)
-	}
-
-	vfs.Walk(".", func(path string, info fs.FileInfo, err error) error {
-		if err != nil {
-			fmt.Fprintf(os.Stderr, "Warning: %s: %v\n", path, err)
-			return fs.SkipDir
-		}
-		if ign.Match(path).IsIgnored() {
-			fmt.Println(path)
-		}
-		return nil
-	})
-}

cmd/infra/stcrashreceiver/diskstore.go

@@ -1,199 +0,0 @@
-// Copyright (C) 2023 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"bytes"
-	"cmp"
-	"compress/gzip"
-	"context"
-	"io"
-	"log"
-	"math"
-	"os"
-	"path/filepath"
-	"slices"
-	"time"
-)
-
-type diskStore struct {
-	dir      string
-	inbox    chan diskEntry
-	maxBytes int64
-	maxFiles int
-
-	currentFiles []currentFile
-	currentSize  int64
-}
-
-type diskEntry struct {
-	path string
-	data []byte
-}
-
-type currentFile struct {
-	path  string
-	size  int64
-	mtime int64
-}
-
-func (d *diskStore) Serve(ctx context.Context) {
-	if err := os.MkdirAll(d.dir, 0o700); err != nil {
-		log.Println("Creating directory:", err)
-		return
-	}
-
-	if err := d.inventory(); err != nil {
-		log.Println("Failed to inventory disk store:", err)
-	}
-	d.clean()
-
-	cleanTimer := time.NewTicker(time.Minute)
-	inventoryTimer := time.NewTicker(24 * time.Hour)
-
-	buf := new(bytes.Buffer)
-	gw := gzip.NewWriter(buf)
-	for {
-		select {
-		case entry := <-d.inbox:
-			path := d.fullPath(entry.path)
-
-			if err := os.MkdirAll(filepath.Dir(path), 0o700); err != nil {
-				log.Println("Creating directory:", err)
-				continue
-			}
-
-			buf.Reset()
-			gw.Reset(buf)
-			if _, err := gw.Write(entry.data); err != nil {
-				log.Println("Failed to compress crash report:", err)
-				continue
-			}
-			if err := gw.Close(); err != nil {
-				log.Println("Failed to compress crash report:", err)
-				continue
-			}
-			if err := os.WriteFile(path, buf.Bytes(), 0o600); err != nil {
-				log.Printf("Failed to write %s: %v", entry.path, err)
-				_ = os.Remove(path)
-				continue
-			}
-
-			d.currentSize += int64(buf.Len())
-			d.currentFiles = append(d.currentFiles, currentFile{
-				size: int64(len(entry.data)),
-				path: path,
-			})
-
-		case <-cleanTimer.C:
-			d.clean()
-
-		case <-inventoryTimer.C:
-			if err := d.inventory(); err != nil {
-				log.Println("Failed to inventory disk store:", err)
-			}
-
-		case <-ctx.Done():
-			return
-		}
-	}
-}
-
-func (d *diskStore) Put(path string, data []byte) bool {
-	select {
-	case d.inbox <- diskEntry{
-		path: path,
-		data: data,
-	}:
-		return true
-	default:
-		return false
-	}
-}
-
-func (d *diskStore) Get(path string) ([]byte, error) {
-	path = d.fullPath(path)
-	bs, err := os.ReadFile(path)
-	if err != nil {
-		return nil, err
-	}
-	gr, err := gzip.NewReader(bytes.NewReader(bs))
-	if err != nil {
-		return nil, err
-	}
-	defer gr.Close()
-	return io.ReadAll(gr)
-}
-
-func (d *diskStore) Exists(path string) bool {
-	path = d.fullPath(path)
-	_, err := os.Lstat(path)
-	return err == nil
-}
-
-func (d *diskStore) clean() {
-	for len(d.currentFiles) > 0 && (len(d.currentFiles) > d.maxFiles || d.currentSize > d.maxBytes) {
-		f := d.currentFiles[0]
-		log.Println("Removing", f.path)
-		if err := os.Remove(f.path); err != nil {
-			log.Println("Failed to remove file:", err)
-		}
-		d.currentFiles = d.currentFiles[1:]
-		d.currentSize -= f.size
-	}
-	var oldest time.Duration
-	if len(d.currentFiles) > 0 {
-		oldest = time.Since(time.Unix(d.currentFiles[0].mtime, 0)).Truncate(time.Minute)
-	}
-
-	metricDiskstoreFilesTotal.Set(float64(len(d.currentFiles)))
-	metricDiskstoreBytesTotal.Set(float64(d.currentSize))
-	metricDiskstoreOldestAgeSeconds.Set(math.Round(oldest.Seconds()))
-
-	log.Printf("Clean complete: %d files, %d MB, oldest is %v ago", len(d.currentFiles), d.currentSize>>20, oldest)
-}
-
-func (d *diskStore) inventory() error {
-	d.currentFiles = nil
-	d.currentSize = 0
-	err := filepath.Walk(d.dir, func(path string, info os.FileInfo, err error) error {
-		if err != nil {
-			return err
-		}
-		if info.IsDir() {
-			return nil
-		}
-		if filepath.Ext(path) != ".gz" {
-			return nil
-		}
-		d.currentSize += info.Size()
-		d.currentFiles = append(d.currentFiles, currentFile{
-			path:  path,
-			size:  info.Size(),
-			mtime: info.ModTime().Unix(),
-		})
-		return nil
-	})
-	slices.SortFunc(d.currentFiles, func(a, b currentFile) int {
-		return cmp.Compare(a.mtime, b.mtime)
-	})
-	var oldest time.Duration
-	if len(d.currentFiles) > 0 {
-		oldest = time.Since(time.Unix(d.currentFiles[0].mtime, 0)).Truncate(time.Minute)
-	}
-
-	metricDiskstoreFilesTotal.Set(float64(len(d.currentFiles)))
-	metricDiskstoreBytesTotal.Set(float64(d.currentSize))
-	metricDiskstoreOldestAgeSeconds.Set(math.Round(oldest.Seconds()))
-
-	log.Printf("Inventory complete: %d files, %d MB, oldest is %v ago", len(d.currentFiles), d.currentSize>>20, oldest)
-	return err
-}
-
-func (d *diskStore) fullPath(path string) string {
-	return filepath.Join(d.dir, path[0:2], path[2:]) + ".gz"
-}

cmd/infra/stcrashreceiver/main.go

@@ -1,228 +0,0 @@
-// Copyright (C) 2019 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-// Command stcrashreceiver is a trivial HTTP server that allows two things:
-//
-// - uploading files (crash reports) named like a SHA256 hash using a PUT request
-// - checking whether such file exists using a HEAD request
-//
-// Typically this should be deployed behind something that manages HTTPS.
-package main
-
-import (
-	"context"
-	"crypto/sha256"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log"
-	"net/http"
-	"os"
-	"path/filepath"
-	"regexp"
-	"strings"
-
-	"github.com/alecthomas/kong"
-	raven "github.com/getsentry/raven-go"
-	"github.com/prometheus/client_golang/prometheus/promhttp"
-	_ "github.com/syncthing/syncthing/lib/automaxprocs"
-	"github.com/syncthing/syncthing/lib/build"
-	"github.com/syncthing/syncthing/lib/ur"
-)
-
-const maxRequestSize = 1 << 20 // 1 MiB
-
-type cli struct {
-	Dir            string `help:"Parent directory to store crash and failure reports in" env:"REPORTS_DIR" default:"."`
-	DSN            string `help:"Sentry DSN" env:"SENTRY_DSN"`
-	Listen         string `help:"HTTP listen address" default:":8080" env:"LISTEN_ADDRESS"`
-	MaxDiskFiles   int    `help:"Maximum number of reports on disk" default:"100000" env:"MAX_DISK_FILES"`
-	MaxDiskSizeMB  int64  `help:"Maximum disk space to use for reports" default:"1024" env:"MAX_DISK_SIZE_MB"`
-	SentryQueue    int    `help:"Maximum number of reports to queue for sending to Sentry" default:"64" env:"SENTRY_QUEUE"`
-	DiskQueue      int    `help:"Maximum number of reports to queue for writing to disk" default:"64" env:"DISK_QUEUE"`
-	MetricsListen  string `help:"HTTP listen address for metrics" default:":8081" env:"METRICS_LISTEN_ADDRESS"`
-	IgnorePatterns string `help:"File containing ignore patterns (regexp)" env:"IGNORE_PATTERNS" type:"existingfile"`
-}
-
-func main() {
-	var params cli
-	kong.Parse(&params)
-
-	mux := http.NewServeMux()
-
-	ds := &diskStore{
-		dir:      filepath.Join(params.Dir, "crash_reports"),
-		inbox:    make(chan diskEntry, params.DiskQueue),
-		maxFiles: params.MaxDiskFiles,
-		maxBytes: params.MaxDiskSizeMB << 20,
-	}
-	go ds.Serve(context.Background())
-
-	ss := &sentryService{
-		dsn:   params.DSN,
-		inbox: make(chan sentryRequest, params.SentryQueue),
-	}
-	go ss.Serve(context.Background())
-
-	var ip *ignorePatterns
-	if params.IgnorePatterns != "" {
-		var err error
-		ip, err = loadIgnorePatterns(params.IgnorePatterns)
-		if err != nil {
-			log.Fatalf("Failed to load ignore patterns: %v", err)
-		}
-	}
-
-	cr := &crashReceiver{
-		store:  ds,
-		sentry: ss,
-		ignore: ip,
-	}
-
-	mux.Handle("/", cr)
-	mux.HandleFunc("/ping", func(w http.ResponseWriter, req *http.Request) {
-		w.Write([]byte("OK"))
-	})
-
-	if params.MetricsListen != "" {
-		mmux := http.NewServeMux()
-		mmux.Handle("/metrics", promhttp.Handler())
-		go func() {
-			if err := http.ListenAndServe(params.MetricsListen, mmux); err != nil {
-				log.Fatalln("HTTP serve metrics:", err)
-			}
-		}()
-	}
-
-	if params.DSN != "" {
-		mux.HandleFunc("/newcrash/failure", handleFailureFn(params.DSN, filepath.Join(params.Dir, "failure_reports"), ip))
-	}
-
-	log.SetOutput(os.Stdout)
-	if err := http.ListenAndServe(params.Listen, mux); err != nil {
-		log.Fatalln("HTTP serve:", err)
-	}
-}
-
-func handleFailureFn(dsn, failureDir string, ignore *ignorePatterns) func(w http.ResponseWriter, req *http.Request) {
-	return func(w http.ResponseWriter, req *http.Request) {
-		result := "failure"
-		defer func() {
-			metricFailureReportsTotal.WithLabelValues(result).Inc()
-		}()
-
-		lr := io.LimitReader(req.Body, maxRequestSize)
-		bs, err := io.ReadAll(lr)
-		req.Body.Close()
-		if err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-
-		if ignore.match(bs) {
-			result = "ignored"
-			return
-		}
-
-		var reports []ur.FailureReport
-		err = json.Unmarshal(bs, &reports)
-		if err != nil {
-			http.Error(w, err.Error(), http.StatusBadRequest)
-			return
-		}
-		if len(reports) == 0 {
-			// Shouldn't happen
-			log.Printf("Got zero failure reports")
-			return
-		}
-
-		version, err := build.ParseVersion(reports[0].Version)
-		if err != nil {
-			http.Error(w, err.Error(), http.StatusBadRequest)
-			return
-		}
-		for _, r := range reports {
-			pkt := packet(version, "failure")
-			pkt.Message = r.Description
-			pkt.Extra = raven.Extra{
-				"count": r.Count,
-			}
-			for k, v := range r.Extra {
-				pkt.Extra[k] = v
-			}
-			if r.Goroutines != "" {
-				url, err := saveFailureWithGoroutines(r.FailureData, failureDir)
-				if err != nil {
-					log.Println("Saving failure report:", err)
-					http.Error(w, "Internal server error", http.StatusInternalServerError)
-					return
-				}
-				pkt.Extra["goroutinesURL"] = url
-			}
-			message := sanitizeMessageLDB(r.Description)
-			pkt.Fingerprint = []string{message}
-
-			if err := sendReport(dsn, pkt, userIDFor(req)); err != nil {
-				log.Println("Failed to send failure report:", err)
-			} else {
-				log.Println("Sent failure report:", r.Description)
-				result = "success"
-			}
-		}
-	}
-}
-
-func saveFailureWithGoroutines(data ur.FailureData, failureDir string) (string, error) {
-	bs := make([]byte, len(data.Description)+len(data.Goroutines))
-	copy(bs, data.Description)
-	copy(bs[len(data.Description):], data.Goroutines)
-	id := fmt.Sprintf("%x", sha256.Sum256(bs))
-	path := fullPathCompressed(failureDir, id)
-	err := compressAndWrite(bs, path)
-	if err != nil {
-		return "", err
-	}
-	return reportServer + path, nil
-}
-
-type ignorePatterns struct {
-	patterns []*regexp.Regexp
-}
-
-func loadIgnorePatterns(path string) (*ignorePatterns, error) {
-	bs, err := os.ReadFile(path)
-	if err != nil {
-		return nil, err
-	}
-
-	var patterns []*regexp.Regexp
-	for _, line := range strings.Split(string(bs), "\n") {
-		line = strings.TrimSpace(line)
-		if line == "" {
-			continue
-		}
-		re, err := regexp.Compile(line)
-		if err != nil {
-			return nil, err
-		}
-		patterns = append(patterns, re)
-	}
-
-	log.Printf("Loaded %d ignore patterns", len(patterns))
-	return &ignorePatterns{patterns: patterns}, nil
-}
-
-func (i *ignorePatterns) match(report []byte) bool {
-	if i == nil {
-		return false
-	}
-	for _, re := range i.patterns {
-		if re.Match(report) {
-			return true
-		}
-	}
-	return false
-}

cmd/infra/stcrashreceiver/metrics.go

@@ -1,40 +0,0 @@
-// Copyright (C) 2023 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/client_golang/prometheus/promauto"
-)
-
-var (
-	metricCrashReportsTotal = promauto.NewCounterVec(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "crashreceiver",
-		Name:      "crash_reports_total",
-	}, []string{"result"})
-	metricFailureReportsTotal = promauto.NewCounterVec(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "crashreceiver",
-		Name:      "failure_reports_total",
-	}, []string{"result"})
-	metricDiskstoreFilesTotal = promauto.NewGauge(prometheus.GaugeOpts{
-		Namespace: "syncthing",
-		Subsystem: "crashreceiver",
-		Name:      "diskstore_files_total",
-	})
-	metricDiskstoreBytesTotal = promauto.NewGauge(prometheus.GaugeOpts{
-		Namespace: "syncthing",
-		Subsystem: "crashreceiver",
-		Name:      "diskstore_bytes_total",
-	})
-	metricDiskstoreOldestAgeSeconds = promauto.NewGauge(prometheus.GaugeOpts{
-		Namespace: "syncthing",
-		Subsystem: "crashreceiver",
-		Name:      "diskstore_oldest_age_seconds",
-	})
-)

cmd/infra/stcrashreceiver/sentry.go

@@ -1,242 +0,0 @@
-// Copyright (C) 2019 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"bytes"
-	"context"
-	"errors"
-	"io"
-	"log"
-	"regexp"
-	"strings"
-	"sync"
-
-	raven "github.com/getsentry/raven-go"
-	"github.com/maruel/panicparse/v2/stack"
-	"github.com/syncthing/syncthing/lib/build"
-)
-
-const reportServer = "https://crash.syncthing.net/report/"
-
-var loader = newGithubSourceCodeLoader()
-
-func init() {
-	raven.SetSourceCodeLoader(loader)
-}
-
-var (
-	clients    = make(map[string]*raven.Client)
-	clientsMut sync.Mutex
-)
-
-type sentryService struct {
-	dsn   string
-	inbox chan sentryRequest
-}
-
-type sentryRequest struct {
-	reportID string
-	userID   string
-	data     []byte
-}
-
-func (s *sentryService) Serve(ctx context.Context) {
-	for {
-		select {
-		case req := <-s.inbox:
-			pkt, err := parseCrashReport(req.reportID, req.data)
-			if err != nil {
-				log.Println("Failed to parse crash report:", err)
-				continue
-			}
-			if err := sendReport(s.dsn, pkt, req.userID); err != nil {
-				log.Println("Failed to send crash report:", err)
-			}
-
-		case <-ctx.Done():
-			return
-		}
-	}
-}
-
-func (s *sentryService) Send(reportID, userID string, data []byte) bool {
-	select {
-	case s.inbox <- sentryRequest{reportID, userID, data}:
-		return true
-	default:
-		return false
-	}
-}
-
-func sendReport(dsn string, pkt *raven.Packet, userID string) error {
-	pkt.Interfaces = append(pkt.Interfaces, &raven.User{ID: userID})
-
-	clientsMut.Lock()
-	defer clientsMut.Unlock()
-
-	cli, ok := clients[dsn]
-	if !ok {
-		var err error
-		cli, err = raven.New(dsn)
-		if err != nil {
-			return err
-		}
-		clients[dsn] = cli
-	}
-
-	// The client sets release and such on the packet before sending, in the
-	// misguided idea that it knows this better than the packet we give
-	// it. So we copy the values from the packet to the client first...
-	cli.SetRelease(pkt.Release)
-	cli.SetEnvironment(pkt.Environment)
-
-	defer cli.Wait()
-	_, errC := cli.Capture(pkt, nil)
-	return <-errC
-}
-
-func parseCrashReport(path string, report []byte) (*raven.Packet, error) {
-	parts := bytes.SplitN(report, []byte("\n"), 2)
-	if len(parts) != 2 {
-		return nil, errors.New("no first line")
-	}
-
-	version, err := build.ParseVersion(string(parts[0]))
-	if err != nil {
-		return nil, err
-	}
-	report = parts[1]
-
-	foundPanic := false
-	var subjectLine []byte
-	for {
-		parts = bytes.SplitN(report, []byte("\n"), 2)
-		if len(parts) != 2 {
-			return nil, errors.New("no panic line found")
-		}
-
-		line := parts[0]
-		report = parts[1]
-
-		if foundPanic {
-			// The previous line was our "Panic at ..." header. We are now
-			// at the beginning of the real panic trace and this is our
-			// subject line.
-			subjectLine = line
-			break
-		} else if bytes.HasPrefix(line, []byte("Panic at")) {
-			foundPanic = true
-		}
-	}
-
-	r := bytes.NewReader(report)
-	ctx, _, err := stack.ScanSnapshot(r, io.Discard, stack.DefaultOpts())
-	if err != nil && !errors.Is(err, io.EOF) {
-		return nil, err
-	}
-	if ctx == nil || len(ctx.Goroutines) == 0 {
-		return nil, errors.New("no goroutines found")
-	}
-
-	// Lock the source code loader to the version we are processing here.
-	if version.Commit != "" {
-		// We have a commit hash, so we know exactly which source to use
-		loader.LockWithVersion(version.Commit)
-	} else if strings.HasPrefix(version.Tag, "v") {
-		// Lets hope the tag is close enough
-		loader.LockWithVersion(version.Tag)
-	} else {
-		// Last resort
-		loader.LockWithVersion("main")
-	}
-	defer loader.Unlock()
-
-	var trace raven.Stacktrace
-	for _, gr := range ctx.Goroutines {
-		if gr.First {
-			trace.Frames = make([]*raven.StacktraceFrame, len(gr.Stack.Calls))
-			for i, sc := range gr.Stack.Calls {
-				trace.Frames[len(trace.Frames)-1-i] = raven.NewStacktraceFrame(0, sc.Func.Name, sc.RemoteSrcPath, sc.Line, 3, nil)
-			}
-			break
-		}
-	}
-
-	pkt := packet(version, "crash")
-	pkt.Message = string(subjectLine)
-	pkt.Extra = raven.Extra{
-		"url": reportServer + path,
-	}
-	pkt.Interfaces = []raven.Interface{&trace}
-	pkt.Fingerprint = crashReportFingerprint(pkt.Message)
-
-	return pkt, nil
-}
-
-var (
-	indexRe          = regexp.MustCompile(`\[[-:0-9]+\]`)
-	sizeRe           = regexp.MustCompile(`(length|capacity) [0-9]+`)
-	ldbPosRe         = regexp.MustCompile(`(\(pos=)([0-9]+)\)`)
-	ldbChecksumRe    = regexp.MustCompile(`(want=0x)([a-z0-9]+)( got=0x)([a-z0-9]+)`)
-	ldbFileRe        = regexp.MustCompile(`(\[file=)([0-9]+)(\.ldb\])`)
-	ldbInternalKeyRe = regexp.MustCompile(`(internal key ")[^"]+(", len=)[0-9]+`)
-	ldbPathRe        = regexp.MustCompile(`(open|write|read) .+[\\/].+[\\/]index[^\\/]+[\\/][^\\/]+: `)
-)
-
-func sanitizeMessageLDB(message string) string {
-	message = ldbPosRe.ReplaceAllString(message, "${1}x)")
-	message = ldbFileRe.ReplaceAllString(message, "${1}x${3}")
-	message = ldbChecksumRe.ReplaceAllString(message, "${1}X${3}X")
-	message = ldbInternalKeyRe.ReplaceAllString(message, "${1}x${2}x")
-	message = ldbPathRe.ReplaceAllString(message, "$1 x: ")
-	return message
-}
-
-func crashReportFingerprint(message string) []string {
-	// Do not fingerprint on the stack in case of db corruption or fatal
-	// db io error - where it occurs doesn't matter.
-	orig := message
-	message = sanitizeMessageLDB(message)
-	if message != orig {
-		return []string{message}
-	}
-
-	message = indexRe.ReplaceAllString(message, "[x]")
-	message = sizeRe.ReplaceAllString(message, "$1 x")
-
-	// {{ default }} is what sentry uses as a fingerprint by default. While
-	// never specified, the docs point at this being some hash derived from the
-	// stack trace. Here we include the filtered panic message on top of that.
-	// https://docs.sentry.io/platforms/go/data-management/event-grouping/sdk-fingerprinting/#basic-example
-	return []string{"{{ default }}", message}
-}
-
-func packet(version build.VersionParts, reportType string) *raven.Packet {
-	pkt := &raven.Packet{
-		Platform:    "go",
-		Release:     version.Tag,
-		Environment: version.Environment(),
-		Tags: raven.Tags{
-			raven.Tag{Key: "version", Value: version.Version},
-			raven.Tag{Key: "tag", Value: version.Tag},
-			raven.Tag{Key: "codename", Value: version.Codename},
-			raven.Tag{Key: "runtime", Value: version.Runtime},
-			raven.Tag{Key: "goos", Value: version.GOOS},
-			raven.Tag{Key: "goarch", Value: version.GOARCH},
-			raven.Tag{Key: "builder", Value: version.Builder},
-			raven.Tag{Key: "report_type", Value: reportType},
-		},
-	}
-	if version.Commit != "" {
-		pkt.Tags = append(pkt.Tags, raven.Tag{Key: "commit", Value: version.Commit})
-	}
-	for _, tag := range version.Extra {
-		pkt.Tags = append(pkt.Tags, raven.Tag{Key: tag, Value: "1"})
-	}
-	return pkt
-}

cmd/infra/stcrashreceiver/sentry_test.go

@@ -1,95 +0,0 @@
-// Copyright (C) 2019 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"fmt"
-	"os"
-	"testing"
-)
-
-func TestParseReport(t *testing.T) {
-	bs, err := os.ReadFile("_testdata/panic.log")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	pkt, err := parseCrashReport("1/2/345", bs)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	bs, err = pkt.JSON()
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	fmt.Printf("%s\n", bs)
-}
-
-func TestCrashReportFingerprint(t *testing.T) {
-	cases := []struct {
-		message, exp string
-		ldb          bool
-	}{
-		{
-			message: "panic: leveldb/table: corruption on data-block (pos=51308946): checksum mismatch, want=0xa89f9aa0 got=0xd27cc4c7 [file=004003.ldb]",
-			exp:     "panic: leveldb/table: corruption on data-block (pos=x): checksum mismatch, want=0xX got=0xX [file=x.ldb]",
-			ldb:     true,
-		},
-		{
-			message: "panic: leveldb/table: corruption on table-footer (pos=248): bad magic number [file=001370.ldb]",
-			exp:     "panic: leveldb/table: corruption on table-footer (pos=x): bad magic number [file=x.ldb]",
-			ldb:     true,
-		},
-		{
-			message: "panic: runtime error: slice bounds out of range [4294967283:4194304]",
-			exp:     "panic: runtime error: slice bounds out of range [x]",
-		},
-		{
-			message: "panic: runtime error: slice bounds out of range [-2:]",
-			exp:     "panic: runtime error: slice bounds out of range [x]",
-		},
-		{
-			message: "panic: runtime error: slice bounds out of range [:4294967283] with capacity 32768",
-			exp:     "panic: runtime error: slice bounds out of range [x] with capacity x",
-		},
-		{
-			message: "panic: runtime error: index out of range [0] with length 0",
-			exp:     "panic: runtime error: index out of range [x] with length x",
-		},
-		{
-			message: `panic: leveldb: internal key "\x01", len=1: invalid length`,
-			exp:     `panic: leveldb: internal key "x", len=x: invalid length`,
-			ldb:     true,
-		},
-		{
-			message: `panic: write /var/syncthing/config/index-v0.14.0.db/2732813.log: cannot allocate memory`,
-			exp:     `panic: write x: cannot allocate memory`,
-			ldb:     true,
-		},
-		{
-			message: `panic: filling Blocks: read C:\Users\Serv-Resp-Tizayuca\AppData\Local\Syncthing\index-v0.14.0.db\006561.ldb: Error de datos (comprobación de redundancia cíclica).`,
-			exp:     `panic: filling Blocks: read x: Error de datos (comprobación de redundancia cíclica).`,
-			ldb:     true,
-		},
-	}
-
-	for i, tc := range cases {
-		fingerprint := crashReportFingerprint(tc.message)
-
-		expLen := 2
-		if tc.ldb {
-			expLen = 1
-		}
-		if l := len(fingerprint); l != expLen {
-			t.Errorf("tc %v: Unexpected fingerprint length: %v != %v", i, l, expLen)
-		} else if msg := fingerprint[expLen-1]; msg != tc.exp {
-			t.Errorf("tc %v:\n\"%v\" !=\n\"%v\"", i, msg, tc.exp)
-		}
-	}
-}

cmd/infra/stcrashreceiver/sourcecodeloader.go

@@ -1,117 +0,0 @@
-// Copyright (C) 2019 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"net/http"
-	"path/filepath"
-	"strings"
-	"sync"
-	"time"
-)
-
-const (
-	urlPrefix   = "https://raw.githubusercontent.com/syncthing/syncthing/"
-	httpTimeout = 10 * time.Second
-)
-
-type githubSourceCodeLoader struct {
-	mut     sync.Mutex
-	version string
-	cache   map[string]map[string][][]byte // version -> file -> lines
-	client  *http.Client
-}
-
-func newGithubSourceCodeLoader() *githubSourceCodeLoader {
-	return &githubSourceCodeLoader{
-		cache:  make(map[string]map[string][][]byte),
-		client: &http.Client{Timeout: httpTimeout},
-	}
-}
-
-func (l *githubSourceCodeLoader) LockWithVersion(version string) {
-	l.mut.Lock()
-	l.version = version
-	if _, ok := l.cache[version]; !ok {
-		l.cache[version] = make(map[string][][]byte)
-	}
-}
-
-func (l *githubSourceCodeLoader) Unlock() {
-	l.mut.Unlock()
-}
-
-func (l *githubSourceCodeLoader) Load(filename string, line, context int) ([][]byte, int) {
-	filename = filepath.ToSlash(filename)
-	lines, ok := l.cache[l.version][filename]
-	if !ok {
-		// Cache whatever we managed to find (or nil if nothing, so we don't try again)
-		defer func() {
-			l.cache[l.version][filename] = lines
-		}()
-
-		knownPrefixes := []string{"/lib/", "/cmd/"}
-		var idx int
-		for _, pref := range knownPrefixes {
-			idx = strings.Index(filename, pref)
-			if idx >= 0 {
-				break
-			}
-		}
-		if idx == -1 {
-			return nil, 0
-		}
-
-		url := urlPrefix + l.version + filename[idx:]
-		resp, err := l.client.Get(url)
-		if err != nil {
-			fmt.Println("Loading source:", err)
-			return nil, 0
-		}
-		if resp.StatusCode != http.StatusOK {
-			fmt.Println("Loading source:", resp.Status)
-			return nil, 0
-		}
-		data, err := io.ReadAll(resp.Body)
-		_ = resp.Body.Close()
-		if err != nil {
-			fmt.Println("Loading source:", err.Error())
-			return nil, 0
-		}
-		lines = bytes.Split(data, []byte{'\n'})
-	}
-
-	return getLineFromLines(lines, line, context)
-}
-
-func getLineFromLines(lines [][]byte, line, context int) ([][]byte, int) {
-	if lines == nil {
-		// cached error from ReadFile: return no lines
-		return nil, 0
-	}
-
-	line-- // stack trace lines are 1-indexed
-	start := line - context
-	var idx int
-	if start < 0 {
-		start = 0
-		idx = line
-	} else {
-		idx = context
-	}
-	end := line + context + 1
-	if line >= len(lines) {
-		return nil, 0
-	}
-	if end > len(lines) {
-		end = len(lines)
-	}
-	return lines[start:end], idx
-}

cmd/infra/stcrashreceiver/stcrashreceiver.go

@@ -1,133 +0,0 @@
-// Copyright (C) 2019 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"io"
-	"log"
-	"net/http"
-	"path"
-	"strings"
-	"sync"
-)
-
-type crashReceiver struct {
-	store  *diskStore
-	sentry *sentryService
-	ignore *ignorePatterns
-
-	ignoredMut sync.RWMutex
-	ignored    map[string]struct{}
-}
-
-func (r *crashReceiver) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	// The final path component should be a SHA256 hash in hex, so 64 hex
-	// characters. We don't care about case on the request but use lower
-	// case internally.
-	reportID := strings.ToLower(path.Base(req.URL.Path))
-	if len(reportID) != 64 {
-		http.Error(w, "Bad request", http.StatusBadRequest)
-		return
-	}
-	for _, c := range reportID {
-		if c >= 'a' && c <= 'f' {
-			continue
-		}
-		if c >= '0' && c <= '9' {
-			continue
-		}
-		http.Error(w, "Bad request", http.StatusBadRequest)
-		return
-	}
-
-	switch req.Method {
-	case http.MethodGet:
-		r.serveGet(reportID, w, req)
-	case http.MethodHead:
-		r.serveHead(reportID, w, req)
-	case http.MethodPut:
-		r.servePut(reportID, w, req)
-	default:
-		http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
-	}
-}
-
-// serveGet responds to GET requests by serving the uncompressed report.
-func (r *crashReceiver) serveGet(reportID string, w http.ResponseWriter, _ *http.Request) {
-	bs, err := r.store.Get(reportID)
-	if err != nil {
-		http.Error(w, "Not found", http.StatusNotFound)
-		return
-	}
-	w.Write(bs)
-}
-
-// serveHead responds to HEAD requests by checking if the named report
-// already exists in the system.
-func (r *crashReceiver) serveHead(reportID string, w http.ResponseWriter, _ *http.Request) {
-	r.ignoredMut.RLock()
-	_, ignored := r.ignored[reportID]
-	r.ignoredMut.RUnlock()
-	if ignored {
-		return // found
-	}
-	if !r.store.Exists(reportID) {
-		http.Error(w, "Not found", http.StatusNotFound)
-	}
-}
-
-// servePut accepts and stores the given report.
-func (r *crashReceiver) servePut(reportID string, w http.ResponseWriter, req *http.Request) {
-	result := "receive_failure"
-	defer func() {
-		metricCrashReportsTotal.WithLabelValues(result).Inc()
-	}()
-
-	r.ignoredMut.RLock()
-	_, ignored := r.ignored[reportID]
-	r.ignoredMut.RUnlock()
-	if ignored {
-		result = "ignored_cached"
-		io.Copy(io.Discard, req.Body)
-		return // found
-	}
-
-	// Read at most maxRequestSize of report data.
-	log.Println("Receiving report", reportID)
-	lr := io.LimitReader(req.Body, maxRequestSize)
-	bs, err := io.ReadAll(lr)
-	if err != nil {
-		log.Println("Reading report:", err)
-		http.Error(w, "Internal server error", http.StatusInternalServerError)
-		return
-	}
-
-	if r.ignore.match(bs) {
-		r.ignoredMut.Lock()
-		if r.ignored == nil {
-			r.ignored = make(map[string]struct{})
-		}
-		r.ignored[reportID] = struct{}{}
-		r.ignoredMut.Unlock()
-		result = "ignored"
-		return
-	}
-
-	result = "success"
-
-	// Store the report
-	if !r.store.Put(reportID, bs) {
-		log.Println("Failed to store report (queue full):", reportID)
-		result = "queue_failure"
-	}
-
-	// Send the report to Sentry
-	if !r.sentry.Send(reportID, userIDFor(req), bs) {
-		log.Println("Failed to send report to sentry (queue full):", reportID)
-		result = "sentry_failure"
-	}
-}

cmd/infra/stcrashreceiver/util.go

@@ -1,56 +0,0 @@
-// Copyright (C) 2021 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"bytes"
-	"compress/gzip"
-	"crypto/sha256"
-	"encoding/hex"
-	"net"
-	"net/http"
-	"os"
-	"path/filepath"
-	"time"
-)
-
-// userIDFor returns a string we can use as the user ID for the purpose of
-// counting affected users. It's the truncated hash of a salt, the user
-// remote IP, and the current month.
-func userIDFor(req *http.Request) string {
-	addr := req.RemoteAddr
-	if fwd := req.Header.Get("X-Forwarded-For"); fwd != "" {
-		addr = fwd
-	}
-	if host, _, err := net.SplitHostPort(addr); err == nil {
-		addr = host
-	}
-	now := time.Now().Format("200601")
-	salt := "stcrashreporter"
-	hash := sha256.Sum256([]byte(salt + addr + now))
-	return hex.EncodeToString(hash[:8])
-}
-
-// 01234567890abcdef... => 01/23
-func dirFor(base string) string {
-	return filepath.Join(base[0:2], base[2:4])
-}
-
-func fullPathCompressed(root, reportID string) string {
-	return filepath.Join(root, dirFor(reportID), reportID) + ".gz"
-}
-
-func compressAndWrite(bs []byte, fullPath string) error {
-	// Compress the report for storage
-	buf := new(bytes.Buffer)
-	gw := gzip.NewWriter(buf)
-	_, _ = gw.Write(bs) // can't fail
-	gw.Close()
-
-	// Create an output file with the compressed report
-	return os.WriteFile(fullPath, buf.Bytes(), 0o644)
-}

cmd/infra/strelaypoolsrv/README.md

@@ -1,23 +0,0 @@
-# relaypoolsrv
-
-This is the relay pool server for the `syncthing` project, which allows
-community hosted [relaysrv](https://github.com/syncthing/relaysrv)'s to join
-the public pool.
-
-Servers that join the pool are then advertised to users of `syncthing` as
-potential connection points for those who are unable to connect directly due
-to NAT or firewall issues.
-
-There is very little reason why you'd want to run this yourself, as
-`relaypoolsrv` is just used for announcement and lookup of public relay
-servers. If you are looking to set up a private or a public relay, please
-check the documentation for
-[relaysrv](https://github.com/syncthing/relaysrv), which also explains how
-to join the default public pool.
-
-See `relaypoolsrv -help` for configuration options.
-
-##### Third-party attributions
-
-[oschwald/geoip2-golang](https://github.com/oschwald/geoip2-golang), [oschwald/maxminddb-golang](https://github.com/oschwald/maxminddb-golang), Copyright (C) 2015 [Gregory J. Oschwald](mailto:oschwald@gmail.com).
-

cmd/infra/strelaypoolsrv/auto/.gitignore

@@ -1 +0,0 @@
-gui.files.go

cmd/infra/strelaypoolsrv/auto/doc.go

@@ -1,10 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-//go:generate go run ../../../../script/genassets.go -o gui.files.go ../gui
-
-// Package auto contains auto generated files for web assets.
-package auto

cmd/infra/strelaypoolsrv/auto/noassets.go

@@ -1,16 +0,0 @@
-// Copyright (C) 2021 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-//go:build noassets
-// +build noassets
-
-package auto
-
-import "github.com/syncthing/syncthing/lib/assets"
-
-func Assets() map[string]assets.Asset {
-	return nil
-}

cmd/infra/strelaypoolsrv/gui/index.html

@@ -1,402 +0,0 @@
-<!DOCTYPE html>
-
-<html lang="en" ng-app="syncthing" ng-controller="relayDataController">
-  <head>
-    <meta charset="utf-8"/>
-    <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
-    <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
-    <meta name="description" content=""/>
-    <meta name="author" content=""/>
-
-    <title>Relay stats</title>
-    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.13/css/all.css"/>
-    <link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css" rel="stylesheet"/>
-    <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.13/css/all.css"/>
-    <link rel="stylesheet" href="https://unpkg.com/leaflet@1.6.0/dist/leaflet.css"
-  integrity="sha512-xwE/Az9zrjBIphAcBb3F6JVqxf46+CDLwfLMHloNu6KEQCAWi6HcDUbeOfBIptF7tcCzusKFjFw2yuvEpDL9wQ=="
-  crossorigin=""/>
-  <script src="https://unpkg.com/leaflet@1.6.0/dist/leaflet.js"
-  integrity="sha512-gZwIG9x3wUXg2hdXF6+rVkLF/0Vi9U8D2Ntg4Ga5I5BZpVkVxlJWbSQtXPSiUTtC0TjtGOmxa1AJPuV0CPthew=="
-  crossorigin=""></script>
-
-    <style>
-      #map {
-        height: 600px;
-      }
-      .ng-cloak {
-        display: none;
-      }
-      table {
-        font-size: 11px !important;
-        width: 100%;
-        border: 1px;
-
-      }
-      td {
-        padding: 0px !important;
-      }
-      tfoot td {
-        font-weight: bold;
-      }
-    </style>
-  </head>
-
-  <body class="ng-cloak">
-    <div class="container">
-      <h1>Relay Pool Data</h1>
-      <div ng-if="relays === undefined" class="text-center">
-        <img src="https://cdnjs.cloudflare.com/ajax/libs/galleriffic/2.0.1/css/loader.gif" alt=""/>
-        <p>Please wait while we gather data…</p>
-      </div>
-      <div>
-        <div ng-show="relays !== undefined" class="ng-hide">
-          <p>
-            The relays listed on this page are not managed or vetted by the Syncthing project.
-            Each relay is the responsibility of the relay operator.
-            Currently {{ relays.length }} relays are online.
-          </p>
-        </div>
-        <div id="map"></div> <!-- Can't hide the map, otherwise it freaks out -->
-        <p>The circle size represents how much bytes the relay has transferred relatively to other relays.</p>
-      </div>
-      <div>
-        <table class="table table-striped table-condensed table">
-          <thead>
-            <tr>
-              <th rowspan="2">Address</td>
-              <th rowspan="2">
-                <a ng-click="sortType = 'stats.numActiveSessions'; sortReverse = !sortReverse">
-                  Sessions
-                  <span ng-show="sortType == 'stats.numActiveSessions' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.numActiveSessions' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th rowspan="2">
-                <a ng-click="sortType = 'stats.numConnections'; sortReverse = !sortReverse">
-                  Connections
-                  <span ng-show="sortType == 'stats.numConnections' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.numConnections' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th rowspan="2">
-                <a ng-click="sortType = 'stats.bytesProxied'; sortReverse = !sortReverse">
-                  Data relayed
-                  <span ng-show="sortType == 'stats.bytesProxied' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.bytesProxied' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th colspan="6" class="text-center">Transfer rate in the last period</th>
-              <th rowspan="2">
-                <a ng-click="sortType = 'stats.uptimeSeconds'; sortReverse = !sortReverse">
-                  Uptime hours
-                  <span ng-show="sortType == 'stats.uptimeSeconds' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'status.uptimeSeconds' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th rowspan="2">
-                <a ng-click="sortType = 'stats.options[\'provided-by\'] || \'\''; sortReverse = !sortReverse">
-                  Provided by
-                  <span ng-show="sortType == 'stats.options[\'provided-by\'] || \'\'' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.options[\'provided-by\'] || \'\'' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-            </tr>
-            <tr>
-              <th>
-                <a ng-click="sortType = 'stats.kbps10s1m5m15m30m60m[0]'; sortReverse = !sortReverse">
-                  10s
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[0]' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[0]' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th>
-                <a ng-click="sortType = 'stats.kbps10s1m5m15m30m60m[1]'; sortReverse = !sortReverse">
-                  1m
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[1]' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[1]' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th>
-                <a ng-click="sortType = 'stats.kbps10s1m5m15m30m60m[2]'; sortReverse = !sortReverse">
-                  5m
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[2]' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[2]' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th>
-                <a ng-click="sortType = 'stats.kbps10s1m5m15m30m60m[3]'; sortReverse = !sortReverse">
-                  15m
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[3]' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[3]' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th>
-                <a ng-click="sortType = 'stats.kbps10s1m5m15m30m60m[4]'; sortReverse = !sortReverse">
-                  30m
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[4]' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[4]' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-              <th>
-                <a ng-click="sortType = 'stats.kbps10s1m5m15m30m60m[5]'; sortReverse = !sortReverse">
-                  60m
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[5]' && !sortReverse" class="fas fa-caret-down"></span>
-                  <span ng-show="sortType == 'stats.kbps10s1m5m15m30m60m[5]' && sortReverse" class="fas fa-caret-up"></span>
-                </a>
-              </th>
-            </tr>
-          </thead>
-          <tbody>
-            <tr ng-repeat="relay in relays | orderBy:sortType:sortReverse:sortCompare" ng-mouseover="relay.showMarker()" ng-mouseleave="relay.hideMarker()">
-              <td>{{ relay.address }}</td>
-              <td ng-if="!relay.stats" colspan="11"></td>
-              <td ng-if-start="relay.stats">{{ relay.stats.numActiveSessions }}</td>
-              <td>{{ relay.stats.numConnections }}</td>
-              <td>{{ relay.stats.bytesProxied | bytes }}</td>
-              <td>{{ relay.stats.kbps10s1m5m15m30m60m[0] * 128 | bytes }}/s</td>
-              <td>{{ relay.stats.kbps10s1m5m15m30m60m[1] * 128 | bytes }}/s</td>
-              <td>{{ relay.stats.kbps10s1m5m15m30m60m[2] * 128 | bytes }}/s</td>
-              <td>{{ relay.stats.kbps10s1m5m15m30m60m[3] * 128 | bytes }}/s</td>
-              <td>{{ relay.stats.kbps10s1m5m15m30m60m[4] * 128 | bytes }}/s</td>
-              <td>{{ relay.stats.kbps10s1m5m15m30m60m[5] * 128 | bytes }}/s</td>
-              <td ng-if="relay.stats.uptimeSeconds != undefined">{{ relay.stats.uptimeSeconds/60/60 | number:0 }}</td>
-              <td ng-if="relay.stats.uptimeSeconds == undefined"></td>
-              <td title="{{ relay.stats.options['provided-by'] || '' }}" ng-if-end>
-                {{ relay.stats.options['provided-by'] || '' | limitTo:50 }}
-                <span ng-if="(relay.stats.options['provided-by'] || '').length > 50">&hellip;
-              </td>
-            </tr>
-          </tbody>
-          <tfoot>
-            <tr>
-              <td>Totals</td>
-              <td>{{ totals.numActiveSessions }}</td>
-              <td>{{ totals.numConnections }}</td>
-              <td>{{ totals.bytesProxied | bytes }}</td>
-              <td>{{ totals.kbps10s1m5m15m30m60m[0] * 128 | bytes }}/s</td>
-              <td>{{ totals.kbps10s1m5m15m30m60m[1] * 128 | bytes }}/s</td>
-              <td>{{ totals.kbps10s1m5m15m30m60m[2] * 128 | bytes }}/s</td>
-              <td>{{ totals.kbps10s1m5m15m30m60m[3] * 128 | bytes }}/s</td>
-              <td>{{ totals.kbps10s1m5m15m30m60m[4] * 128 | bytes }}/s</td>
-              <td>{{ totals.kbps10s1m5m15m30m60m[5] * 128 | bytes }}/s</td>
-              <td>{{ totals.uptimeSeconds/60/60 | number:0 }} hours</td>
-              <td>{{ relays.length }} relays</td>
-            </tr>
-          </tfoor>
-        </table>
-      </div>
-      <hr>
-      <p>
-        This product includes GeoLite2 data created by MaxMind, available from
-        <a href="https://www.maxmind.com">https://www.maxmind.com</a>.
-      </p>
-    </div>
-
-
-    <script type="text/javascript" src="https://code.jquery.com/jquery-2.1.4.min.js"></script>
-    <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular.min.js"></script>
-    <script type="text/javascript" src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"></script>
-  </body>
-
-  <script>
-  angular.module('syncthing', [
-  ])
-  .config(['$httpProvider', function($httpProvider) {
-    $httpProvider.defaults.timeout = 5000;
-  }])
-  .filter('bytes', function() {
-    return function(bytes, precision) {
-      if (isNaN(parseFloat(bytes)) || !isFinite(bytes)) return '-';
-      if (typeof precision === 'undefined') precision = 1;
-
-      var units = ['bytes', 'kB', 'MB', 'GB', 'TB', 'PB'],
-          number = Math.floor(Math.log(bytes) / Math.log(1024));
-
-      var value = (bytes / Math.pow(1000, Math.floor(number)));
-      if (!isFinite(value)) {
-        value = 0;
-        precision = 0;
-      }
-      if (!isFinite(number)) {
-        units = 'bytes';
-      } else {
-        units = units[number];
-      }
-      return value.toFixed(precision) + ' ' + units;
-    }
-  })
-  .controller('relayDataController', ['$scope', '$rootScope', '$http', '$q', '$compile', '$timeout', function($scope, $rootScope, $http, $q, $compile, $timeout) {
-    $scope.totals = {
-      bytesProxied: 0,
-      goMaxProcs: 0,
-      kbps10s1m5m15m30m60m: [0, 0, 0, 0, 0, 0],
-      numActiveSessions: 0,
-      numConnections: 0,
-      numPendingSessionKeys: 0,
-      numProxies: 0,
-      uptimeSeconds: 0,
-    };
-    $scope.map = L.map('map').setView([40.90296, 1.90925], 2);
-    L.tileLayer('https://tile.openstreetmap.org/{z}/{x}/{y}.png',
-    {
-      attribution: 'Leaflet',
-      maxZoom: 17
-    }).addTo($scope.map);
-    $scope.tooltipTemplate = $('#infoTemplate').html();
-    $scope.usedLocations = {};
-    $scope.sortType = 'stats.numActiveSessions';
-    $scope.sortReverse = true;
-    $scope.sortCompare = function(a, b) {
-      if (a.value == b.value) {
-        return 0;
-      }
-      if (a.type == "undefined" || a.type == "null") {
-        return -1;
-      }
-      if (b.type == "undefined" || b.type == "null") {
-        return 1;
-      }
-      return a.value > b.value ? 1 : -1;
-    }
-
-    $http.get("/endpoint/full").then(function(response) {
-      $scope.relays = response.data.relays;
-
-      angular.forEach($scope.relays, function(relay) {
-        relay.uri = constructURI(relay.url);
-        relay.address = relay.url.split('/')[2];
-
-        addMarkerToMap(relay);
-
-        if (relay.stats) {
-          angular.forEach($scope.totals, function(value, key) {
-            if (typeof $scope.totals[key] == 'number') {
-              $scope.totals[key] += relay.stats[key];
-            } else if (typeof $scope.totals[key] == 'object' && $scope.totals[key] instanceof Array) {
-              angular.forEach($scope.totals[key], function(value, index) {
-                $scope.totals[key][index] += relay.stats[key][index];
-              });
-            }
-          });
-        }
-      });
-
-      // After the totals were calculated, add circles.
-      angular.forEach($scope.relays, function(relay) {
-        if (relay.stats) {
-          addCircleToMap(relay);
-        }
-      });
-
-      if ($scope.relays.length == 1) {
-        //Center to only relay with zoom
-        $scope.map.panTo(new L.LatLng(relays[0].location.latitude, relays[0].location.longitude));
-        $scope.map.setZoom(13);
-      }
-    });
-
-    function addMarkerToMap(relay) {
-        var loc = relay.location.latitude + "," + relay.location.longitude;
-
-        // Deal with overlapping markers
-        while (loc in $scope.usedLocations) {
-          var locParts = loc.split(',');
-          locParts = [parseFloat(locParts[0]), parseFloat(locParts[1])];
-          locParts[Math.round(Math.random())] += 0.5 * (Math.random() >= 0.5 ? 1 : -1);
-          loc = locParts.join(',');
-        }
-
-        $scope.usedLocations[loc] = true;
-
-        var locParts = loc.split(',');
-
-        relay.marker = new L.Marker([relay.location.latitude, relay.location.longitude],{
-          title: relay.url,
-        });
-
-        var scope = $rootScope.$new(true);
-        scope.relay = relay;
-
-        var icon = new L.Icon({
-          iconSize:     [18, 28], // size of the icon
-          iconAnchor:   [9, 28], // point of the icon which will correspond to marker's location
-          shadowAnchor: [0, 0],  // the same for the shadow
-          popupAnchor:  [0, -27], // popup anchor
-          shadowSize:   [0,0],
-          iconUrl: 'https://cdn.rawgit.com/pointhi/leaflet-color-markers/master/img/marker-icon-red.png',
-          shadowUrl: 'https://cdnjs.cloudflare.com/ajax/libs/leaflet/0.7.7/images/marker-shadow.png',
-        });
-
-        relay.marker = new L.marker(new L.latLng(locParts[0], locParts[1]),{icon})
-                            .bindPopup($compile($scope.tooltipTemplate)(scope)[0],{})
-                            .on('mouseover', function (e) {
-                                this.openPopup();
-                            }).on('mouseout', function (e) {
-                                this.closePopup();
-                            }).addTo($scope.map);
-
-        relay.showMarker = function() {
-          relay.marker.openPopup();
-        }
-
-        relay.hideMarker = function() {
-          relay.marker.closePopup();
-        }
-      }
-
-
-    function addCircleToMap(relay) {
-      console.log(relay.location.latitude)
-      L.circle([relay.location.latitude, relay.location.longitude],
-        {
-          radius: ((relay.stats.bytesProxied * 100) / $scope.totals.bytesProxied) * 10000,
-          color: "FF0000",
-          fillColor: "#FF0000",
-          fillOpacity: 0.35,
-        }).addTo($scope.map);
-    }
-
-    function constructURI(url) {
-      var uri = document.createElement('a');
-
-      // HAX, otherwise doesn't work
-      uri.href = url.replace('relay://', 'http://');
-
-      // Convert query string to object
-      uri.args = {};
-      angular.forEach(uri.search.replace(/^\?/, '').split('&'), function(query) {
-          var split = query.split('=');
-          uri.args[split[0]] = split[1];
-      });
-
-      return uri;
-    }
-  }]);
-  </script>
-
-  <script type="text/template" id="infoTemplate">
-    <div>
-      <p><b>{{ relay.uri.hostname }}</b> <span ng-if="relay.stats.options['provided-by']">provided by <u>{{ relay.stats.options['provided-by'] }}</u></span></p>
-      <div ng-if="relay.stats">
-        <span ng-if="relay.stats.startTime">Start time: {{ relay.stats.startTime | date:"medium" }}</br></span>
-        <span ng-if="relay.stats.bytesProxied != undefined">Proxied: {{ relay.stats.bytesProxied | bytes }}</br></span>
-        <span ng-if="relay.stats.numActiveSessions != undefined">Sessions: {{ relay.stats.numActiveSessions }}</br></span>
-        <span ng-if="relay.stats.numConnections != undefined">Clients: {{ relay.stats.numConnections }}</br></span>
-        <span ng-if="relay.stats.options.pools">Pools: {{ relay.stats.options.pools.join(', ') }}</br></span>
-        <span ng-if="relay.stats.options['global-rate'] != undefined">
-          <span ng-if="relay.stats.options['global-rate'] > 0">Global rate limit: {{ relay.stats.options['global-rate'] | bytes }}/s</span>
-          <span ng-if="relay.stats.options['global-rate'] == 0">Global rate limit: unlimited</span>
-          <br/>
-        </span>
-        <span ng-if="relay.stats.options['per-session-rate'] != undefined">
-          <span ng-if="relay.stats.options['per-session-rate'] > 0">Session rate limit: {{ relay.stats.options['per-session-rate'] | bytes }}/s</span>
-          <span ng-if="relay.stats.options['per-session-rate'] == 0">Session rate limit: unlimited</span>
-          <br/>
-        </span>
-      </div>
-      <div ng-if="!relay.stats">
-        Data unavailable.
-      <div>
-    </div>
-  </script>
-</html>

cmd/infra/strelaypoolsrv/main.go

@@ -1,719 +0,0 @@
-// Copyright (C) 2015 Audrius Butkevicius and Contributors (see the CONTRIBUTORS file).
-
-package main
-
-import (
-	"context"
-	"crypto/tls"
-	"crypto/x509"
-	"encoding/json"
-	"flag"
-	"fmt"
-	"log"
-	"net"
-	"net/http"
-	"net/url"
-	"os"
-	"path/filepath"
-	"strconv"
-	"strings"
-	"sync"
-	"sync/atomic"
-	"time"
-
-	lru "github.com/hashicorp/golang-lru/v2"
-	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/client_golang/prometheus/promhttp"
-
-	"github.com/syncthing/syncthing/cmd/infra/strelaypoolsrv/auto"
-	"github.com/syncthing/syncthing/lib/assets"
-	_ "github.com/syncthing/syncthing/lib/automaxprocs"
-	"github.com/syncthing/syncthing/lib/geoip"
-	"github.com/syncthing/syncthing/lib/protocol"
-	"github.com/syncthing/syncthing/lib/rand"
-	"github.com/syncthing/syncthing/lib/relay/client"
-	"github.com/syncthing/syncthing/lib/tlsutil"
-)
-
-type location struct {
-	Latitude  float64 `json:"latitude"`
-	Longitude float64 `json:"longitude"`
-	City      string  `json:"city"`
-	Country   string  `json:"country"`
-	Continent string  `json:"continent"`
-}
-
-type relay struct {
-	URL            string   `json:"url"`
-	Location       location `json:"location"`
-	uri            *url.URL
-	Stats          *stats    `json:"stats"`
-	StatsRetrieved time.Time `json:"statsRetrieved"`
-}
-
-type relayShort struct {
-	URL string `json:"url"`
-}
-
-type stats struct {
-	StartTime          time.Time `json:"startTime"`
-	UptimeSeconds      int       `json:"uptimeSeconds"`
-	PendingSessionKeys int       `json:"numPendingSessionKeys"`
-	ActiveSessions     int       `json:"numActiveSessions"`
-	Connections        int       `json:"numConnections"`
-	Proxies            int       `json:"numProxies"`
-	BytesProxied       int       `json:"bytesProxied"`
-	GoVersion          string    `json:"goVersion"`
-	GoOS               string    `json:"goOS"`
-	GoArch             string    `json:"goArch"`
-	GoMaxProcs         int       `json:"goMaxProcs"`
-	GoRoutines         int       `json:"goNumRoutine"`
-	Rates              []int64   `json:"kbps10s1m5m15m30m60m"`
-	Options            struct {
-		NetworkTimeout int      `json:"network-timeout"`
-		PintInterval   int      `json:"ping-interval"`
-		MessageTimeout int      `json:"message-timeout"`
-		SessionRate    int      `json:"per-session-rate"`
-		GlobalRate     int      `json:"global-rate"`
-		Pools          []string `json:"pools"`
-		ProvidedBy     string   `json:"provided-by"`
-	} `json:"options"`
-}
-
-func (r relay) String() string {
-	return r.URL
-}
-
-type request struct {
-	relay      *relay
-	result     chan result
-	queueTimer *prometheus.Timer
-}
-
-type result struct {
-	err      error
-	eviction time.Duration
-}
-
-var (
-	testCert          tls.Certificate
-	knownRelaysFile   = filepath.Join(os.TempDir(), "strelaypoolsrv_known_relays")
-	listen            = ":80"
-	metricsListen     = ":8081"
-	dir               string
-	evictionTime      = time.Hour
-	debug             bool
-	permRelaysFile    string
-	ipHeader          string
-	proto             string
-	statsRefresh      = time.Minute
-	requestQueueLen   = 64
-	requestProcessors = 8
-	geoipLicenseKey   = os.Getenv("GEOIP_LICENSE_KEY")
-	geoipAccountID, _ = strconv.Atoi(os.Getenv("GEOIP_ACCOUNT_ID"))
-	maxRelaysReturned = 100
-
-	requests chan request
-
-	mut             sync.RWMutex
-	knownRelays     = make([]*relay, 0)
-	permanentRelays = make([]*relay, 0)
-	evictionTimers  = make(map[string]*time.Timer)
-	globalBlocklist = newErrorTracker(1000)
-)
-
-const (
-	httpStatusEnhanceYourCalm = 429
-)
-
-func main() {
-	log.SetOutput(os.Stdout)
-	log.SetFlags(log.Lshortfile)
-
-	flag.StringVar(&listen, "listen", listen, "Listen address")
-	flag.StringVar(&metricsListen, "metrics-listen", metricsListen, "Metrics listen address")
-	flag.StringVar(&dir, "keys", dir, "Directory where http-cert.pem and http-key.pem is stored for TLS listening")
-	flag.BoolVar(&debug, "debug", debug, "Enable debug output")
-	flag.DurationVar(&evictionTime, "eviction", evictionTime, "After how long the relay is evicted")
-	flag.StringVar(&permRelaysFile, "perm-relays", "", "Path to list of permanent relays")
-	flag.StringVar(&knownRelaysFile, "known-relays", knownRelaysFile, "Path to list of current relays")
-	flag.StringVar(&ipHeader, "ip-header", "", "Name of header which holds clients ip:port. Only meaningful when running behind a reverse proxy.")
-	flag.StringVar(&proto, "protocol", "tcp", "Protocol used for listening. 'tcp' for IPv4 and IPv6, 'tcp4' for IPv4, 'tcp6' for IPv6")
-	flag.DurationVar(&statsRefresh, "stats-refresh", statsRefresh, "Interval at which to refresh relay stats")
-	flag.IntVar(&requestQueueLen, "request-queue", requestQueueLen, "Queue length for incoming test requests")
-	flag.IntVar(&requestProcessors, "request-processors", requestProcessors, "Number of request processor routines")
-	flag.StringVar(&geoipLicenseKey, "geoip-license-key", geoipLicenseKey, "License key for GeoIP database")
-	flag.IntVar(&maxRelaysReturned, "max-relays-returned", maxRelaysReturned, "Maximum number of relays returned for a normal endpoint query")
-
-	flag.Parse()
-
-	requests = make(chan request, requestQueueLen)
-	geoip, err := geoip.NewGeoLite2CityProvider(context.Background(), geoipAccountID, geoipLicenseKey, os.TempDir())
-	if err != nil {
-		log.Fatalln("Failed to create GeoIP provider:", err)
-	}
-	go geoip.Serve(context.TODO())
-
-	var listener net.Listener
-
-	if permRelaysFile != "" {
-		permanentRelays = loadRelays(permRelaysFile, geoip)
-	}
-
-	testCert = createTestCertificate()
-
-	for range requestProcessors {
-		go requestProcessor(geoip)
-	}
-
-	// Load relays from cache in the background.
-	// Load them in a serial fashion to make sure any genuine requests
-	// are not dropped.
-	go func() {
-		for _, relay := range loadRelays(knownRelaysFile, geoip) {
-			resultChan := make(chan result)
-			requests <- request{relay, resultChan, nil}
-			result := <-resultChan
-			if result.err != nil {
-				relayTestsTotal.WithLabelValues("failed").Inc()
-			} else {
-				relayTestsTotal.WithLabelValues("success").Inc()
-			}
-		}
-		// Run the stats refresher once the relays are loaded.
-		statsRefresher(statsRefresh)
-	}()
-
-	if dir != "" {
-		if debug {
-			log.Println("Starting TLS listener on", listen)
-		}
-		certFile, keyFile := filepath.Join(dir, "http-cert.pem"), filepath.Join(dir, "http-key.pem")
-		var cert tls.Certificate
-		cert, err = tls.LoadX509KeyPair(certFile, keyFile)
-		if err != nil {
-			log.Fatalln("Failed to load HTTP X509 key pair:", err)
-		}
-
-		tlsCfg := &tls.Config{
-			Certificates: []tls.Certificate{cert},
-			MinVersion:   tls.VersionTLS10, // No SSLv3
-			ClientAuth:   tls.RequestClientCert,
-			CipherSuites: []uint16{
-				// No RC4
-				tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-				tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-				tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-				tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-				tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-				tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-				tls.TLS_RSA_WITH_AES_128_CBC_SHA,
-				tls.TLS_RSA_WITH_AES_256_CBC_SHA,
-				tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-				tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
-			},
-		}
-
-		listener, err = tls.Listen(proto, listen, tlsCfg)
-	} else {
-		if debug {
-			log.Println("Starting plain listener on", listen)
-		}
-		listener, err = net.Listen(proto, listen)
-	}
-
-	if err != nil {
-		log.Fatalln("listen:", err)
-	}
-
-	if metricsListen != "" {
-		mmux := http.NewServeMux()
-		mmux.HandleFunc("/metrics", handleMetrics)
-		go func() {
-			if err := http.ListenAndServe(metricsListen, mmux); err != nil {
-				log.Fatalln("HTTP serve metrics:", err)
-			}
-		}()
-	}
-
-	getMux := http.NewServeMux()
-	getMux.HandleFunc("/", handleAssets)
-	getMux.HandleFunc("/endpoint", withAPIMetrics(handleEndpointShort))
-	getMux.HandleFunc("/endpoint/full", withAPIMetrics(handleEndpointFull))
-
-	postMux := http.NewServeMux()
-	postMux.HandleFunc("/endpoint", withAPIMetrics(handleRegister))
-
-	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		switch r.Method {
-		case http.MethodGet, http.MethodHead, http.MethodOptions:
-			getMux.ServeHTTP(w, r)
-		case http.MethodPost:
-			postMux.ServeHTTP(w, r)
-		default:
-			http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
-		}
-	})
-
-	srv := http.Server{
-		Handler:     handler,
-		ReadTimeout: 10 * time.Second,
-	}
-	srv.SetKeepAlivesEnabled(false)
-
-	err = srv.Serve(listener)
-	if err != nil {
-		log.Fatalln("serve:", err)
-	}
-}
-
-func handleMetrics(w http.ResponseWriter, r *http.Request) {
-	timer := prometheus.NewTimer(metricsRequestsSeconds)
-	// Acquire the mutex just to make sure we're not caught mid-way stats collection
-	mut.RLock()
-	promhttp.Handler().ServeHTTP(w, r)
-	mut.RUnlock()
-	timer.ObserveDuration()
-}
-
-func handleAssets(w http.ResponseWriter, r *http.Request) {
-	w.Header().Set("Cache-Control", "no-cache, must-revalidate")
-
-	path := r.URL.Path[1:]
-	if path == "" {
-		path = "index.html"
-	}
-
-	as, ok := auto.Assets()[path]
-	if !ok {
-		w.WriteHeader(http.StatusNotFound)
-		return
-	}
-
-	assets.Serve(w, r, as)
-}
-
-func withAPIMetrics(next http.HandlerFunc) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-		timer := prometheus.NewTimer(apiRequestsSeconds.WithLabelValues(r.Method))
-		w = NewLoggingResponseWriter(w)
-		defer func() {
-			timer.ObserveDuration()
-			lw := w.(*loggingResponseWriter)
-			apiRequestsTotal.WithLabelValues(r.Method, strconv.Itoa(lw.statusCode)).Inc()
-		}()
-		next(w, r)
-	}
-}
-
-// handleEndpointFull returns the relay list with full metadata and
-// statistics. Large, and expensive.
-func handleEndpointFull(rw http.ResponseWriter, r *http.Request) {
-	rw.Header().Set("Content-Type", "application/json; charset=utf-8")
-	rw.Header().Set("Access-Control-Allow-Origin", "*")
-
-	mut.RLock()
-	relays := make([]*relay, len(permanentRelays)+len(knownRelays))
-	n := copy(relays, permanentRelays)
-	copy(relays[n:], knownRelays)
-	mut.RUnlock()
-
-	_ = json.NewEncoder(rw).Encode(map[string][]*relay{
-		"relays": relays,
-	})
-}
-
-// handleEndpointShort returns the relay list with only the URL.
-func handleEndpointShort(rw http.ResponseWriter, r *http.Request) {
-	rw.Header().Set("Content-Type", "application/json; charset=utf-8")
-	rw.Header().Set("Access-Control-Allow-Origin", "*")
-
-	mut.RLock()
-	relays := make([]relayShort, 0, len(permanentRelays)+len(knownRelays))
-	for _, r := range append(permanentRelays, knownRelays...) {
-		relays = append(relays, relayShort{URL: slimURL(r.URL)})
-	}
-	mut.RUnlock()
-	if len(relays) > maxRelaysReturned {
-		rand.Shuffle(relays)
-		relays = relays[:maxRelaysReturned]
-	}
-
-	_ = json.NewEncoder(rw).Encode(map[string][]relayShort{
-		"relays": relays,
-	})
-}
-
-func handleRegister(w http.ResponseWriter, r *http.Request) {
-	// Get the IP address of the client
-	rhost := r.RemoteAddr
-	if ipHeader != "" {
-		hdr := r.Header.Get(ipHeader)
-		fields := strings.Split(hdr, ",")
-		if len(fields) > 0 {
-			rhost = strings.TrimSpace(fields[len(fields)-1])
-		}
-	}
-	if host, _, err := net.SplitHostPort(rhost); err == nil {
-		rhost = host
-	}
-
-	// Check the black list. A client is blacklisted if their last 10
-	// attempts to join have all failed. The "Unauthorized" status return
-	// causes strelaysrv to cease attempting to join.
-	if globalBlocklist.IsBlocked(rhost) {
-		log.Println("Rejected blocked client", rhost)
-		http.Error(w, "Too many errors", http.StatusUnauthorized)
-		globalBlocklist.ClearErrors(rhost)
-		return
-	}
-
-	var relayCert *x509.Certificate
-	if r.TLS != nil && len(r.TLS.PeerCertificates) > 0 {
-		relayCert = r.TLS.PeerCertificates[0]
-		log.Printf("Got TLS cert from relay server")
-	}
-
-	var newRelay relay
-	err := json.NewDecoder(r.Body).Decode(&newRelay)
-	r.Body.Close()
-
-	if err != nil {
-		if debug {
-			log.Println("Failed to parse payload")
-		}
-		http.Error(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	uri, err := url.Parse(newRelay.URL)
-	if err != nil {
-		if debug {
-			log.Println("Failed to parse URI", newRelay.URL)
-		}
-		http.Error(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	// Canonicalize the URL. In particular, parse and re-encode the query
-	// string so that it's guaranteed to be valid.
-	uri.RawQuery = uri.Query().Encode()
-	newRelay.URL = uri.String()
-
-	if relayCert != nil {
-		advertisedId := uri.Query().Get("id")
-		idFromCert := protocol.NewDeviceID(relayCert.Raw).String()
-		if advertisedId != idFromCert {
-			log.Println("Warning: Relay server requested to join with an ID different from the join request, rejecting")
-			http.Error(w, "mismatched advertised id and join request cert", http.StatusBadRequest)
-			return
-		}
-	}
-
-	host, port, err := net.SplitHostPort(uri.Host)
-	if err != nil {
-		if debug {
-			log.Println("Failed to split URI", newRelay.URL)
-		}
-		http.Error(w, err.Error(), http.StatusBadRequest)
-		return
-	}
-
-	ip := net.ParseIP(host)
-	// The client did not provide an IP address, use the IP address of the client.
-	if ip == nil || ip.IsUnspecified() {
-		uri.Host = net.JoinHostPort(rhost, port)
-		newRelay.URL = uri.String()
-	} else if host != rhost && relayCert == nil {
-		if debug {
-			log.Println("IP address advertised does not match client IP address", r.RemoteAddr, uri)
-		}
-		http.Error(w, fmt.Sprintf("IP advertised %s does not match client IP %s", host, rhost), http.StatusUnauthorized)
-		return
-	}
-
-	newRelay.uri = uri
-
-	for _, current := range permanentRelays {
-		if current.uri.Host == newRelay.uri.Host {
-			if debug {
-				log.Println("Asked to add a relay", newRelay, "which exists in permanent list")
-			}
-			http.Error(w, "Invalid request", http.StatusBadRequest)
-			return
-		}
-	}
-
-	reschan := make(chan result)
-
-	select {
-	case requests <- request{&newRelay, reschan, prometheus.NewTimer(relayTestActionsSeconds.WithLabelValues("queue"))}:
-		result := <-reschan
-		if result.err != nil {
-			log.Println("Join from", r.RemoteAddr, "failed:", result.err)
-			globalBlocklist.AddError(rhost)
-			relayTestsTotal.WithLabelValues("failed").Inc()
-			http.Error(w, result.err.Error(), http.StatusBadRequest)
-			return
-		}
-		log.Println("Join from", r.RemoteAddr, "succeeded")
-		globalBlocklist.ClearErrors(rhost)
-		relayTestsTotal.WithLabelValues("success").Inc()
-		w.Header().Set("Content-Type", "application/json; charset=utf-8")
-		json.NewEncoder(w).Encode(map[string]time.Duration{
-			"evictionIn": result.eviction,
-		})
-
-	default:
-		relayTestsTotal.WithLabelValues("dropped").Inc()
-		if debug {
-			log.Println("Dropping request")
-		}
-		w.WriteHeader(httpStatusEnhanceYourCalm)
-	}
-}
-
-func requestProcessor(geoip *geoip.Provider) {
-	for request := range requests {
-		if request.queueTimer != nil {
-			request.queueTimer.ObserveDuration()
-		}
-
-		timer := prometheus.NewTimer(relayTestActionsSeconds.WithLabelValues("test"))
-		handleRelayTest(request, geoip)
-		timer.ObserveDuration()
-	}
-}
-
-func handleRelayTest(request request, geoip *geoip.Provider) {
-	if debug {
-		log.Println("Request for", request.relay)
-	}
-	if err := client.TestRelay(context.TODO(), request.relay.uri, []tls.Certificate{testCert}, time.Second, 2*time.Second, 3); err != nil {
-		if debug {
-			log.Println("Test for relay", request.relay, "failed:", err)
-		}
-		request.result <- result{err, 0}
-		return
-	}
-
-	stats := fetchStats(request.relay)
-	location := getLocation(request.relay.uri.Host, geoip)
-
-	mut.Lock()
-	if stats != nil {
-		updateMetrics(request.relay.uri.Host, *stats, location)
-	}
-	request.relay.Stats = stats
-	request.relay.StatsRetrieved = time.Now().Truncate(time.Second)
-	request.relay.Location = location
-
-	timer, ok := evictionTimers[request.relay.uri.Host]
-	if ok {
-		if debug {
-			log.Println("Stopping existing timer for", request.relay)
-		}
-		timer.Stop()
-	}
-
-	for i, current := range knownRelays {
-		if current.uri.Host == request.relay.uri.Host {
-			if debug {
-				log.Println("Relay", request.relay, "already exists")
-			}
-
-			// Evict the old entry anyway, as configuration might have changed.
-			last := len(knownRelays) - 1
-			knownRelays[i] = knownRelays[last]
-			knownRelays = knownRelays[:last]
-
-			goto found
-		}
-	}
-
-	if debug {
-		log.Println("Adding new relay", request.relay)
-	}
-
-found:
-
-	knownRelays = append(knownRelays, request.relay)
-	evictionTimers[request.relay.uri.Host] = time.AfterFunc(evictionTime, evict(request.relay))
-
-	mut.Unlock()
-
-	if err := saveRelays(knownRelaysFile, knownRelays); err != nil {
-		log.Println("Failed to write known relays: " + err.Error())
-	}
-
-	request.result <- result{nil, evictionTime}
-}
-
-func evict(relay *relay) func() {
-	return func() {
-		mut.Lock()
-		defer mut.Unlock()
-		if debug {
-			log.Println("Evicting", relay)
-		}
-		for i, current := range knownRelays {
-			if current.uri.Host == relay.uri.Host {
-				if debug {
-					log.Println("Evicted", relay)
-				}
-				last := len(knownRelays) - 1
-				knownRelays[i] = knownRelays[last]
-				knownRelays = knownRelays[:last]
-				deleteMetrics(current.uri.Host)
-			}
-		}
-		delete(evictionTimers, relay.uri.Host)
-	}
-}
-
-func loadRelays(file string, geoip *geoip.Provider) []*relay {
-	content, err := os.ReadFile(file)
-	if err != nil {
-		log.Println("Failed to load relays: " + err.Error())
-		return nil
-	}
-
-	var relays []*relay
-	for _, line := range strings.Split(string(content), "\n") {
-		if line == "" {
-			continue
-		}
-
-		uri, err := url.Parse(line)
-		if err != nil {
-			if debug {
-				log.Println("Skipping relay", line, "due to parse error", err)
-			}
-			continue
-
-		}
-
-		relays = append(relays, &relay{
-			URL:      line,
-			Location: getLocation(uri.Host, geoip),
-			uri:      uri,
-		})
-		if debug {
-			log.Println("Adding relay", line)
-		}
-	}
-	return relays
-}
-
-func saveRelays(file string, relays []*relay) error {
-	var content string
-	for _, relay := range relays {
-		content += relay.uri.String() + "\n"
-	}
-	return os.WriteFile(file, []byte(content), 0o777)
-}
-
-func createTestCertificate() tls.Certificate {
-	tmpDir, err := os.MkdirTemp("", "relaypoolsrv")
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	certFile, keyFile := filepath.Join(tmpDir, "cert.pem"), filepath.Join(tmpDir, "key.pem")
-	cert, err := tlsutil.NewCertificate(certFile, keyFile, "relaypoolsrv", 20*365, false)
-	if err != nil {
-		log.Fatalln("Failed to create test X509 key pair:", err)
-	}
-
-	return cert
-}
-
-func getLocation(host string, geoip *geoip.Provider) location {
-	timer := prometheus.NewTimer(locationLookupSeconds)
-	defer timer.ObserveDuration()
-
-	addr, err := net.ResolveTCPAddr("tcp", host)
-	if err != nil {
-		return location{}
-	}
-
-	city, err := geoip.City(addr.IP)
-	if err != nil {
-		return location{}
-	}
-
-	return location{
-		Longitude: city.Location.Longitude,
-		Latitude:  city.Location.Latitude,
-		City:      city.City.Names["en"],
-		Country:   city.Country.IsoCode,
-		Continent: city.Continent.Code,
-	}
-}
-
-type loggingResponseWriter struct {
-	http.ResponseWriter
-
-	statusCode int
-}
-
-func NewLoggingResponseWriter(w http.ResponseWriter) *loggingResponseWriter {
-	return &loggingResponseWriter{w, http.StatusOK}
-}
-
-func (lrw *loggingResponseWriter) WriteHeader(code int) {
-	lrw.statusCode = code
-	lrw.ResponseWriter.WriteHeader(code)
-}
-
-type errorTracker struct {
-	errors *lru.TwoQueueCache[string, *errorCounter]
-}
-
-type errorCounter struct {
-	count atomic.Int32
-}
-
-func newErrorTracker(size int) *errorTracker {
-	cache, err := lru.New2Q[string, *errorCounter](size)
-	if err != nil {
-		panic(err)
-	}
-	return &errorTracker{
-		errors: cache,
-	}
-}
-
-func (b *errorTracker) AddError(host string) {
-	entry, ok := b.errors.Get(host)
-	if !ok {
-		entry = &errorCounter{}
-		b.errors.Add(host, entry)
-	}
-	c := entry.count.Add(1)
-	log.Printf("Error count for %s is now %d", host, c)
-}
-
-func (b *errorTracker) ClearErrors(host string) {
-	b.errors.Remove(host)
-}
-
-func (b *errorTracker) IsBlocked(host string) bool {
-	if be, ok := b.errors.Get(host); ok {
-		return be.count.Load() > 10
-	}
-	return false
-}
-
-func slimURL(u string) string {
-	p, err := url.Parse(u)
-	if err != nil {
-		return u
-	}
-	newQuery := url.Values{}
-	if id := p.Query().Get("id"); id != "" {
-		newQuery.Set("id", id)
-	}
-	p.RawQuery = newQuery.Encode()
-	return p.String()
-}

cmd/infra/strelaypoolsrv/main_test.go

@@ -1,106 +0,0 @@
-// Copyright © 2020 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"bytes"
-	"encoding/json"
-	"fmt"
-	"net/http/httptest"
-	"net/url"
-	"strings"
-	"testing"
-)
-
-func init() {
-	for i := 0; i < 10; i++ {
-		u := fmt.Sprintf("permanent%d", i)
-		permanentRelays = append(permanentRelays, &relay{URL: u})
-	}
-
-	knownRelays = []*relay{
-		{URL: "known1"},
-		{URL: "known2"},
-		{URL: "known3"},
-	}
-}
-
-// Regression test: handleGetRequest should not modify permanentRelays.
-func TestHandleGetRequest(t *testing.T) {
-	needcap := len(permanentRelays) + len(knownRelays)
-	if needcap > cap(permanentRelays) {
-		t.Fatalf("test setup failed: need cap(permanentRelays) >= %d, have %d",
-			needcap, cap(permanentRelays))
-	}
-
-	w := httptest.NewRecorder()
-	w.Body = new(bytes.Buffer)
-	handleEndpointFull(w, httptest.NewRequest("GET", "/", nil))
-
-	result := make(map[string][]*relay)
-	err := json.NewDecoder(w.Body).Decode(&result)
-	if err != nil {
-		t.Fatalf("invalid JSON: %v", err)
-	}
-
-	relays := result["relays"]
-	expect, actual := len(knownRelays)+len(permanentRelays), len(relays)
-	if actual != expect {
-		t.Errorf("expected %d relays, got %d", expect, actual)
-	}
-
-	// Check for changes in permanentRelays.
-	for i, r := range permanentRelays {
-		switch {
-		case !strings.HasPrefix(r.URL, "permanent"):
-			t.Errorf("relay %q among permanent relays", r.URL)
-		case r.URL != fmt.Sprintf("permanent%d", i):
-			t.Error("order of permanent relays changed")
-		}
-	}
-}
-
-func TestCanonicalizeQueryValues(t *testing.T) {
-	// This just demonstrates and validates the uri.Parse/String stuff in
-	// regards to query strings.
-
-	in := "http://example.com/?some weird= query^value"
-	exp := "http://example.com/?some+weird=+query%5Evalue"
-
-	uri, err := url.Parse(in)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	str := uri.String()
-	if str != in {
-		// Just re-encoding the URL doesn't sanitize the query string.
-		t.Errorf("expected %q, got %q", in, str)
-	}
-
-	uri.RawQuery = uri.Query().Encode()
-	str = uri.String()
-	if str != exp {
-		// The query string is now in correct format.
-		t.Errorf("expected %q, got %q", exp, str)
-	}
-}
-
-func TestSlimURL(t *testing.T) {
-	cases := []struct {
-		in, out string
-	}{
-		{"http://example.com/", "http://example.com/"},
-		{"relay://192.0.2.42:22067/?globalLimitBps=0&id=EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M&networkTimeout=2m0s&pingInterval=1m0s&providedBy=Test&sessionLimitBps=0&statusAddr=%3A22070", "relay://192.0.2.42:22067/?id=EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M-EIC6B3M"},
-	}
-
-	for _, c := range cases {
-		if got := slimURL(c.in); got != c.out {
-			t.Errorf("expected %q, got %q", c.out, got)
-		}
-	}
-}

cmd/infra/strelaypoolsrv/stats.go

@@ -1,245 +0,0 @@
-// Copyright (C) 2018 Audrius Butkevicius and Contributors (see the CONTRIBUTORS file).
-
-package main
-
-import (
-	"encoding/json"
-	"net"
-	"net/http"
-	"sync"
-	"time"
-
-	"github.com/prometheus/client_golang/prometheus"
-)
-
-var (
-	statusClient = http.Client{
-		Timeout: 5 * time.Second,
-	}
-
-	apiRequestsTotal   = makeCounter("api_requests_total", "Number of API requests.", "type", "result")
-	apiRequestsSeconds = makeSummary("api_requests_seconds", "Latency of API requests.", "type")
-
-	relayTestsTotal         = makeCounter("tests_total", "Number of relay tests.", "result")
-	relayTestActionsSeconds = makeSummary("test_actions_seconds", "Latency of relay test actions.", "type")
-
-	locationLookupSeconds = makeSummary("location_lookup_seconds", "Latency of location lookups.").WithLabelValues()
-
-	metricsRequestsSeconds = makeSummary("metrics_requests_seconds", "Latency of metric requests.").WithLabelValues()
-	scrapeSeconds          = makeSummary("relay_scrape_seconds", "Latency of metric scrapes from remote relays.", "result")
-
-	relayUptime             = makeGauge("relay_uptime", "Uptime of relay", "relay")
-	relayPendingSessionKeys = makeGauge("relay_pending_session_keys", "Number of pending session keys (two keys per session, one per each side of the connection)", "relay")
-	relayActiveSessions     = makeGauge("relay_active_sessions", "Number of sessions that are happening, a session contains two parties", "relay")
-	relayConnections        = makeGauge("relay_connections", "Number of devices connected to the relay", "relay")
-	relayProxies            = makeGauge("relay_proxies", "Number of active proxy routines sending data between peers (two proxies per session, one for each way)", "relay")
-	relayBytesProxied       = makeGauge("relay_bytes_proxied", "Number of bytes proxied by the relay", "relay")
-	relayGoRoutines         = makeGauge("relay_go_routines", "Number of Go routines in the process", "relay")
-	relaySessionRate        = makeGauge("relay_session_rate", "Rate applied per session", "relay")
-	relayGlobalRate         = makeGauge("relay_global_rate", "Global rate applied on the whole relay", "relay")
-	relayBuildInfo          = makeGauge("relay_build_info", "Build information about a relay", "relay", "go_version", "go_os", "go_arch")
-	relayLocationInfo       = makeGauge("relay_location_info", "Location information about a relay", "relay", "city", "country", "continent")
-
-	lastStats = make(map[string]stats)
-)
-
-func makeGauge(name string, help string, labels ...string) *prometheus.GaugeVec {
-	gauge := prometheus.NewGaugeVec(
-		prometheus.GaugeOpts{
-			Namespace: "syncthing",
-			Subsystem: "relaypoolsrv",
-			Name:      name,
-			Help:      help,
-		},
-		labels,
-	)
-	prometheus.MustRegister(gauge)
-	return gauge
-}
-
-func makeSummary(name string, help string, labels ...string) *prometheus.SummaryVec {
-	summary := prometheus.NewSummaryVec(
-		prometheus.SummaryOpts{
-			Namespace:  "syncthing",
-			Subsystem:  "relaypoolsrv",
-			Name:       name,
-			Help:       help,
-			Objectives: map[float64]float64{0.5: 0.05, 0.9: 0.01, 0.99: 0.001},
-		},
-		labels,
-	)
-	prometheus.MustRegister(summary)
-	return summary
-}
-
-func makeCounter(name string, help string, labels ...string) *prometheus.CounterVec {
-	counter := prometheus.NewCounterVec(
-		prometheus.CounterOpts{
-			Namespace: "syncthing",
-			Subsystem: "relaypoolsrv",
-			Name:      name,
-			Help:      help,
-		},
-		labels,
-	)
-	prometheus.MustRegister(counter)
-	return counter
-}
-
-func statsRefresher(interval time.Duration) {
-	ticker := time.NewTicker(interval)
-	for range ticker.C {
-		refreshStats()
-	}
-}
-
-type statsFetchResult struct {
-	relay *relay
-	stats *stats
-}
-
-func refreshStats() {
-	mut.RLock()
-	relays := append(permanentRelays, knownRelays...)
-	mut.RUnlock()
-
-	now := time.Now()
-	var wg sync.WaitGroup
-
-	results := make(chan statsFetchResult, len(relays))
-	for _, rel := range relays {
-		wg.Add(1)
-		go func(rel *relay) {
-			t0 := time.Now()
-			stats := fetchStats(rel)
-			duration := time.Since(t0).Seconds()
-			result := "success"
-			if stats == nil {
-				result = "failed"
-			}
-			scrapeSeconds.WithLabelValues(result).Observe(duration)
-
-			results <- statsFetchResult{
-				relay: rel,
-				stats: fetchStats(rel),
-			}
-			wg.Done()
-		}(rel)
-	}
-
-	wg.Wait()
-	close(results)
-
-	mut.Lock()
-	relayBuildInfo.Reset()
-	relayLocationInfo.Reset()
-	for result := range results {
-		result.relay.StatsRetrieved = now
-		result.relay.Stats = result.stats
-		if result.stats == nil {
-			deleteMetrics(result.relay.uri.Host)
-		} else {
-			updateMetrics(result.relay.uri.Host, *result.stats, result.relay.Location)
-		}
-	}
-	mut.Unlock()
-}
-
-func fetchStats(relay *relay) *stats {
-	statusAddr := relay.uri.Query().Get("statusAddr")
-	if statusAddr == "" {
-		statusAddr = ":22070"
-	}
-
-	statusHost, statusPort, err := net.SplitHostPort(statusAddr)
-	if err != nil {
-		return nil
-	}
-
-	if statusHost == "" {
-		if host, _, err := net.SplitHostPort(relay.uri.Host); err != nil {
-			return nil
-		} else {
-			statusHost = host
-		}
-	}
-
-	url := "http://" + net.JoinHostPort(statusHost, statusPort) + "/status"
-
-	response, err := statusClient.Get(url)
-	if err != nil {
-		return nil
-	}
-
-	var stats stats
-
-	if err := json.NewDecoder(response.Body).Decode(&stats); err != nil {
-		return nil
-	}
-	return &stats
-}
-
-func updateMetrics(host string, stats stats, location location) {
-	if stats.GoVersion != "" || stats.GoOS != "" || stats.GoArch != "" {
-		relayBuildInfo.WithLabelValues(host, stats.GoVersion, stats.GoOS, stats.GoArch).Add(1)
-	}
-	if location.City != "" || location.Country != "" || location.Continent != "" {
-		relayLocationInfo.WithLabelValues(host, location.City, location.Country, location.Continent).Add(1)
-	}
-
-	if lastStat, ok := lastStats[host]; ok {
-		stats = mergeStats(stats, lastStat)
-	}
-
-	relayUptime.WithLabelValues(host).Set(float64(stats.UptimeSeconds))
-	relayPendingSessionKeys.WithLabelValues(host).Set(float64(stats.PendingSessionKeys))
-	relayActiveSessions.WithLabelValues(host).Set(float64(stats.ActiveSessions))
-	relayConnections.WithLabelValues(host).Set(float64(stats.Connections))
-	relayProxies.WithLabelValues(host).Set(float64(stats.Proxies))
-	relayBytesProxied.WithLabelValues(host).Set(float64(stats.BytesProxied))
-	relayGoRoutines.WithLabelValues(host).Set(float64(stats.GoRoutines))
-	relaySessionRate.WithLabelValues(host).Set(float64(stats.Options.SessionRate))
-	relayGlobalRate.WithLabelValues(host).Set(float64(stats.Options.GlobalRate))
-	lastStats[host] = stats
-}
-
-func deleteMetrics(host string) {
-	relayUptime.DeleteLabelValues(host)
-	relayPendingSessionKeys.DeleteLabelValues(host)
-	relayActiveSessions.DeleteLabelValues(host)
-	relayConnections.DeleteLabelValues(host)
-	relayProxies.DeleteLabelValues(host)
-	relayBytesProxied.DeleteLabelValues(host)
-	relayGoRoutines.DeleteLabelValues(host)
-	relaySessionRate.DeleteLabelValues(host)
-	relayGlobalRate.DeleteLabelValues(host)
-	delete(lastStats, host)
-}
-
-// Due to some unexplainable behaviour, some of the numbers sometimes travel slightly backwards (by less than 1%)
-// This happens between scrapes, which is 30s, so this can't be a race.
-// This causes prometheus to assume a "rate reset", hence causes phenomenal spikes.
-// One of the number that moves backwards is BytesProxied, which atomically increments a counter with numeric value
-// returned by net.Conn.Read(). I don't think that can return a negative value, so I have no idea what's going on.
-func mergeStats(new stats, old stats) stats {
-	new.UptimeSeconds = mergeValue(new.UptimeSeconds, old.UptimeSeconds)
-	new.PendingSessionKeys = mergeValue(new.PendingSessionKeys, old.PendingSessionKeys)
-	new.ActiveSessions = mergeValue(new.ActiveSessions, old.ActiveSessions)
-	new.Connections = mergeValue(new.Connections, old.Connections)
-	new.Proxies = mergeValue(new.Proxies, old.Proxies)
-	new.BytesProxied = mergeValue(new.BytesProxied, old.BytesProxied)
-	new.GoRoutines = mergeValue(new.GoRoutines, old.GoRoutines)
-	new.Options.SessionRate = mergeValue(new.Options.SessionRate, old.Options.SessionRate)
-	new.Options.GlobalRate = mergeValue(new.Options.GlobalRate, old.Options.GlobalRate)
-	return new
-}
-
-func mergeValue(new, old int) int {
-	if new >= old {
-		return new // normal increase
-	}
-	if float64(new) > 0.99*float64(old) {
-		return old // slight backward movement
-	}
-	return new // reset (relay restart)
-}

cmd/infra/strelaypoolsrv/stats_test.go

@@ -1,21 +0,0 @@
-// Copyright (C) 2015 Audrius Butkevicius and Contributors (see the CONTRIBUTORS file).
-
-package main
-
-import (
-	"testing"
-)
-
-func TestMerge(t *testing.T) {
-	if mergeValue(1001, 1000) != 1001 {
-		t.Error("the computer says no")
-	}
-
-	if mergeValue(999, 1000) != 1000 {
-		t.Error("the computer says no")
-	}
-
-	if mergeValue(1, 1000) != 1 {
-		t.Error("the computer says no")
-	}
-}

cmd/infra/stupgrades/main.go

@@ -1,375 +0,0 @@
-// Copyright (C) 2019 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"io"
-	"log/slog"
-	"net"
-	"net/http"
-	"os"
-	"regexp"
-	"sort"
-	"strconv"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/alecthomas/kong"
-	"github.com/prometheus/client_golang/prometheus/promhttp"
-	"github.com/syncthing/syncthing/internal/slogutil"
-	_ "github.com/syncthing/syncthing/lib/automaxprocs"
-	"github.com/syncthing/syncthing/lib/httpcache"
-	"github.com/syncthing/syncthing/lib/upgrade"
-)
-
-type cli struct {
-	Listen        string        `default:":8080" help:"Listen address"`
-	MetricsListen string        `default:":8082" help:"Listen address for metrics"`
-	URL           string        `short:"u" default:"https://api.github.com/repos/syncthing/syncthing/releases?per_page=25" help:"GitHub releases url"`
-	Forward       []string      `short:"f" help:"Forwarded pages, format: /path->https://example/com/url"`
-	CacheTime     time.Duration `default:"15m" help:"Cache time"`
-}
-
-func main() {
-	var params cli
-	kong.Parse(&params)
-	slog.SetDefault(slog.New(slog.NewTextHandler(os.Stdout, &slog.HandlerOptions{
-		Level: slog.LevelInfo,
-	})))
-
-	if err := server(&params); err != nil {
-		fmt.Printf("Error: %v\n", err)
-		os.Exit(1)
-	}
-}
-
-func server(params *cli) error {
-	if params.MetricsListen != "" {
-		mux := http.NewServeMux()
-		mux.Handle("/metrics", promhttp.Handler())
-		metricsListen, err := net.Listen("tcp", params.MetricsListen)
-		if err != nil {
-			return fmt.Errorf("metrics: %w", err)
-		}
-		slog.Info("Metrics listener started", slogutil.Address(params.MetricsListen))
-		go func() {
-			if err := http.Serve(metricsListen, mux); err != nil {
-				slog.Warn("Metrics server returned", slogutil.Error(err))
-			}
-		}()
-	}
-
-	cache := &cachedReleases{url: params.URL}
-	if err := cache.Update(context.Background()); err != nil {
-		return fmt.Errorf("initial cache update: %w", err)
-	} else {
-		slog.Info("Initial cache update done")
-	}
-
-	go func() {
-		for range time.NewTicker(params.CacheTime).C {
-			slog.Info("Refreshing cached releases", slogutil.URI(params.URL))
-			if err := cache.Update(context.Background()); err != nil {
-				slog.Error("Failed to refresh cached releases", slogutil.URI(params.URL), slogutil.Error(err))
-			}
-		}
-	}()
-
-	ghRels := &githubReleases{cache: cache}
-	mux := http.NewServeMux()
-	mux.HandleFunc("/ping", ghRels.servePing)
-	mux.HandleFunc("/meta.json", ghRels.serveReleases)
-
-	for _, fwd := range params.Forward {
-		path, url, ok := strings.Cut(fwd, "->")
-		if !ok {
-			return fmt.Errorf("invalid forward: %q", fwd)
-		}
-		slog.Info("Forwarding", "from", path, "to", url)
-		name := strings.ReplaceAll(path, "/", "_")
-		mux.Handle(path, httpcache.SinglePath(&proxy{name: name, url: url}, params.CacheTime))
-	}
-
-	srv := &http.Server{
-		Addr:         params.Listen,
-		Handler:      mux,
-		ReadTimeout:  5 * time.Second,
-		WriteTimeout: 10 * time.Second,
-	}
-	srv.SetKeepAlivesEnabled(false)
-
-	srvListener, err := net.Listen("tcp", params.Listen)
-	if err != nil {
-		return fmt.Errorf("listen: %w", err)
-	}
-	slog.Info("Main listener started", slogutil.Address(params.Listen))
-
-	return srv.Serve(srvListener)
-}
-
-type githubReleases struct {
-	cache *cachedReleases
-}
-
-func (p *githubReleases) servePing(w http.ResponseWriter, req *http.Request) {
-	rels := p.cache.Releases()
-
-	if len(rels) == 0 {
-		http.Error(w, "No releases available", http.StatusServiceUnavailable)
-		return
-	}
-
-	w.Header().Set("Syncthing-Num-Releases", strconv.Itoa(len(rels)))
-	w.WriteHeader(http.StatusOK)
-}
-
-func (p *githubReleases) serveReleases(w http.ResponseWriter, req *http.Request) {
-	rels := p.cache.Releases()
-
-	ua := req.Header.Get("User-Agent")
-	osv := req.Header.Get("Syncthing-Os-Version")
-	if ua != "" && osv != "" {
-		// We should determine the compatibility of the releases.
-		rels = filterForCompatibility(rels, ua, osv)
-	} else {
-		metricFilterCalls.WithLabelValues("no-ua-or-osversion").Inc()
-	}
-
-	rels = filterForLatest(rels)
-
-	w.Header().Set("Content-Type", "application/json; charset=utf-8")
-	w.Header().Set("Access-Control-Allow-Origin", "*")
-	w.Header().Set("Access-Control-Allow-Methods", "GET")
-	w.Header().Set("Cache-Control", "public, max-age=900")
-	w.Header().Set("Vary", "User-Agent, Syncthing-Os-Version")
-	_ = json.NewEncoder(w).Encode(rels)
-
-	metricUpgradeChecks.Inc()
-}
-
-type proxy struct {
-	name string
-	url  string
-}
-
-func (p *proxy) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	req, err := http.NewRequestWithContext(req.Context(), http.MethodGet, p.url, nil)
-	if err != nil {
-		metricHTTPRequests.WithLabelValues(p.name, "error").Inc()
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	resp, err := http.DefaultClient.Do(req)
-	if err != nil {
-		metricHTTPRequests.WithLabelValues(p.name, "error").Inc()
-		http.Error(w, err.Error(), http.StatusInternalServerError)
-		return
-	}
-	defer resp.Body.Close()
-	metricHTTPRequests.WithLabelValues(p.name, "success").Inc()
-
-	ct := resp.Header.Get("Content-Type")
-	w.Header().Set("Content-Type", ct)
-	if resp.StatusCode == http.StatusOK {
-		w.Header().Set("Cache-Control", "public, max-age=900")
-		w.Header().Set("Access-Control-Allow-Origin", "*")
-		w.Header().Set("Access-Control-Allow-Methods", "GET")
-	}
-	w.WriteHeader(resp.StatusCode)
-	if strings.HasPrefix(ct, "application/json") {
-		// Special JSON handling; clean it up a bit.
-		var v interface{}
-		if err := json.NewDecoder(resp.Body).Decode(&v); err != nil {
-			http.Error(w, err.Error(), http.StatusInternalServerError)
-			return
-		}
-		_ = json.NewEncoder(w).Encode(v)
-	} else {
-		_, _ = io.Copy(w, resp.Body)
-	}
-}
-
-// filterForLatest returns the latest stable and prerelease only. If the
-// stable version is newer (comes first in the list) there is no need to go
-// looking for a prerelease at all.
-func filterForLatest(rels []upgrade.Release) []upgrade.Release {
-	var filtered []upgrade.Release
-	havePre := make(map[string]bool)
-	haveStable := make(map[string]bool)
-	for _, rel := range rels {
-		major, _, _ := strings.Cut(rel.Tag, ".")
-		if !rel.Prerelease && !haveStable[major] {
-			// Remember the first non-pre for each major
-			filtered = append(filtered, rel)
-			haveStable[major] = true
-			continue
-		}
-		if rel.Prerelease && !havePre[major] && !haveStable[major] {
-			// We remember the first prerelease we find, unless we've
-			// already found a non-pre of the same major.
-			filtered = append(filtered, rel)
-			havePre[major] = true
-		}
-	}
-	return filtered
-}
-
-var userAgentOSArchExp = regexp.MustCompile(`^syncthing.*\(.+ (\w+)-(\w+)\)$`)
-
-func filterForCompatibility(rels []upgrade.Release, ua, osv string) []upgrade.Release {
-	osArch := userAgentOSArchExp.FindStringSubmatch(ua)
-	if len(osArch) != 3 {
-		metricFilterCalls.WithLabelValues("bad-os-arch").Inc()
-		return rels
-	}
-	os := osArch[1]
-
-	var filtered []upgrade.Release
-	for _, rel := range rels {
-		if rel.Compatibility == nil {
-			// No requirements means it's compatible with everything.
-			filtered = append(filtered, rel)
-			continue
-		}
-
-		req, ok := rel.Compatibility.Requirements[os]
-		if !ok {
-			// No entry for the current OS means it's compatible.
-			filtered = append(filtered, rel)
-			continue
-		}
-
-		if upgrade.CompareVersions(osv, req) >= 0 {
-			filtered = append(filtered, rel)
-			continue
-		}
-	}
-
-	if len(filtered) != len(rels) {
-		metricFilterCalls.WithLabelValues("filtered").Inc()
-	} else {
-		metricFilterCalls.WithLabelValues("unchanged").Inc()
-	}
-
-	return filtered
-}
-
-type cachedReleases struct {
-	url                  string
-	mut                  sync.RWMutex
-	current              []upgrade.Release
-	latestRel, latestPre string
-}
-
-func (c *cachedReleases) Releases() []upgrade.Release {
-	c.mut.RLock()
-	defer c.mut.RUnlock()
-	return c.current
-}
-
-func (c *cachedReleases) Update(ctx context.Context) error {
-	rels, err := fetchGithubReleases(ctx, c.url)
-	if err != nil {
-		return err
-	}
-	latestRel, latestPre := "", ""
-	for _, rel := range rels {
-		if !rel.Prerelease && latestRel == "" {
-			latestRel = rel.Tag
-		}
-		if rel.Prerelease && latestPre == "" {
-			latestPre = rel.Tag
-		}
-		if latestRel != "" && latestPre != "" {
-			break
-		}
-	}
-	c.mut.Lock()
-	c.current = rels
-	if latestRel != c.latestRel || latestPre != c.latestPre {
-		metricLatestReleaseInfo.DeleteLabelValues(c.latestRel, c.latestPre)
-		metricLatestReleaseInfo.WithLabelValues(latestRel, latestPre).Set(1)
-		c.latestRel = latestRel
-		c.latestPre = latestPre
-	}
-	c.mut.Unlock()
-	return nil
-}
-
-func fetchGithubReleases(ctx context.Context, url string) ([]upgrade.Release, error) {
-	req, err := http.NewRequestWithContext(context.TODO(), http.MethodGet, url, nil)
-	if err != nil {
-		metricHTTPRequests.WithLabelValues("github-releases", "error").Inc()
-		return nil, err
-	}
-	resp, err := http.DefaultClient.Do(req)
-	if err != nil {
-		metricHTTPRequests.WithLabelValues("github-releases", "error").Inc()
-		return nil, err
-	}
-	defer resp.Body.Close()
-	var rels []upgrade.Release
-	if err := json.NewDecoder(resp.Body).Decode(&rels); err != nil {
-		metricHTTPRequests.WithLabelValues("github-releases", "error").Inc()
-		return nil, err
-	}
-	metricHTTPRequests.WithLabelValues("github-releases", "success").Inc()
-
-	// Move the URL used for browser downloads to the URL field, and remove
-	// the browser URL field. This avoids going via the GitHub API for
-	// downloads, since Syncthing uses the URL field.
-	for _, rel := range rels {
-		for j, asset := range rel.Assets {
-			rel.Assets[j].URL = asset.BrowserURL
-			rel.Assets[j].BrowserURL = ""
-		}
-	}
-
-	addReleaseCompatibility(ctx, rels)
-
-	sort.Sort(upgrade.SortByRelease(rels))
-	return rels, nil
-}
-
-func addReleaseCompatibility(ctx context.Context, rels []upgrade.Release) {
-	for i := range rels {
-		rel := &rels[i]
-		for i, asset := range rel.Assets {
-			if asset.Name != "compat.json" {
-				continue
-			}
-
-			// Load compat.json into the Compatibility field
-			req, err := http.NewRequestWithContext(ctx, http.MethodGet, asset.URL, nil)
-			if err != nil {
-				metricHTTPRequests.WithLabelValues("compat-json", "error").Inc()
-				break
-			}
-			resp, err := http.DefaultClient.Do(req)
-			if err != nil {
-				metricHTTPRequests.WithLabelValues("compat-json", "error").Inc()
-				break
-			}
-			if resp.StatusCode != http.StatusOK {
-				metricHTTPRequests.WithLabelValues("compat-json", "error").Inc()
-				resp.Body.Close()
-				break
-			}
-			_ = json.NewDecoder(io.LimitReader(resp.Body, 10<<10)).Decode(&rel.Compatibility)
-			metricHTTPRequests.WithLabelValues("compat-json", "success").Inc()
-			resp.Body.Close()
-
-			// Remove compat.json from the asset list since it's been processed
-			rel.Assets = append(rel.Assets[:i], rel.Assets[i+1:]...)
-			break
-		}
-	}
-}

cmd/infra/stupgrades/metrics.go

@@ -1,36 +0,0 @@
-// Copyright (C) 2024 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/client_golang/prometheus/promauto"
-)
-
-var (
-	metricUpgradeChecks = promauto.NewCounter(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "upgrade",
-		Name:      "metadata_requests",
-	})
-	metricFilterCalls = promauto.NewCounterVec(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "upgrade",
-		Name:      "filter_calls",
-	}, []string{"result"})
-	metricHTTPRequests = promauto.NewCounterVec(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "upgrade",
-		Name:      "http_requests",
-	}, []string{"target", "result"})
-	metricLatestReleaseInfo = promauto.NewGaugeVec(prometheus.GaugeOpts{
-		Namespace: "syncthing",
-		Subsystem: "upgrade",
-		Name:      "latest_release_info",
-		Help:      "Release information",
-	}, []string{"latest_release", "latest_pre"})
-)

cmd/infra/ursrv/main.go

@@ -1,33 +0,0 @@
-// Copyright (C) 2023 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"log"
-	"log/slog"
-	"os"
-
-	"github.com/alecthomas/kong"
-	"github.com/syncthing/syncthing/cmd/infra/ursrv/serve"
-	_ "github.com/syncthing/syncthing/lib/automaxprocs"
-)
-
-type CLI struct {
-	Serve serve.CLI `cmd:"" default:""`
-}
-
-func main() {
-	slog.SetDefault(slog.New(slog.NewTextHandler(os.Stdout, &slog.HandlerOptions{
-		Level: slog.LevelInfo,
-	})))
-
-	var cli CLI
-	ctx := kong.Parse(&cli)
-	if err := ctx.Run(); err != nil {
-		log.Fatalf("%s: %v", ctx.Command(), err)
-	}
-}

cmd/infra/ursrv/serve/compiler_test.go

@@ -1,31 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package serve
-
-import "testing"
-
-func TestCompilerRe(t *testing.T) {
-	tests := [][3]string{
-		{`syncthing v0.11.0 (xgcc (Ubuntu 4.9.3-0ubuntu4) 4.9.3 linux-amd64 default) niklas@Niklas-Netbook 2015-04-26 13:15:08 UTC`, "xgcc (Ubuntu 4.9.3-0ubuntu4) 4.9.3", "niklas@Niklas-Netbook"},
-		{`syncthing v0.12.0-rc5 "Beryllium Bedbug" (go1.4.2 linux-arm android) unknown-user@Felix-T420 2015-10-22 18:32:15 UTC`, "go1.4.2", "unknown-user@Felix-T420"},
-		{`syncthing v0.13.0-beta.0+39-ge267bf3 "Copper Cockroach" (go1.4.2 linux-amd64) portage@slevermann.de 2016-01-20 08:41:52 UTC`, "go1.4.2", "portage@slevermann.de"},
-	}
-
-	for _, tc := range tests {
-		m := compilerRe.FindStringSubmatch(tc[0])
-		if len(m) != 3 {
-			t.Errorf("Regexp didn't match %q", tc[0])
-			continue
-		}
-		if m[1] != tc[1] {
-			t.Errorf("Compiler %q != %q", m[1], tc[1])
-		}
-		if m[2] != tc[2] {
-			t.Errorf("Builder %q != %q", m[2], tc[2])
-		}
-	}
-}

cmd/infra/ursrv/serve/metrics.go

@@ -1,61 +0,0 @@
-// Copyright (C) 2023 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package serve
-
-import (
-	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/client_golang/prometheus/promauto"
-)
-
-var (
-	metricReportsTotal = promauto.NewCounterVec(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "incoming_reports_total",
-	}, []string{"result"})
-	metricsCollectsTotal = promauto.NewCounter(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "collects_total",
-	})
-	metricsCollectSecondsTotal = promauto.NewCounter(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "collect_seconds_total",
-	})
-	metricsCollectSecondsLast = promauto.NewGauge(prometheus.GaugeOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "collect_seconds_last",
-	})
-	metricsRecalcsTotal = promauto.NewCounter(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "recalcs_total",
-	})
-	metricsRecalcSecondsTotal = promauto.NewCounter(prometheus.CounterOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "recalc_seconds_total",
-	})
-	metricsRecalcSecondsLast = promauto.NewGauge(prometheus.GaugeOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "recalc_seconds_last",
-	})
-	metricsWriteSecondsLast = promauto.NewGauge(prometheus.GaugeOpts{
-		Namespace: "syncthing",
-		Subsystem: "ursrv_v2",
-		Name:      "write_seconds_last",
-	})
-)
-
-func init() {
-	metricReportsTotal.WithLabelValues("fail")
-	metricReportsTotal.WithLabelValues("replace")
-	metricReportsTotal.WithLabelValues("accept")
-}

cmd/infra/ursrv/serve/prometheus.go

@@ -1,351 +0,0 @@
-// Copyright (C) 2024 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package serve
-
-import (
-	"context"
-	"fmt"
-	"log/slog"
-	"reflect"
-	"slices"
-	"strconv"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/prometheus/client_golang/prometheus"
-	"github.com/syncthing/syncthing/lib/ur/contract"
-)
-
-const namePrefix = "syncthing_usage_"
-
-type metricsSet struct {
-	srv *server
-
-	gauges         map[string]prometheus.Gauge
-	gaugeVecs      map[string]*prometheus.GaugeVec
-	gaugeVecLabels map[string][]string
-	summaries      map[string]*metricSummary
-
-	collectMut    sync.RWMutex
-	collectCutoff time.Duration
-}
-
-func newMetricsSet(srv *server) *metricsSet {
-	s := &metricsSet{
-		srv:            srv,
-		gauges:         make(map[string]prometheus.Gauge),
-		gaugeVecs:      make(map[string]*prometheus.GaugeVec),
-		gaugeVecLabels: make(map[string][]string),
-		summaries:      make(map[string]*metricSummary),
-		collectCutoff:  -24 * time.Hour,
-	}
-
-	var initForType func(reflect.Type)
-	initForType = func(t reflect.Type) {
-		for i := range t.NumField() {
-			field := t.Field(i)
-			if field.Type.Kind() == reflect.Struct {
-				initForType(field.Type)
-				continue
-			}
-			name, typ, label := fieldNameTypeLabel(field)
-			sname, labels := nameConstLabels(name)
-			switch typ {
-			case "gauge":
-				s.gauges[name] = prometheus.NewGauge(prometheus.GaugeOpts{
-					Name:        namePrefix + sname,
-					ConstLabels: labels,
-				})
-			case "summary":
-				s.summaries[name] = newMetricSummary(namePrefix+sname, nil, labels)
-			case "gaugeVec":
-				s.gaugeVecLabels[name] = append(s.gaugeVecLabels[name], label)
-			case "summaryVec":
-				s.summaries[name] = newMetricSummary(namePrefix+sname, []string{label}, labels)
-			}
-		}
-	}
-	initForType(reflect.ValueOf(contract.Report{}).Type())
-
-	for name, labels := range s.gaugeVecLabels {
-		s.gaugeVecs[name] = prometheus.NewGaugeVec(prometheus.GaugeOpts{
-			Name: namePrefix + name,
-		}, labels)
-	}
-
-	return s
-}
-
-func fieldNameTypeLabel(rf reflect.StructField) (string, string, string) {
-	metric := rf.Tag.Get("metric")
-	name, typ, ok := strings.Cut(metric, ",")
-	if !ok {
-		return "", "", ""
-	}
-	gv, label, ok := strings.Cut(typ, ":")
-	if ok {
-		typ = gv
-	}
-	return name, typ, label
-}
-
-func nameConstLabels(name string) (string, prometheus.Labels) {
-	if name == "-" {
-		return "", nil
-	}
-	name, labels, ok := strings.Cut(name, "{")
-	if !ok {
-		return name, nil
-	}
-	lls := strings.Split(labels[:len(labels)-1], ",")
-	m := make(map[string]string)
-	for _, l := range lls {
-		k, v, _ := strings.Cut(l, "=")
-		m[k] = v
-	}
-	return name, m
-}
-
-func (s *metricsSet) Serve(ctx context.Context) error {
-	s.recalc()
-
-	const recalcInterval = 5 * time.Minute
-	next := time.Until(time.Now().Truncate(recalcInterval).Add(recalcInterval))
-	recalcTimer := time.NewTimer(next)
-	defer recalcTimer.Stop()
-
-	for {
-		select {
-		case <-recalcTimer.C:
-			s.recalc()
-			next := time.Until(time.Now().Truncate(recalcInterval).Add(recalcInterval))
-			recalcTimer.Reset(next)
-		case <-ctx.Done():
-			return ctx.Err()
-		}
-	}
-}
-
-func (s *metricsSet) recalc() {
-	s.collectMut.Lock()
-	defer s.collectMut.Unlock()
-
-	t0 := time.Now()
-	defer func() {
-		dur := time.Since(t0)
-		slog.Info("Metrics recalculated", "d", dur.String())
-		metricsRecalcSecondsLast.Set(dur.Seconds())
-		metricsRecalcSecondsTotal.Add(dur.Seconds())
-		metricsRecalcsTotal.Inc()
-	}()
-
-	for _, g := range s.gauges {
-		g.Set(0)
-	}
-	for _, g := range s.gaugeVecs {
-		g.Reset()
-	}
-	for _, g := range s.summaries {
-		g.Reset()
-	}
-
-	cutoff := time.Now().Add(s.collectCutoff)
-	s.srv.reports.Range(func(key string, r *contract.Report) bool {
-		if s.collectCutoff < 0 && r.Received.Before(cutoff) {
-			s.srv.reports.Delete(key)
-			return true
-		}
-		s.addReport(r)
-		return true
-	})
-}
-
-func (s *metricsSet) addReport(r *contract.Report) {
-	gaugeVecs := make(map[string][]string)
-	s.addReportStruct(reflect.ValueOf(r).Elem(), gaugeVecs)
-	for name, lv := range gaugeVecs {
-		s.gaugeVecs[name].WithLabelValues(lv...).Add(1)
-	}
-}
-
-func (s *metricsSet) addReportStruct(v reflect.Value, gaugeVecs map[string][]string) {
-	t := v.Type()
-	for i := range v.NumField() {
-		field := v.Field(i)
-		if field.Kind() == reflect.Struct {
-			s.addReportStruct(field, gaugeVecs)
-			continue
-		}
-
-		name, typ, label := fieldNameTypeLabel(t.Field(i))
-		switch typ {
-		case "gauge":
-			switch v := field.Interface().(type) {
-			case int:
-				s.gauges[name].Add(float64(v))
-			case string:
-				s.gaugeVecs[name].WithLabelValues(v).Add(1)
-			case bool:
-				if v {
-					s.gauges[name].Add(1)
-				}
-			}
-		case "gaugeVec":
-			var labelValue string
-			switch v := field.Interface().(type) {
-			case string:
-				labelValue = v
-			case int:
-				labelValue = strconv.Itoa(v)
-			case map[string]int:
-				for k, v := range v {
-					labelValue = k
-					field.SetInt(int64(v))
-					break
-				}
-			}
-			if _, ok := gaugeVecs[name]; !ok {
-				gaugeVecs[name] = make([]string, len(s.gaugeVecLabels[name]))
-			}
-			for i, l := range s.gaugeVecLabels[name] {
-				if l == label {
-					gaugeVecs[name][i] = labelValue
-					break
-				}
-			}
-		case "summary", "summaryVec":
-			switch v := field.Interface().(type) {
-			case int:
-				s.summaries[name].Observe("", float64(v))
-			case float64:
-				s.summaries[name].Observe("", v)
-			case []int:
-				for _, v := range v {
-					s.summaries[name].Observe("", float64(v))
-				}
-			case map[string]int:
-				for k, v := range v {
-					if k == "" {
-						// avoid empty string labels as those are the sign
-						// of a non-vec summary
-						k = "unknown"
-					}
-					s.summaries[name].Observe(k, float64(v))
-				}
-			}
-		}
-	}
-}
-
-func (s *metricsSet) Describe(c chan<- *prometheus.Desc) {
-	for _, g := range s.gauges {
-		g.Describe(c)
-	}
-	for _, g := range s.gaugeVecs {
-		g.Describe(c)
-	}
-	for _, g := range s.summaries {
-		g.Describe(c)
-	}
-}
-
-func (s *metricsSet) Collect(c chan<- prometheus.Metric) {
-	s.collectMut.RLock()
-	defer s.collectMut.RUnlock()
-
-	t0 := time.Now()
-	defer func() {
-		dur := time.Since(t0).Seconds()
-		metricsCollectSecondsLast.Set(dur)
-		metricsCollectSecondsTotal.Add(dur)
-		metricsCollectsTotal.Inc()
-	}()
-
-	for _, g := range s.gauges {
-		c <- g
-	}
-	for _, g := range s.gaugeVecs {
-		g.Collect(c)
-	}
-	for _, g := range s.summaries {
-		g.Collect(c)
-	}
-}
-
-type metricSummary struct {
-	name   string
-	values map[string][]float64
-	zeroes map[string]int
-
-	qDesc     *prometheus.Desc
-	countDesc *prometheus.Desc
-	sumDesc   *prometheus.Desc
-	zDesc     *prometheus.Desc
-}
-
-func newMetricSummary(name string, labels []string, constLabels prometheus.Labels) *metricSummary {
-	return &metricSummary{
-		name:      name,
-		values:    make(map[string][]float64),
-		zeroes:    make(map[string]int),
-		qDesc:     prometheus.NewDesc(name, "", append(labels, "quantile"), constLabels),
-		countDesc: prometheus.NewDesc(name+"_nonzero_count", "", labels, constLabels),
-		sumDesc:   prometheus.NewDesc(name+"_sum", "", labels, constLabels),
-		zDesc:     prometheus.NewDesc(name+"_zero_count", "", labels, constLabels),
-	}
-}
-
-func (q *metricSummary) Observe(labelValue string, v float64) {
-	if v == 0 {
-		q.zeroes[labelValue]++
-		return
-	}
-	q.values[labelValue] = append(q.values[labelValue], v)
-}
-
-func (q *metricSummary) Describe(c chan<- *prometheus.Desc) {
-	c <- q.qDesc
-	c <- q.countDesc
-	c <- q.sumDesc
-	c <- q.zDesc
-}
-
-func (q *metricSummary) Collect(c chan<- prometheus.Metric) {
-	for lv, vs := range q.values {
-		var labelVals []string
-		if lv != "" {
-			labelVals = []string{lv}
-		}
-
-		c <- prometheus.MustNewConstMetric(q.countDesc, prometheus.GaugeValue, float64(len(vs)), labelVals...)
-		c <- prometheus.MustNewConstMetric(q.zDesc, prometheus.GaugeValue, float64(q.zeroes[lv]), labelVals...)
-
-		var sum float64
-		for _, v := range vs {
-			sum += v
-		}
-		c <- prometheus.MustNewConstMetric(q.sumDesc, prometheus.GaugeValue, sum, labelVals...)
-
-		if len(vs) == 0 {
-			return
-		}
-
-		slices.Sort(vs)
-
-		pctiles := []float64{0, 0.01, 0.025, 0.05, 0.1, 0.25, 0.5, 0.75, 0.9, 0.95, 0.975, 0.99, 1}
-		for _, pct := range pctiles {
-			idx := int(float64(len(vs)-1) * pct)
-			c <- prometheus.MustNewConstMetric(q.qDesc, prometheus.GaugeValue, vs[idx], append(labelVals, fmt.Sprint(pct))...)
-		}
-	}
-}
-
-func (q *metricSummary) Reset() {
-	clear(q.values)
-	clear(q.zeroes)
-}

cmd/infra/ursrv/serve/serve.go

@@ -1,444 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package serve
-
-import (
-	"bufio"
-	"compress/gzip"
-	"context"
-	"encoding/json"
-	"errors"
-	"fmt"
-	"io"
-	"log/slog"
-	"net"
-	"net/http"
-	_ "net/http/pprof"
-	"os"
-	"regexp"
-	"strings"
-	"time"
-
-	"github.com/prometheus/client_golang/prometheus"
-	"github.com/prometheus/client_golang/prometheus/promhttp"
-	"github.com/puzpuzpuz/xsync/v3"
-	"github.com/syncthing/syncthing/internal/blob"
-	"github.com/syncthing/syncthing/internal/blob/azureblob"
-	"github.com/syncthing/syncthing/internal/blob/s3"
-	"github.com/syncthing/syncthing/internal/slogutil"
-	"github.com/syncthing/syncthing/lib/build"
-	"github.com/syncthing/syncthing/lib/geoip"
-	"github.com/syncthing/syncthing/lib/ur/contract"
-	"github.com/thejerf/suture/v4"
-)
-
-type CLI struct {
-	Listen          string        `env:"UR_LISTEN" help:"Usage reporting & metrics endpoint listen address" default:"0.0.0.0:8080"`
-	ListenInternal  string        `env:"UR_LISTEN_INTERNAL" help:"Internal metrics endpoint listen address" default:"0.0.0.0:8082"`
-	GeoIPLicenseKey string        `env:"UR_GEOIP_LICENSE_KEY"`
-	GeoIPAccountID  int           `env:"UR_GEOIP_ACCOUNT_ID"`
-	DumpFile        string        `env:"UR_DUMP_FILE" default:"reports.jsons.gz"`
-	DumpInterval    time.Duration `env:"UR_DUMP_INTERVAL" default:"5m"`
-
-	S3Endpoint    string `name:"s3-endpoint" env:"UR_S3_ENDPOINT"`
-	S3Region      string `name:"s3-region" env:"UR_S3_REGION"`
-	S3Bucket      string `name:"s3-bucket" env:"UR_S3_BUCKET"`
-	S3AccessKeyID string `name:"s3-access-key-id" env:"UR_S3_ACCESS_KEY_ID"`
-	S3SecretKey   string `name:"s3-secret-key" env:"UR_S3_SECRET_KEY"`
-
-	AzureBlobAccount   string `name:"azure-blob-account" env:"UR_AZUREBLOB_ACCOUNT"`
-	AzureBlobKey       string `name:"azure-blob-key" env:"UR_AZUREBLOB_KEY"`
-	AzureBlobContainer string `name:"azure-blob-container" env:"UR_AZUREBLOB_CONTAINER"`
-}
-
-var (
-	compilerRe         = regexp.MustCompile(`\(([A-Za-z0-9()., -]+) \w+-\w+(?:| android| default)\) ([\w@.-]+)`)
-	knownDistributions = []distributionMatch{
-		// Maps well known builders to the official distribution method that
-		// they represent
-
-		{regexp.MustCompile(`\steamcity@build\.syncthing\.net`), "GitHub"},
-		{regexp.MustCompile(`\sjenkins@build\.syncthing\.net`), "GitHub"},
-		{regexp.MustCompile(`\sbuilder@github\.syncthing\.net`), "GitHub"},
-
-		{regexp.MustCompile(`\sdeb@build\.syncthing\.net`), "APT"},
-		{regexp.MustCompile(`\sdebian@github\.syncthing\.net`), "APT"},
-
-		{regexp.MustCompile(`\sdocker@syncthing\.net`), "Docker Hub"},
-		{regexp.MustCompile(`\sdocker@build.syncthing\.net`), "Docker Hub"},
-		{regexp.MustCompile(`\sdocker@github.syncthing\.net`), "Docker Hub"},
-
-		{regexp.MustCompile(`\sandroid-builder@github\.syncthing\.net`), "Google Play"},
-		{regexp.MustCompile(`\sandroid-.*teamcity@build\.syncthing\.net`), "Google Play"},
-
-		{regexp.MustCompile(`\sandroid-.*vagrant@basebox-stretch64`), "F-Droid"},
-		{regexp.MustCompile(`\svagrant@bullseye`), "F-Droid"},
-		{regexp.MustCompile(`\svagrant@bookworm`), "F-Droid"},
-
-		{regexp.MustCompile(`\sreproducible-build@Catfriend1-syncthing-android`), "Syncthing-Fork Catfriend1 (3rd party)"},
-		{regexp.MustCompile(`\sreproducible-build@nel0x-syncthing-android-gplay`), "Syncthing-Fork nel0x (3rd party)"},
-
-		{regexp.MustCompile(`\sbuilduser@(archlinux|svetlemodry)`), "Arch (3rd party)"},
-		{regexp.MustCompile(`\ssyncthing@archlinux`), "Arch (3rd party)"},
-		{regexp.MustCompile(`@debian`), "Debian (3rd party)"},
-		{regexp.MustCompile(`@fedora`), "Fedora (3rd party)"},
-		{regexp.MustCompile(`@openSUSE`), "openSUSE (3rd party)"},
-		{regexp.MustCompile(`\sbrew@`), "Homebrew (3rd party)"},
-		{regexp.MustCompile(`\sroot@buildkitsandbox`), "LinuxServer.io (3rd party)"},
-		{regexp.MustCompile(`\sports@freebsd`), "FreeBSD (3rd party)"},
-		{regexp.MustCompile(`\snix@nix`), "Nix (3rd party)"},
-		{regexp.MustCompile(`.`), "Others"},
-	}
-)
-
-type distributionMatch struct {
-	matcher      *regexp.Regexp
-	distribution string
-}
-
-func (cli *CLI) Run() error {
-	slog.Info("Starting", "version", build.Version)
-
-	// Listening
-
-	urListener, err := net.Listen("tcp", cli.Listen)
-	if err != nil {
-		slog.Error("Failed to listen (usage reports)", slogutil.Error(err))
-		return err
-	}
-	slog.Info("Listening (usage reports)", slogutil.Address(urListener.Addr()))
-
-	internalListener, err := net.Listen("tcp", cli.ListenInternal)
-	if err != nil {
-		slog.Error("Failed to listen (internal)", slogutil.Error(err))
-		return err
-	}
-	slog.Info("Listening (internal)", slogutil.Address(internalListener.Addr()))
-
-	var geo *geoip.Provider
-	if cli.GeoIPAccountID != 0 && cli.GeoIPLicenseKey != "" {
-		geo, err = geoip.NewGeoLite2CityProvider(context.Background(), cli.GeoIPAccountID, cli.GeoIPLicenseKey, os.TempDir())
-		if err != nil {
-			slog.Error("Failed to load GeoIP", slogutil.Error(err))
-			return err
-		}
-		go geo.Serve(context.TODO())
-	}
-
-	// Blob storage
-
-	var blobs blob.Store
-	if cli.S3Endpoint != "" {
-		blobs, err = s3.NewSession(cli.S3Endpoint, cli.S3Region, cli.S3Bucket, cli.S3AccessKeyID, cli.S3SecretKey)
-		if err != nil {
-			slog.Error("Failed to create S3 session", slogutil.Error(err))
-			return err
-		}
-	} else if cli.AzureBlobAccount != "" {
-		blobs, err = azureblob.NewBlobStore(cli.AzureBlobAccount, cli.AzureBlobKey, cli.AzureBlobContainer)
-		if err != nil {
-			slog.Error("Failed to create Azure blob store", slogutil.Error(err))
-			return err
-		}
-	}
-
-	if _, err := os.Stat(cli.DumpFile); err != nil && blobs != nil {
-		if err := cli.downloadDumpFile(blobs); err != nil {
-			slog.Error("Failed to download dump file", slogutil.Error(err))
-		}
-	}
-
-	// server
-
-	srv := &server{
-		geo:     geo,
-		reports: xsync.NewMapOf[string, *contract.Report](),
-	}
-
-	if fd, err := os.Open(cli.DumpFile); err == nil {
-		gr, err := gzip.NewReader(fd)
-		if err == nil {
-			srv.load(gr)
-		}
-		fd.Close()
-	}
-
-	go func() {
-		for range time.Tick(cli.DumpInterval) {
-			if err := cli.saveDumpFile(srv, blobs); err != nil {
-				slog.Error("Failed to write dump file", slogutil.Error(err))
-			}
-		}
-	}()
-
-	// The internal metrics endpoint just serves metrics about what the
-	// server is doing.
-
-	http.Handle("/metrics", promhttp.Handler())
-
-	internalSrv := http.Server{
-		ReadTimeout:  5 * time.Second,
-		WriteTimeout: 15 * time.Second,
-	}
-	go internalSrv.Serve(internalListener)
-
-	// New external metrics endpoint accepts reports from clients and serves
-	// aggregated usage reporting metrics.
-
-	main := suture.NewSimple("main")
-	main.ServeBackground(context.Background())
-
-	ms := newMetricsSet(srv)
-	main.Add(ms)
-
-	reg := prometheus.NewRegistry()
-	reg.MustRegister(ms)
-
-	mux := http.NewServeMux()
-	mux.Handle("/metrics", promhttp.HandlerFor(reg, promhttp.HandlerOpts{}))
-	mux.HandleFunc("/newdata", srv.handleNewData)
-	mux.HandleFunc("/ping", srv.handlePing)
-
-	metricsSrv := http.Server{
-		ReadTimeout:  5 * time.Second,
-		WriteTimeout: 60 * time.Second,
-		Handler:      mux,
-	}
-
-	slog.Info("Ready to serve")
-	return metricsSrv.Serve(urListener)
-}
-
-func (cli *CLI) downloadDumpFile(blobs blob.Store) error {
-	latestKey, err := blobs.LatestKey(context.Background())
-	if err != nil {
-		return fmt.Errorf("list latest S3 key: %w", err)
-	}
-	fd, err := os.Create(cli.DumpFile)
-	if err != nil {
-		return fmt.Errorf("create dump file: %w", err)
-	}
-	if err := blobs.Download(context.Background(), latestKey, fd); err != nil {
-		_ = fd.Close()
-		return fmt.Errorf("download dump file: %w", err)
-	}
-	if err := fd.Close(); err != nil {
-		return fmt.Errorf("close dump file: %w", err)
-	}
-	slog.Info("Dump file downloaded", "key", latestKey)
-	return nil
-}
-
-func (cli *CLI) saveDumpFile(srv *server, blobs blob.Store) error {
-	t0 := time.Now()
-	defer func() {
-		metricsWriteSecondsLast.Set(float64(time.Since(t0)))
-	}()
-
-	fd, err := os.Create(cli.DumpFile + ".tmp")
-	if err != nil {
-		return fmt.Errorf("creating dump file: %w", err)
-	}
-	gw := gzip.NewWriter(fd)
-	if err := srv.save(gw); err != nil {
-		return fmt.Errorf("saving dump file: %w", err)
-	}
-	if err := gw.Close(); err != nil {
-		fd.Close()
-		return fmt.Errorf("closing gzip writer: %w", err)
-	}
-	if err := fd.Close(); err != nil {
-		return fmt.Errorf("closing dump file: %w", err)
-	}
-	if err := os.Rename(cli.DumpFile+".tmp", cli.DumpFile); err != nil {
-		return fmt.Errorf("renaming dump file: %w", err)
-	}
-	slog.Info("Dump file saved", "d", time.Since(t0).String())
-
-	if blobs != nil {
-		t1 := time.Now()
-		key := fmt.Sprintf("reports-%s.jsons.gz", time.Now().UTC().Format("2006-01-02"))
-		fd, err := os.Open(cli.DumpFile)
-		if err != nil {
-			return fmt.Errorf("opening dump file: %w", err)
-		}
-		if err := blobs.Upload(context.Background(), key, fd); err != nil {
-			return fmt.Errorf("uploading dump file: %w", err)
-		}
-		_ = fd.Close()
-		slog.Info("Dump file uploaded", "d", time.Since(t1).String())
-	}
-
-	return nil
-}
-
-type server struct {
-	geo     *geoip.Provider
-	reports *xsync.MapOf[string, *contract.Report]
-}
-
-func (s *server) handlePing(w http.ResponseWriter, r *http.Request) {
-}
-
-func (s *server) handleNewData(w http.ResponseWriter, r *http.Request) {
-	result := "fail"
-	defer func() {
-		// result is "accept" (new report), "replace" (existing report) or
-		// "fail"
-		metricReportsTotal.WithLabelValues(result).Inc()
-	}()
-
-	defer r.Body.Close()
-
-	if r.Method != http.MethodPost {
-		http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
-		return
-	}
-
-	addr := r.Header.Get("X-Forwarded-For")
-	if addr != "" {
-		addr = strings.Split(addr, ", ")[0]
-	} else {
-		addr = r.RemoteAddr
-	}
-
-	if host, _, err := net.SplitHostPort(addr); err == nil {
-		addr = host
-	}
-
-	log := slog.With("addr", addr)
-
-	if net.ParseIP(addr) == nil {
-		addr = ""
-	}
-
-	var rep contract.Report
-
-	lr := &io.LimitedReader{R: r.Body, N: 40 * 1024}
-	bs, _ := io.ReadAll(lr)
-	if err := json.Unmarshal(bs, &rep); err != nil {
-		log.Error("Failed to decode JSON", slogutil.Error(err))
-		http.Error(w, "JSON Decode Error", http.StatusInternalServerError)
-		return
-	}
-
-	rep.Received = time.Now()
-	rep.Date = rep.Received.UTC().Format("20060102")
-	rep.Address = addr
-
-	if err := rep.Validate(); err != nil {
-		log.Error("Failed to validate report", slogutil.Error(err))
-		http.Error(w, "Validation Error", http.StatusInternalServerError)
-		return
-	}
-
-	if s.addReport(&rep) {
-		result = "replace"
-	} else {
-		result = "accept"
-	}
-}
-
-func (s *server) addReport(rep *contract.Report) bool {
-	if s.geo != nil {
-		if ip := net.ParseIP(rep.Address); ip != nil {
-			if city, err := s.geo.City(ip); err == nil {
-				rep.Country = city.Country.Names["en"]
-				rep.CountryCode = city.Country.IsoCode
-			}
-		}
-	}
-	if rep.Country == "" {
-		rep.Country = "Unknown"
-	}
-	if rep.CountryCode == "" {
-		rep.CountryCode = "ZZ"
-	}
-
-	rep.Version = transformVersion(rep.Version)
-	if strings.Contains(rep.Version, ".") {
-		split := strings.SplitN(rep.Version, ".", 3)
-		if len(split) == 3 {
-			rep.MajorVersion = strings.Join(split[:2], ".")
-		}
-	}
-	rep.OS, rep.Arch, _ = strings.Cut(rep.Platform, "-")
-
-	if m := compilerRe.FindStringSubmatch(rep.LongVersion); len(m) == 3 {
-		rep.Compiler = m[1]
-		rep.Builder = m[2]
-	}
-	for _, d := range knownDistributions {
-		if d.matcher.MatchString(rep.LongVersion) {
-			rep.Distribution = d.distribution
-			break
-		}
-	}
-	rep.DistDist = rep.Distribution
-	rep.DistOS = rep.OS
-	rep.DistArch = rep.Arch
-
-	if strings.HasPrefix(rep.Version, "v2.") {
-		rep.Database.ModernCSQLite = strings.Contains(rep.LongVersion, "modernc-sqlite")
-		rep.Database.MattnSQLite = !rep.Database.ModernCSQLite
-	} else {
-		rep.Database.LevelDB = true
-	}
-
-	_, loaded := s.reports.LoadAndStore(rep.UniqueID, rep)
-	return loaded
-}
-
-func (s *server) save(w io.Writer) error {
-	bw := bufio.NewWriter(w)
-	enc := json.NewEncoder(bw)
-	var err error
-	s.reports.Range(func(k string, v *contract.Report) bool {
-		err = enc.Encode(v)
-		return err == nil
-	})
-	if err != nil {
-		return err
-	}
-	return bw.Flush()
-}
-
-func (s *server) load(r io.Reader) {
-	t0 := time.Now()
-	dec := json.NewDecoder(r)
-	s.reports.Clear()
-	for {
-		var rep contract.Report
-		if err := dec.Decode(&rep); errors.Is(err, io.EOF) {
-			break
-		} else if err != nil {
-			slog.Error("Failed to load record", slogutil.Error(err))
-			break
-		}
-		s.addReport(&rep)
-	}
-	slog.Info("Loaded reports", "count", s.reports.Size(), "d", time.Since(t0).String())
-}
-
-var (
-	plusRe  = regexp.MustCompile(`(\+.*|[.-]dev\..*)$`)
-	plusStr = "-dev"
-)
-
-// transformVersion returns a version number formatted correctly, with all
-// development versions aggregated into one.
-func transformVersion(v string) string {
-	if v == "unknown-dev" {
-		return v
-	}
-	if !strings.HasPrefix(v, "v") {
-		v = "v" + v
-	}
-	v = plusRe.ReplaceAllString(v, plusStr)
-
-	return v
-}

cmd/stbench/main.go

@@ -0,0 +1,143 @@
+// Copyright (C) 2016 The Syncthing Authors.
+//
+// This Source Code Form is subject to the terms of the Mozilla Public
+// License, v. 2.0. If a copy of the MPL was not distributed with this file,
+// You can obtain one at http://mozilla.org/MPL/2.0/.
+
+// This doesn't build on Windows due to the Rusage stuff.
+
+// +build !windows
+
+package main
+
+import (
+	"flag"
+	"fmt"
+	"log"
+	"runtime"
+	"syscall"
+	"time"
+
+	"github.com/syncthing/syncthing/lib/rc"
+)
+
+var homeDir = "h1"
+var syncthingBin = "./bin/syncthing"
+var test = "scan"
+
+func main() {
+	flag.StringVar(&homeDir, "home", homeDir, "Home directory location")
+	flag.StringVar(&syncthingBin, "bin", syncthingBin, "Binary location")
+	flag.StringVar(&test, "test", test, "Test to run")
+	flag.Parse()
+
+	switch test {
+	case "scan":
+		// scan measures the resource usage required to perform the initial
+		// scan, without cleaning away the database first.
+		testScan()
+	}
+}
+
+// testScan starts a process and reports on the resource usage required to
+// perform the initial scan.
+func testScan() {
+	log.Println("Starting...")
+	p := rc.NewProcess("127.0.0.1:8081")
+	if err := p.Start(syncthingBin, "-home", homeDir, "-no-browser"); err != nil {
+		log.Println(err)
+		return
+	}
+	defer p.Stop()
+
+	wallTime := awaitScanComplete(p)
+
+	report(p, wallTime)
+}
+
+// awaitScanComplete waits for a folder to transition idle->scanning and
+// then scanning->idle and returns the time taken for the scan.
+func awaitScanComplete(p *rc.Process) time.Duration {
+	log.Println("Awaiting scan completion...")
+	var t0, t1 time.Time
+	lastEvent := 0
+loop:
+	for {
+		evs, err := p.Events(lastEvent)
+		if err != nil {
+			continue
+		}
+
+		for _, ev := range evs {
+			if ev.Type == "StateChanged" {
+				data := ev.Data.(map[string]interface{})
+				log.Println(ev)
+
+				if data["to"].(string) == "scanning" {
+					t0 = ev.Time
+					continue
+				}
+
+				if !t0.IsZero() && data["to"].(string) == "idle" {
+					t1 = ev.Time
+					break loop
+				}
+			}
+			lastEvent = ev.ID
+		}
+
+		time.Sleep(250 * time.Millisecond)
+	}
+
+	return t1.Sub(t0)
+}
+
+// report stops the given process and reports on it's resource usage in two
+// ways: human readable to stderr, and CSV to stdout.
+func report(p *rc.Process, wallTime time.Duration) {
+	sv, err := p.SystemVersion()
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	ss, err := p.SystemStatus()
+	if err != nil {
+		log.Println(err)
+		return
+	}
+
+	proc, err := p.Stop()
+	if err != nil {
+		return
+	}
+
+	rusage, ok := proc.SysUsage().(*syscall.Rusage)
+	if !ok {
+		return
+	}
+
+	log.Println("Version:", sv.Version)
+	log.Println("Alloc:", ss.Alloc/1024, "KiB")
+	log.Println("Sys:", ss.Sys/1024, "KiB")
+	log.Println("Goroutines:", ss.Goroutines)
+	log.Println("Wall time:", wallTime)
+	log.Println("Utime:", time.Duration(rusage.Utime.Nano()))
+	log.Println("Stime:", time.Duration(rusage.Stime.Nano()))
+	if runtime.GOOS == "darwin" {
+		// Darwin reports in bytes, Linux seems to report in KiB even
+		// though the manpage says otherwise.
+		rusage.Maxrss /= 1024
+	}
+	log.Println("MaxRSS:", rusage.Maxrss, "KiB")
+
+	fmt.Printf("%s,%d,%d,%d,%.02f,%.02f,%.02f,%d\n",
+		sv.Version,
+		ss.Alloc/1024,
+		ss.Sys/1024,
+		ss.Goroutines,
+		wallTime.Seconds(),
+		time.Duration(rusage.Utime.Nano()).Seconds(),
+		time.Duration(rusage.Stime.Nano()).Seconds(),
+		rusage.Maxrss)
+}

cmd/stcompdirs/main.go

@@ -2,12 +2,12 @@
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
+// You can obtain one at http://mozilla.org/MPL/2.0/.
 
 package main
 
 import (
-	"crypto/sha256"
+	"crypto/md5"
 	"errors"
 	"flag"
 	"fmt"
@@ -16,7 +16,7 @@ import (
 	"os"
 	"path/filepath"
 
-	_ "github.com/syncthing/syncthing/lib/automaxprocs"
+	"github.com/syncthing/syncthing/lib/symlinks"
 )
 
 func main() {
@@ -62,7 +62,7 @@ func compareDirectories(dirs ...string) error {
 				} else if res[i].name > res[0].name {
 					return fmt.Errorf("%s missing %v (present in %s)", dirs[i], res[0], dirs[0])
 				}
-				return fmt.Errorf("mismatch; %v (%s) != %v (%s)", res[i], dirs[i], res[0], dirs[0])
+				return fmt.Errorf("Mismatch; %v (%s) != %v (%s)", res[i], dirs[i], res[0], dirs[0])
 			}
 		}
 
@@ -76,7 +76,7 @@ type fileInfo struct {
 	name string
 	mode os.FileMode
 	mod  int64
-	hash [sha256.Size]byte
+	hash [16]byte
 }
 
 func (f fileInfo) String() string {
@@ -90,10 +90,10 @@ func startWalker(dir string, res chan<- fileInfo, abort <-chan struct{}) chan er
 		}
 
 		rn, _ := filepath.Rel(dir, path)
-		if rn == "." {
+		if rn == "." || rn == ".stfolder" {
 			return nil
 		}
-		if rn == ".stversions" || rn == ".stfolder" {
+		if rn == ".stversions" {
 			return filepath.SkipDir
 		}
 
@@ -104,11 +104,15 @@ func startWalker(dir string, res chan<- fileInfo, abort <-chan struct{}) chan er
 				mode: os.ModeSymlink,
 			}
 
-			tgt, err := os.Readlink(path)
+			tgt, _, err := symlinks.Read(path)
 			if err != nil {
 				return err
 			}
-			f.hash = sha256.Sum256([]byte(tgt))
+			h := md5.New()
+			h.Write([]byte(tgt))
+			hash := h.Sum(nil)
+
+			copy(f.hash[:], hash)
 		} else if info.IsDir() {
 			f = fileInfo{
 				name: rn,
@@ -121,7 +125,7 @@ func startWalker(dir string, res chan<- fileInfo, abort <-chan struct{}) chan er
 				mode: info.Mode(),
 				mod:  info.ModTime().Unix(),
 			}
-			sum, err := sha256file(path)
+			sum, err := md5file(path)
 			if err != nil {
 				return err
 			}
@@ -148,14 +152,14 @@ func startWalker(dir string, res chan<- fileInfo, abort <-chan struct{}) chan er
 	return errc
 }
 
-func sha256file(fname string) (hash [sha256.Size]byte, err error) {
+func md5file(fname string) (hash [16]byte, err error) {
 	f, err := os.Open(fname)
 	if err != nil {
 		return
 	}
 	defer f.Close()
 
-	h := sha256.New()
+	h := md5.New()
 	io.Copy(h, f)
 	hb := h.Sum(nil)
 	copy(hash[:], hb)

cmd/stdisco/main.go

@@ -2,23 +2,18 @@
 //
 // This Source Code Form is subject to the terms of the Mozilla Public
 // License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
+// You can obtain one at http://mozilla.org/MPL/2.0/.
 
 package main
 
 import (
-	"context"
+	"bytes"
 	"crypto/rand"
-	"encoding/binary"
 	"flag"
 	"log"
 	"strings"
 	"time"
 
-	"google.golang.org/protobuf/proto"
-
-	"github.com/syncthing/syncthing/internal/gen/discoproto"
-	_ "github.com/syncthing/syncthing/lib/automaxprocs"
 	"github.com/syncthing/syncthing/lib/beacon"
 	"github.com/syncthing/syncthing/lib/discover"
 	"github.com/syncthing/syncthing/lib/protocol"
@@ -49,19 +44,17 @@ func main() {
 	flag.Parse()
 
 	if fake {
-		log.Println("My ID:", myID)
+		log.Println("My ID:", protocol.DeviceIDFromBytes(myID))
 	}
 
-	ctx := context.Background()
-
-	runbeacon(ctx, beacon.NewMulticast(mc), fake)
-	runbeacon(ctx, beacon.NewBroadcast(bc), fake)
+	runbeacon(beacon.NewMulticast(mc), fake)
+	runbeacon(beacon.NewBroadcast(bc), fake)
 
 	select {}
 }
 
-func runbeacon(ctx context.Context, bc beacon.Interface, fake bool) {
-	go bc.Serve(ctx)
+func runbeacon(bc beacon.Interface, fake bool) {
+	go bc.Serve()
 	go recv(bc)
 	if fake {
 		go send(bc)
@@ -73,26 +66,24 @@ func recv(bc beacon.Interface) {
 	seen := make(map[string]bool)
 	for {
 		data, src := bc.Recv()
-		if m := binary.BigEndian.Uint32(data); m != discover.Magic {
-			log.Printf("Incorrect magic %x in announcement from %v", m, src)
-			continue
-		}
+		var ann discover.Announce
+		ann.UnmarshalXDR(data)
 
-		var ann discoproto.Announce
-		proto.Unmarshal(data[4:], &ann)
-
-		id, _ := protocol.DeviceIDFromBytes(ann.Id)
-		if id == myID {
+		if bytes.Equal(ann.This.ID, myID) {
 			// This is one of our own fake packets, don't print it.
 			continue
 		}
 
 		// Print announcement details for the first packet from a given
 		// device ID and source address, or if -all was given.
-		key := id.String() + src.String()
+		key := string(ann.This.ID) + src.String()
 		if all || !seen[key] {
 			log.Printf("Announcement from %v\n", src)
-			log.Printf(" %v at %s\n", id, strings.Join(ann.Addresses, ", "))
+			log.Printf(" %v at %s\n", protocol.DeviceIDFromBytes(ann.This.ID), strings.Join(addrStrs(ann.This), ", "))
+
+			for _, dev := range ann.Extra {
+				log.Printf(" %v at %s\n", protocol.DeviceIDFromBytes(dev.ID), strings.Join(addrStrs(dev), ", "))
+			}
 			seen[key] = true
 		}
 	}
@@ -100,11 +91,16 @@ func recv(bc beacon.Interface) {
 
 // sends fake discovery announcements once every second
 func send(bc beacon.Interface) {
-	ann := &discoproto.Announce{
-		Id:        myID[:],
-		Addresses: []string{"tcp://fake.example.com:12345"},
+	ann := discover.Announce{
+		Magic: discover.AnnouncementMagic,
+		This: discover.Device{
+			ID: myID,
+			Addresses: []discover.Address{
+				{URL: "tcp://fake.example.com:12345"},
+			},
+		},
 	}
-	bs, _ := proto.Marshal(ann)
+	bs, _ := ann.MarshalXDR()
 
 	for {
 		bc.Send(bs)
@@ -112,10 +108,19 @@ func send(bc beacon.Interface) {
 	}
 }
 
+// returns the list of address URLs
+func addrStrs(dev discover.Device) []string {
+	ss := make([]string, len(dev.Addresses))
+	for i, addr := range dev.Addresses {
+		ss[i] = addr.URL
+	}
+	return ss
+}
+
 // returns a random but recognizable device ID
-func randomDeviceID() protocol.DeviceID {
-	var id protocol.DeviceID
+func randomDeviceID() []byte {
+	var id [32]byte
 	copy(id[:], randomPrefix)
 	rand.Read(id[len(randomPrefix):])
-	return id
+	return id[:]
 }

cmd/stdiscosrv/README.md

@@ -1,10 +0,0 @@
-stdiscosrv
-==========
-
-This is the global discovery server for the `syncthing` project.
-
-Usage
------
-
-https://docs.syncthing.net/users/stdiscosrv.html
-

cmd/stdiscosrv/amqp.go

@@ -1,262 +0,0 @@
-// Copyright (C) 2024 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"context"
-	"fmt"
-	"io"
-	"log/slog"
-
-	amqp "github.com/rabbitmq/amqp091-go"
-	"github.com/thejerf/suture/v4"
-	"google.golang.org/protobuf/proto"
-
-	"github.com/syncthing/syncthing/internal/gen/discosrv"
-	"github.com/syncthing/syncthing/internal/protoutil"
-	"github.com/syncthing/syncthing/lib/protocol"
-)
-
-type amqpReplicator struct {
-	suture.Service
-
-	broker   string
-	sender   *amqpSender
-	receiver *amqpReceiver
-	outbox   chan *discosrv.ReplicationRecord
-}
-
-func newAMQPReplicator(broker, clientID string, db database) *amqpReplicator {
-	svc := suture.New("amqpReplicator", suture.Spec{PassThroughPanics: true})
-
-	sender := &amqpSender{
-		broker:   broker,
-		clientID: clientID,
-		outbox:   make(chan *discosrv.ReplicationRecord, replicationOutboxSize),
-	}
-	svc.Add(sender)
-
-	receiver := &amqpReceiver{
-		broker:   broker,
-		clientID: clientID,
-		db:       db,
-	}
-	svc.Add(receiver)
-
-	return &amqpReplicator{
-		Service:  svc,
-		broker:   broker,
-		sender:   sender,
-		receiver: receiver,
-		outbox:   make(chan *discosrv.ReplicationRecord, replicationOutboxSize),
-	}
-}
-
-func (s *amqpReplicator) send(key *protocol.DeviceID, ps []*discosrv.DatabaseAddress, seen int64) {
-	s.sender.send(key, ps, seen)
-}
-
-type amqpSender struct {
-	broker   string
-	clientID string
-	outbox   chan *discosrv.ReplicationRecord
-}
-
-func (s *amqpSender) Serve(ctx context.Context) error {
-	conn, ch, err := amqpChannel(s.broker)
-	if err != nil {
-		return err
-	}
-	defer ch.Close()
-	defer conn.Close()
-
-	buf := make([]byte, 1024)
-	for {
-		select {
-		case rec := <-s.outbox:
-			size := proto.Size(rec)
-			if len(buf) < size {
-				buf = make([]byte, size)
-			}
-
-			n, err := protoutil.MarshalTo(buf, rec)
-			if err != nil {
-				replicationSendsTotal.WithLabelValues("error").Inc()
-				return fmt.Errorf("replication marshal: %w", err)
-			}
-
-			err = ch.PublishWithContext(ctx,
-				"discovery", // exchange
-				"",          // routing key
-				false,       // mandatory
-				false,       // immediate
-				amqp.Publishing{
-					ContentType: "application/protobuf",
-					Body:        buf[:n],
-					AppId:       s.clientID,
-				})
-			if err != nil {
-				replicationSendsTotal.WithLabelValues("error").Inc()
-				return fmt.Errorf("replication publish: %w", err)
-			}
-
-			replicationSendsTotal.WithLabelValues("success").Inc()
-
-		case <-ctx.Done():
-			return nil
-		}
-	}
-}
-
-func (s *amqpSender) String() string {
-	return fmt.Sprintf("amqpSender(%q)", s.broker)
-}
-
-func (s *amqpSender) send(key *protocol.DeviceID, ps []*discosrv.DatabaseAddress, seen int64) {
-	item := &discosrv.ReplicationRecord{
-		Key:       key[:],
-		Addresses: ps,
-		Seen:      seen,
-	}
-
-	// The send should never block. The inbox is suitably buffered for at
-	// least a few seconds of stalls, which shouldn't happen in practice.
-	select {
-	case s.outbox <- item:
-	default:
-		replicationSendsTotal.WithLabelValues("drop").Inc()
-	}
-}
-
-type amqpReceiver struct {
-	broker   string
-	clientID string
-	db       database
-}
-
-func (s *amqpReceiver) Serve(ctx context.Context) error {
-	conn, ch, err := amqpChannel(s.broker)
-	if err != nil {
-		return err
-	}
-	defer ch.Close()
-	defer conn.Close()
-
-	msgs, err := amqpConsume(ch)
-	if err != nil {
-		return err
-	}
-
-	for {
-		select {
-		case msg, ok := <-msgs:
-			if !ok {
-				return fmt.Errorf("subscription closed: %w", io.EOF)
-			}
-
-			// ignore messages from ourself
-			if msg.AppId == s.clientID {
-				continue
-			}
-
-			var rec discosrv.ReplicationRecord
-			if err := proto.Unmarshal(msg.Body, &rec); err != nil {
-				replicationRecvsTotal.WithLabelValues("error").Inc()
-				return fmt.Errorf("replication unmarshal: %w", err)
-			}
-			id, err := protocol.DeviceIDFromBytes(rec.Key)
-			if err != nil {
-				id, err = protocol.DeviceIDFromString(string(rec.Key))
-			}
-			if err != nil {
-				slog.Warn("Failed to parse replication device ID", "error", err)
-				replicationRecvsTotal.WithLabelValues("error").Inc()
-				continue
-			}
-
-			if err := s.db.merge(&id, rec.Addresses, rec.Seen); err != nil {
-				return fmt.Errorf("replication database merge: %w", err)
-			}
-
-			replicationRecvsTotal.WithLabelValues("success").Inc()
-
-		case <-ctx.Done():
-			return nil
-		}
-	}
-}
-
-func (s *amqpReceiver) String() string {
-	return fmt.Sprintf("amqpReceiver(%q)", s.broker)
-}
-
-func amqpChannel(dst string) (*amqp.Connection, *amqp.Channel, error) {
-	conn, err := amqp.Dial(dst)
-	if err != nil {
-		return nil, nil, fmt.Errorf("AMQP dial: %w", err)
-	}
-
-	ch, err := conn.Channel()
-	if err != nil {
-		return nil, nil, fmt.Errorf("AMQP channel: %w", err)
-	}
-
-	err = ch.ExchangeDeclare(
-		"discovery", // name
-		"fanout",    // type
-		false,       // durable
-		false,       // auto-deleted
-		false,       // internal
-		false,       // no-wait
-		nil,         // arguments
-	)
-	if err != nil {
-		return nil, nil, fmt.Errorf("AMQP declare exchange: %w", err)
-	}
-
-	return conn, ch, nil
-}
-
-func amqpConsume(ch *amqp.Channel) (<-chan amqp.Delivery, error) {
-	q, err := ch.QueueDeclare(
-		"",    // name
-		false, // durable
-		false, // delete when unused
-		true,  // exclusive
-		false, // no-wait
-		nil,   // arguments
-	)
-	if err != nil {
-		return nil, fmt.Errorf("AMQP declare queue: %w", err)
-	}
-
-	err = ch.QueueBind(
-		q.Name,      // queue name
-		"",          // routing key
-		"discovery", // exchange
-		false,
-		nil,
-	)
-	if err != nil {
-		return nil, fmt.Errorf("AMQP bind queue: %w", err)
-	}
-
-	msgs, err := ch.Consume(
-		q.Name, // queue
-		"",     // consumer
-		true,   // auto-ack
-		false,  // exclusive
-		false,  // no-local
-		false,  // no-wait
-		nil,    // args
-	)
-	if err != nil {
-		return nil, fmt.Errorf("AMQP consume: %w", err)
-	}
-
-	return msgs, nil
-}

cmd/stdiscosrv/apisrv.go

@@ -1,568 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"bytes"
-	"compress/gzip"
-	"context"
-	"crypto/tls"
-	"encoding/base64"
-	"encoding/json"
-	"encoding/pem"
-	"errors"
-	"fmt"
-	io "io"
-	"log"
-	"log/slog"
-	"math/rand"
-	"net"
-	"net/http"
-	"net/url"
-	"slices"
-	"strconv"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/syncthing/syncthing/internal/gen/discosrv"
-	"github.com/syncthing/syncthing/lib/protocol"
-	"github.com/syncthing/syncthing/lib/stringutil"
-)
-
-// announcement is the format received from and sent to clients
-type announcement struct {
-	Seen      time.Time `json:"seen"`
-	Addresses []string  `json:"addresses"`
-}
-
-type apiSrv struct {
-	addr           string
-	cert           tls.Certificate
-	db             database
-	listener       net.Listener
-	repl           replicator // optional
-	useHTTP        bool
-	compression    bool
-	gzipWriters    sync.Pool
-	seenTracker    *retryAfterTracker
-	notSeenTracker *retryAfterTracker
-}
-
-type replicator interface {
-	send(key *protocol.DeviceID, addrs []*discosrv.DatabaseAddress, seen int64)
-}
-
-type requestID int64
-
-func (i requestID) String() string {
-	return fmt.Sprintf("%016x", int64(i))
-}
-
-type contextKey int
-
-const idKey contextKey = iota
-
-func newAPISrv(addr string, cert tls.Certificate, db database, repl replicator, useHTTP, compression bool, desiredNotFoundRate float64) *apiSrv {
-	return &apiSrv{
-		addr:        addr,
-		cert:        cert,
-		db:          db,
-		repl:        repl,
-		useHTTP:     useHTTP,
-		compression: compression,
-		seenTracker: &retryAfterTracker{
-			name:         "seenTracker",
-			bucketStarts: time.Now(),
-			desiredRate:  desiredNotFoundRate / 2,
-			currentDelay: notFoundRetryUnknownMinSeconds,
-		},
-		notSeenTracker: &retryAfterTracker{
-			name:         "notSeenTracker",
-			bucketStarts: time.Now(),
-			desiredRate:  desiredNotFoundRate / 2,
-			currentDelay: notFoundRetryUnknownMaxSeconds / 2,
-		},
-	}
-}
-
-func (s *apiSrv) Serve(ctx context.Context) error {
-	if s.useHTTP {
-		listener, err := net.Listen("tcp", s.addr)
-		if err != nil {
-			slog.ErrorContext(ctx, "Failed to listen", "error", err)
-			return err
-		}
-		s.listener = listener
-	} else {
-		tlsCfg := &tls.Config{
-			Certificates: []tls.Certificate{s.cert},
-			ClientAuth:   tls.RequestClientCert,
-			MinVersion:   tls.VersionTLS12,
-			NextProtos:   []string{"h2", "http/1.1"},
-		}
-
-		tlsListener, err := tls.Listen("tcp", s.addr, tlsCfg)
-		if err != nil {
-			slog.ErrorContext(ctx, "Failed to listen", "error", err)
-			return err
-		}
-		s.listener = tlsListener
-	}
-
-	http.HandleFunc("/", s.handler)
-	http.HandleFunc("/ping", handlePing)
-
-	srv := &http.Server{
-		ReadTimeout:    httpReadTimeout,
-		WriteTimeout:   httpWriteTimeout,
-		MaxHeaderBytes: httpMaxHeaderBytes,
-	}
-	if !debug {
-		srv.ErrorLog = log.New(io.Discard, "", 0)
-	}
-
-	go func() {
-		<-ctx.Done()
-		srv.Shutdown(context.Background())
-	}()
-
-	err := srv.Serve(s.listener)
-	if err != nil {
-		slog.ErrorContext(ctx, "Failed to serve", "error", err)
-	}
-	return err
-}
-
-func (s *apiSrv) handler(w http.ResponseWriter, req *http.Request) {
-	t0 := time.Now()
-
-	lw := NewLoggingResponseWriter(w)
-
-	defer func() {
-		diff := time.Since(t0)
-		apiRequestsSeconds.WithLabelValues(req.Method).Observe(diff.Seconds())
-		apiRequestsTotal.WithLabelValues(req.Method, strconv.Itoa(lw.statusCode)).Inc()
-	}()
-
-	reqID := requestID(rand.Int63())
-	req = req.WithContext(context.WithValue(req.Context(), idKey, reqID))
-
-	slog.Debug("Handling request", "id", reqID, "method", req.Method, "url", req.URL, "proto", req.Proto)
-
-	remoteAddr := &net.TCPAddr{
-		IP:   nil,
-		Port: -1,
-	}
-
-	if s.useHTTP {
-		// X-Forwarded-For can have multiple client IPs; split using the comma separator
-		forwardIP, _, _ := strings.Cut(req.Header.Get("X-Forwarded-For"), ",")
-
-		// net.ParseIP will return nil if leading/trailing whitespace exists; use strings.TrimSpace()
-		remoteAddr.IP = net.ParseIP(strings.TrimSpace(forwardIP))
-
-		if parsedPort, err := strconv.ParseInt(req.Header.Get("X-Client-Port"), 10, 0); err == nil {
-			remoteAddr.Port = int(parsedPort)
-		}
-	} else {
-		var err error
-		remoteAddr, err = net.ResolveTCPAddr("tcp", req.RemoteAddr)
-		if err != nil {
-			slog.Warn("Failed to resolve remote address", "address", req.RemoteAddr, "error", err)
-			lw.Header().Set("Retry-After", errorRetryAfterString())
-			http.Error(lw, "Internal Server Error", http.StatusInternalServerError)
-			apiRequestsTotal.WithLabelValues("no_remote_addr").Inc()
-			return
-		}
-	}
-
-	switch req.Method {
-	case http.MethodGet:
-		s.handleGET(lw, req)
-	case http.MethodPost:
-		s.handlePOST(remoteAddr, lw, req)
-	default:
-		http.Error(lw, "Method Not Allowed", http.StatusMethodNotAllowed)
-	}
-}
-
-func (s *apiSrv) handleGET(w http.ResponseWriter, req *http.Request) {
-	reqID := req.Context().Value(idKey).(requestID)
-
-	deviceID, err := protocol.DeviceIDFromString(req.URL.Query().Get("device"))
-	if err != nil {
-		slog.Debug("Request with bad device param", "id", reqID, "error", err)
-		lookupRequestsTotal.WithLabelValues("bad_request").Inc()
-		w.Header().Set("Retry-After", errorRetryAfterString())
-		http.Error(w, "Bad Request", http.StatusBadRequest)
-		return
-	}
-
-	rec, err := s.db.get(&deviceID)
-	if err != nil {
-		// some sort of internal error
-		lookupRequestsTotal.WithLabelValues("internal_error").Inc()
-		w.Header().Set("Retry-After", errorRetryAfterString())
-		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
-		return
-	}
-
-	if len(rec.Addresses) == 0 {
-		var afterS int
-		if rec.Seen == 0 {
-			afterS = s.notSeenTracker.retryAfterS()
-			lookupRequestsTotal.WithLabelValues("not_found_ever").Inc()
-		} else {
-			afterS = s.seenTracker.retryAfterS()
-			lookupRequestsTotal.WithLabelValues("not_found_recent").Inc()
-		}
-		w.Header().Set("Retry-After", strconv.Itoa(afterS))
-		http.Error(w, "Not Found", http.StatusNotFound)
-		return
-	}
-
-	lookupRequestsTotal.WithLabelValues("success").Inc()
-
-	w.Header().Set("Content-Type", "application/json")
-	var bw io.Writer = w
-
-	// Use compression if the client asks for it
-	if s.compression && strings.Contains(req.Header.Get("Accept-Encoding"), "gzip") {
-		gw, ok := s.gzipWriters.Get().(*gzip.Writer)
-		if ok {
-			gw.Reset(w)
-		} else {
-			gw = gzip.NewWriter(w)
-		}
-		w.Header().Set("Content-Encoding", "gzip")
-		defer gw.Close()
-		defer s.gzipWriters.Put(gw)
-		bw = gw
-	}
-
-	json.NewEncoder(bw).Encode(announcement{
-		Seen:      time.Unix(0, rec.Seen).Truncate(time.Second),
-		Addresses: addressStrs(rec.Addresses),
-	})
-}
-
-func (s *apiSrv) handlePOST(remoteAddr *net.TCPAddr, w http.ResponseWriter, req *http.Request) {
-	reqID := req.Context().Value(idKey).(requestID)
-
-	rawCert, err := certificateBytes(req)
-	if err != nil {
-		slog.Debug("Request without certificates", "id", reqID, "error", err)
-		announceRequestsTotal.WithLabelValues("no_certificate").Inc()
-		w.Header().Set("Retry-After", errorRetryAfterString())
-		http.Error(w, "Forbidden", http.StatusForbidden)
-		return
-	}
-
-	var ann announcement
-	if err := json.NewDecoder(req.Body).Decode(&ann); err != nil {
-		slog.Debug("Failed to decode request", "id", reqID, "error", err)
-		announceRequestsTotal.WithLabelValues("bad_request").Inc()
-		w.Header().Set("Retry-After", errorRetryAfterString())
-		http.Error(w, "Bad Request", http.StatusBadRequest)
-		return
-	}
-
-	deviceID := protocol.NewDeviceID(rawCert)
-
-	addresses := fixupAddresses(remoteAddr, ann.Addresses)
-	if len(addresses) == 0 {
-		slog.Debug("Request without addresses", "id", reqID, "error", err)
-		announceRequestsTotal.WithLabelValues("bad_request").Inc()
-		w.Header().Set("Retry-After", errorRetryAfterString())
-		http.Error(w, "Bad Request", http.StatusBadRequest)
-		return
-	}
-
-	if err := s.handleAnnounce(deviceID, addresses); err != nil {
-		slog.Debug("Failed to handle request", "id", reqID, "error", err)
-		announceRequestsTotal.WithLabelValues("internal_error").Inc()
-		w.Header().Set("Retry-After", errorRetryAfterString())
-		http.Error(w, "Internal Server Error", http.StatusInternalServerError)
-		return
-	}
-
-	announceRequestsTotal.WithLabelValues("success").Inc()
-
-	w.Header().Set("Reannounce-After", reannounceAfterString())
-	w.WriteHeader(http.StatusNoContent)
-	slog.Debug("Device announced", "id", reqID, "device", deviceID, "addresses", addresses)
-}
-
-func (s *apiSrv) Stop() {
-	s.listener.Close()
-}
-
-func (s *apiSrv) handleAnnounce(deviceID protocol.DeviceID, addresses []string) error {
-	now := time.Now()
-	expire := now.Add(addressExpiryTime).UnixNano()
-
-	// The address slice must always be sorted for database merges to work
-	// properly.
-	slices.Sort(addresses)
-	addresses = slices.Compact(addresses)
-
-	dbAddrs := make([]*discosrv.DatabaseAddress, len(addresses))
-	for i := range addresses {
-		dbAddrs[i] = &discosrv.DatabaseAddress{
-			Address: addresses[i],
-			Expires: expire,
-		}
-	}
-
-	seen := now.UnixNano()
-	if s.repl != nil {
-		s.repl.send(&deviceID, dbAddrs, seen)
-	}
-	return s.db.merge(&deviceID, dbAddrs, seen)
-}
-
-func handlePing(w http.ResponseWriter, _ *http.Request) {
-	w.WriteHeader(http.StatusNoContent)
-}
-
-func certificateBytes(req *http.Request) ([]byte, error) {
-	if req.TLS != nil && len(req.TLS.PeerCertificates) > 0 {
-		return req.TLS.PeerCertificates[0].Raw, nil
-	}
-
-	var bs []byte
-
-	if hdr := req.Header.Get("X-Ssl-Cert"); hdr != "" {
-		if strings.Contains(hdr, "%") {
-			// Nginx using $ssl_client_escaped_cert
-			// The certificate is in PEM format with url encoding.
-			// We need to decode for the PEM decoder
-			hdr, err := url.QueryUnescape(hdr)
-			if err != nil {
-				// Decoding failed
-				return nil, err
-			}
-
-			bs = []byte(hdr)
-		} else {
-			// Nginx using $ssl_client_cert
-			// The certificate is in PEM format but with spaces for newlines. We
-			// need to reinstate the newlines for the PEM decoder. But we need to
-			// leave the spaces in the BEGIN and END lines - the first and last
-			// space - alone.
-			bs = []byte(hdr)
-			firstSpace := bytes.Index(bs, []byte(" "))
-			lastSpace := bytes.LastIndex(bs, []byte(" "))
-			for i := firstSpace + 1; i < lastSpace; i++ {
-				if bs[i] == ' ' {
-					bs[i] = '\n'
-				}
-			}
-		}
-	} else if hdr := req.Header.Get("X-Tls-Client-Cert-Der-Base64"); hdr != "" {
-		// Caddy {tls_client_certificate_der_base64}
-		hdr, err := base64.StdEncoding.DecodeString(hdr)
-		if err != nil {
-			// Decoding failed
-			return nil, err
-		}
-
-		bs = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: hdr})
-	} else if cert := req.Header.Get("X-Forwarded-Tls-Client-Cert"); cert != "" {
-		// Traefik 2 passtlsclientcert
-		//
-		// The certificate is in PEM format, maybe with URL encoding
-		// (depends on Traefik version) but without newlines and start/end
-		// statements. We need to decode, reinstate the newlines every 64
-		// character and add statements for the PEM decoder
-
-		if strings.Contains(cert, "%") {
-			if unesc, err := url.QueryUnescape(cert); err == nil {
-				cert = unesc
-			}
-		}
-
-		const (
-			header = "-----BEGIN CERTIFICATE-----"
-			footer = "-----END CERTIFICATE-----"
-		)
-
-		var b bytes.Buffer
-		b.Grow(len(header) + 1 + len(cert) + len(cert)/64 + 1 + len(footer) + 1)
-
-		b.WriteString(header)
-		b.WriteByte('\n')
-
-		for i := 0; i < len(cert); i += 64 {
-			end := i + 64
-			if end > len(cert) {
-				end = len(cert)
-			}
-			b.WriteString(cert[i:end])
-			b.WriteByte('\n')
-		}
-
-		b.WriteString(footer)
-		b.WriteByte('\n')
-
-		bs = b.Bytes()
-	}
-
-	if bs == nil {
-		return nil, errors.New("empty certificate header")
-	}
-
-	block, _ := pem.Decode(bs)
-	if block == nil {
-		// Decoding failed
-		return nil, errors.New("certificate decode result is empty")
-	}
-
-	return block.Bytes, nil
-}
-
-// fixupAddresses checks the list of addresses, removing invalid ones and
-// replacing unspecified IPs with the given remote IP.
-func fixupAddresses(remote *net.TCPAddr, addresses []string) []string {
-	fixed := make([]string, 0, len(addresses))
-	for _, annAddr := range addresses {
-		uri, err := url.Parse(annAddr)
-		if err != nil {
-			continue
-		}
-
-		host, port, err := net.SplitHostPort(uri.Host)
-		if err != nil {
-			continue
-		}
-
-		ip := net.ParseIP(host)
-
-		// Some classes of IP are no-go.
-		if ip.IsLoopback() || ip.IsMulticast() {
-			continue
-		}
-
-		if host == "" || ip.IsUnspecified() {
-			if remote != nil {
-				// Replace the unspecified IP with the request source.
-
-				// ... unless the request source is the loopback address or
-				// multicast/unspecified (can't happen, really).
-				if remote.IP == nil || remote.IP.IsLoopback() || remote.IP.IsMulticast() || remote.IP.IsUnspecified() {
-					continue
-				}
-
-				// Do not use IPv6 remote address if requested scheme is ...4
-				// (i.e., tcp4, etc.)
-				if strings.HasSuffix(uri.Scheme, "4") && remote.IP.To4() == nil {
-					continue
-				}
-
-				// Do not use IPv4 remote address if requested scheme is ...6
-				if strings.HasSuffix(uri.Scheme, "6") && remote.IP.To4() != nil {
-					continue
-				}
-
-				host = remote.IP.String()
-
-			} else {
-				// remote is nil, unable to determine host IP
-				continue
-			}
-		}
-
-		// If zero port was specified, use remote port.
-		if port == "0" {
-			if remote != nil && remote.Port > 0 {
-				// use remote port
-				port = strconv.Itoa(remote.Port)
-			} else {
-				// unable to determine remote port
-				continue
-			}
-		}
-
-		uri.Host = net.JoinHostPort(host, port)
-		fixed = append(fixed, uri.String())
-	}
-
-	// Remove duplicate addresses
-	fixed = stringutil.UniqueTrimmedStrings(fixed)
-
-	return fixed
-}
-
-type loggingResponseWriter struct {
-	http.ResponseWriter
-
-	statusCode int
-}
-
-func NewLoggingResponseWriter(w http.ResponseWriter) *loggingResponseWriter {
-	return &loggingResponseWriter{w, http.StatusOK}
-}
-
-func (lrw *loggingResponseWriter) WriteHeader(code int) {
-	lrw.statusCode = code
-	lrw.ResponseWriter.WriteHeader(code)
-}
-
-func addressStrs(dbAddrs []*discosrv.DatabaseAddress) []string {
-	res := make([]string, len(dbAddrs))
-	for i, a := range dbAddrs {
-		res[i] = a.Address
-	}
-	return res
-}
-
-func errorRetryAfterString() string {
-	return strconv.Itoa(errorRetryAfterSeconds + rand.Intn(errorRetryFuzzSeconds))
-}
-
-func reannounceAfterString() string {
-	return strconv.Itoa(reannounceAfterSeconds + rand.Intn(reannounzeFuzzSeconds))
-}
-
-type retryAfterTracker struct {
-	name        string
-	desiredRate float64 // requests per second
-
-	mut          sync.Mutex
-	lastCount    int       // requests in the last bucket
-	curCount     int       // requests in the current bucket
-	bucketStarts time.Time // start of the current bucket
-	currentDelay int       // current delay in seconds
-}
-
-func (t *retryAfterTracker) retryAfterS() int {
-	now := time.Now()
-	t.mut.Lock()
-	if durS := now.Sub(t.bucketStarts).Seconds(); durS > float64(t.currentDelay) {
-		t.bucketStarts = now
-		t.lastCount = t.curCount
-		lastRate := float64(t.lastCount) / durS
-
-		switch {
-		case t.currentDelay > notFoundRetryUnknownMinSeconds &&
-			lastRate < 0.75*t.desiredRate:
-			t.currentDelay = max(8*t.currentDelay/10, notFoundRetryUnknownMinSeconds)
-		case t.currentDelay < notFoundRetryUnknownMaxSeconds &&
-			lastRate > 1.25*t.desiredRate:
-			t.currentDelay = min(3*t.currentDelay/2, notFoundRetryUnknownMaxSeconds)
-		}
-
-		t.curCount = 0
-	}
-	if t.curCount == 0 {
-		retryAfterLevel.WithLabelValues(t.name).Set(float64(t.currentDelay))
-	}
-	t.curCount++
-	t.mut.Unlock()
-	return t.currentDelay + rand.Intn(t.currentDelay/4)
-}

cmd/stdiscosrv/apisrv_test.go

@@ -1,183 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"context"
-	"crypto/tls"
-	"fmt"
-	"io"
-	"net"
-	"net/http"
-	"net/http/httptest"
-	"os"
-	"regexp"
-	"strings"
-	"testing"
-
-	"github.com/syncthing/syncthing/lib/protocol"
-	"github.com/syncthing/syncthing/lib/tlsutil"
-)
-
-func TestFixupAddresses(t *testing.T) {
-	cases := []struct {
-		remote *net.TCPAddr
-		in     []string
-		out    []string
-	}{
-		{ // verbatim passthrough
-			in:  []string{"tcp://1.2.3.4:22000"},
-			out: []string{"tcp://1.2.3.4:22000"},
-		}, { // unspecified replaced by remote
-			remote: addr("1.2.3.4", 22000),
-			in:     []string{"tcp://:22000", "tcp://192.0.2.42:22000"},
-			out:    []string{"tcp://1.2.3.4:22000", "tcp://192.0.2.42:22000"},
-		}, { // unspecified not used as replacement
-			remote: addr("0.0.0.0", 22000),
-			in:     []string{"tcp://:22000", "tcp://192.0.2.42:22000"},
-			out:    []string{"tcp://192.0.2.42:22000"},
-		}, { // unspecified not used as replacement
-			remote: addr("::", 22000),
-			in:     []string{"tcp://:22000", "tcp://192.0.2.42:22000"},
-			out:    []string{"tcp://192.0.2.42:22000"},
-		}, { // localhost not used as replacement
-			remote: addr("127.0.0.1", 22000),
-			in:     []string{"tcp://:22000", "tcp://192.0.2.42:22000"},
-			out:    []string{"tcp://192.0.2.42:22000"},
-		}, { // localhost not used as replacement
-			remote: addr("::1", 22000),
-			in:     []string{"tcp://:22000", "tcp://192.0.2.42:22000"},
-			out:    []string{"tcp://192.0.2.42:22000"},
-		}, { // multicast not used as replacement
-			remote: addr("224.0.0.1", 22000),
-			in:     []string{"tcp://:22000", "tcp://192.0.2.42:22000"},
-			out:    []string{"tcp://192.0.2.42:22000"},
-		}, { // multicast not used as replacement
-			remote: addr("ff80::42", 22000),
-			in:     []string{"tcp://:22000", "tcp://192.0.2.42:22000"},
-			out:    []string{"tcp://192.0.2.42:22000"},
-		}, { // explicitly announced weirdness is also filtered
-			remote: addr("192.0.2.42", 22000),
-			in:     []string{"tcp://:22000", "tcp://127.1.2.3:22000", "tcp://[::1]:22000", "tcp://[ff80::42]:22000"},
-			out:    []string{"tcp://192.0.2.42:22000"},
-		}, { // port remapping
-			remote: addr("123.123.123.123", 9000),
-			in:     []string{"tcp://0.0.0.0:0"},
-			out:    []string{"tcp://123.123.123.123:9000"},
-		}, { // unspecified port remapping
-			remote: addr("123.123.123.123", 9000),
-			in:     []string{"tcp://:0"},
-			out:    []string{"tcp://123.123.123.123:9000"},
-		}, { // empty remapping
-			remote: addr("123.123.123.123", 9000),
-			in:     []string{"tcp://"},
-			out:    []string{},
-		}, { // port only remapping
-			remote: addr("123.123.123.123", 9000),
-			in:     []string{"tcp://44.44.44.44:0"},
-			out:    []string{"tcp://44.44.44.44:9000"},
-		}, { // remote ip nil
-			remote: addr("", 9000),
-			in:     []string{"tcp://:22000", "tcp://44.44.44.44:9000"},
-			out:    []string{"tcp://44.44.44.44:9000"},
-		}, { // remote port 0
-			remote: addr("123.123.123.123", 0),
-			in:     []string{"tcp://:22000", "tcp://44.44.44.44"},
-			out:    []string{"tcp://123.123.123.123:22000"},
-		},
-	}
-
-	for _, tc := range cases {
-		out := fixupAddresses(tc.remote, tc.in)
-		if fmt.Sprint(out) != fmt.Sprint(tc.out) {
-			t.Errorf("fixupAddresses(%v, %v) => %v, expected %v", tc.remote, tc.in, out, tc.out)
-		}
-	}
-}
-
-func addr(host string, port int) *net.TCPAddr {
-	return &net.TCPAddr{
-		IP:   net.ParseIP(host),
-		Port: port,
-	}
-}
-
-func BenchmarkAPIRequests(b *testing.B) {
-	db := newInMemoryStore(b.TempDir(), 0, nil)
-	ctx, cancel := context.WithCancel(context.Background())
-	defer cancel()
-	go db.Serve(ctx)
-	api := newAPISrv("127.0.0.1:0", tls.Certificate{}, db, nil, true, true, 1000)
-	srv := httptest.NewServer(http.HandlerFunc(api.handler))
-
-	kf := b.TempDir() + "/cert"
-	crt, err := tlsutil.NewCertificate(kf+".crt", kf+".key", "localhost", 7, true)
-	if err != nil {
-		b.Fatal(err)
-	}
-	certBs, err := os.ReadFile(kf + ".crt")
-	if err != nil {
-		b.Fatal(err)
-	}
-	certBs = regexp.MustCompile(`---[^\n]+---\n`).ReplaceAll(certBs, nil)
-	certString := string(strings.ReplaceAll(string(certBs), "\n", " "))
-
-	devID := protocol.NewDeviceID(crt.Certificate[0])
-	devIDString := devID.String()
-
-	b.Run("Announce", func(b *testing.B) {
-		b.ReportAllocs()
-		url := srv.URL + "/v2/?device=" + devIDString
-		for i := 0; i < b.N; i++ {
-			req, _ := http.NewRequest(http.MethodPost, url, strings.NewReader(`{"addresses":["tcp://10.10.10.10:42000"]}`))
-			req.Header.Set("X-Forwarded-Tls-Client-Cert", certString)
-			resp, err := http.DefaultClient.Do(req)
-			if err != nil {
-				b.Fatal(err)
-			}
-			resp.Body.Close()
-			if resp.StatusCode != http.StatusNoContent {
-				b.Fatalf("unexpected status %s", resp.Status)
-			}
-		}
-	})
-
-	b.Run("Lookup", func(b *testing.B) {
-		b.ReportAllocs()
-		url := srv.URL + "/v2/?device=" + devIDString
-		for i := 0; i < b.N; i++ {
-			req, _ := http.NewRequest(http.MethodGet, url, nil)
-			resp, err := http.DefaultClient.Do(req)
-			if err != nil {
-				b.Fatal(err)
-			}
-			io.Copy(io.Discard, resp.Body)
-			resp.Body.Close()
-			if resp.StatusCode != http.StatusOK {
-				b.Fatalf("unexpected status %s", resp.Status)
-			}
-		}
-	})
-
-	b.Run("LookupNoCompression", func(b *testing.B) {
-		b.ReportAllocs()
-		url := srv.URL + "/v2/?device=" + devIDString
-		for i := 0; i < b.N; i++ {
-			req, _ := http.NewRequest(http.MethodGet, url, nil)
-			req.Header.Set("Accept-Encoding", "identity") // disable compression
-			resp, err := http.DefaultClient.Do(req)
-			if err != nil {
-				b.Fatal(err)
-			}
-			io.Copy(io.Discard, resp.Body)
-			resp.Body.Close()
-			if resp.StatusCode != http.StatusOK {
-				b.Fatalf("unexpected status %s", resp.Status)
-			}
-		}
-	})
-}

cmd/stdiscosrv/database.go

@@ -1,448 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"bufio"
-	"cmp"
-	"context"
-	"encoding/binary"
-	"errors"
-	"io"
-	"log/slog"
-	"os"
-	"path"
-	"runtime"
-	"slices"
-	"strings"
-	"time"
-
-	"github.com/puzpuzpuz/xsync/v3"
-	"google.golang.org/protobuf/proto"
-
-	"github.com/syncthing/syncthing/internal/blob"
-	"github.com/syncthing/syncthing/internal/gen/discosrv"
-	"github.com/syncthing/syncthing/internal/protoutil"
-	"github.com/syncthing/syncthing/lib/protocol"
-	"github.com/syncthing/syncthing/lib/rand"
-)
-
-type clock interface {
-	Now() time.Time
-}
-
-type defaultClock struct{}
-
-func (defaultClock) Now() time.Time {
-	return time.Now()
-}
-
-type database interface {
-	put(key *protocol.DeviceID, rec *discosrv.DatabaseRecord) error
-	merge(key *protocol.DeviceID, addrs []*discosrv.DatabaseAddress, seen int64) error
-	get(key *protocol.DeviceID) (*discosrv.DatabaseRecord, error)
-}
-
-type inMemoryStore struct {
-	m             *xsync.MapOf[protocol.DeviceID, *discosrv.DatabaseRecord]
-	dir           string
-	flushInterval time.Duration
-	blobs         blob.Store
-	objKey        string
-	clock         clock
-}
-
-func newInMemoryStore(dir string, flushInterval time.Duration, blobs blob.Store) *inMemoryStore {
-	hn, err := os.Hostname()
-	if err != nil {
-		hn = rand.String(8)
-	}
-	s := &inMemoryStore{
-		m:             xsync.NewMapOf[protocol.DeviceID, *discosrv.DatabaseRecord](),
-		dir:           dir,
-		flushInterval: flushInterval,
-		blobs:         blobs,
-		objKey:        hn + ".db",
-		clock:         defaultClock{},
-	}
-	nr, err := s.read()
-	if os.IsNotExist(err) && blobs != nil {
-		// Try to read from blob storage
-		latestKey, cerr := blobs.LatestKey(context.Background())
-		if cerr != nil {
-			slog.Error("Failed to find database in blob storage", "error", cerr)
-			return s
-		}
-		fd, cerr := os.Create(path.Join(s.dir, "records.db"))
-		if cerr != nil {
-			slog.Error("Failed to create database file", "error", cerr)
-			return s
-		}
-		if cerr := blobs.Download(context.Background(), latestKey, fd); cerr != nil {
-			slog.Error("Failed to download database from blob storage", "error", cerr)
-		}
-		_ = fd.Close()
-		nr, err = s.read()
-	}
-	if err != nil {
-		slog.Error("Failed to read database", "error", err)
-	}
-	slog.Info("Loaded database", "records", nr)
-	s.expireAndCalculateStatistics()
-	return s
-}
-
-func (s *inMemoryStore) put(key *protocol.DeviceID, rec *discosrv.DatabaseRecord) error {
-	t0 := time.Now()
-	s.m.Store(*key, rec)
-	databaseOperations.WithLabelValues(dbOpPut, dbResSuccess).Inc()
-	databaseOperationSeconds.WithLabelValues(dbOpPut).Observe(time.Since(t0).Seconds())
-	return nil
-}
-
-func (s *inMemoryStore) merge(key *protocol.DeviceID, addrs []*discosrv.DatabaseAddress, seen int64) error {
-	t0 := time.Now()
-
-	newRec := &discosrv.DatabaseRecord{
-		Addresses: addrs,
-		Seen:      seen,
-	}
-
-	if oldRec, ok := s.m.Load(*key); ok {
-		newRec = merge(oldRec, newRec)
-	}
-	s.m.Store(*key, newRec)
-
-	databaseOperations.WithLabelValues(dbOpMerge, dbResSuccess).Inc()
-	databaseOperationSeconds.WithLabelValues(dbOpMerge).Observe(time.Since(t0).Seconds())
-
-	return nil
-}
-
-func (s *inMemoryStore) get(key *protocol.DeviceID) (*discosrv.DatabaseRecord, error) {
-	t0 := time.Now()
-	defer func() {
-		databaseOperationSeconds.WithLabelValues(dbOpGet).Observe(time.Since(t0).Seconds())
-	}()
-
-	rec, ok := s.m.Load(*key)
-	if !ok {
-		databaseOperations.WithLabelValues(dbOpGet, dbResNotFound).Inc()
-		return &discosrv.DatabaseRecord{}, nil
-	}
-
-	rec.Addresses = expire(rec.Addresses, s.clock.Now())
-	databaseOperations.WithLabelValues(dbOpGet, dbResSuccess).Inc()
-	return rec, nil
-}
-
-func (s *inMemoryStore) Serve(ctx context.Context) error {
-	if s.flushInterval <= 0 {
-		<-ctx.Done()
-		return nil
-	}
-
-	t := time.NewTimer(s.flushInterval)
-	defer t.Stop()
-
-loop:
-	for {
-		select {
-		case <-t.C:
-			slog.InfoContext(ctx, "Calculating statistics")
-			s.expireAndCalculateStatistics()
-			slog.InfoContext(ctx, "Flushing database")
-			if err := s.write(); err != nil {
-				slog.ErrorContext(ctx, "Failed to write database", "error", err)
-			}
-			slog.InfoContext(ctx, "Finished flushing database")
-			t.Reset(s.flushInterval)
-
-		case <-ctx.Done():
-			// We're done.
-			break loop
-		}
-	}
-
-	return s.write()
-}
-
-func (s *inMemoryStore) expireAndCalculateStatistics() {
-	now := s.clock.Now()
-	cutoff24h := now.Add(-24 * time.Hour).UnixNano()
-	cutoff1w := now.Add(-7 * 24 * time.Hour).UnixNano()
-	current, currentIPv4, currentIPv6, currentIPv6GUA, last24h, last1w := 0, 0, 0, 0, 0, 0
-
-	n := 0
-	s.m.Range(func(key protocol.DeviceID, rec *discosrv.DatabaseRecord) bool {
-		if n%1000 == 0 {
-			runtime.Gosched()
-		}
-		n++
-
-		addresses := expire(rec.Addresses, now)
-		if len(addresses) == 0 {
-			rec.Addresses = nil
-			s.m.Store(key, rec)
-		} else if len(addresses) != len(rec.Addresses) {
-			rec.Addresses = addresses
-			s.m.Store(key, rec)
-		}
-
-		switch {
-		case len(rec.Addresses) > 0:
-			current++
-			seenIPv4, seenIPv6, seenIPv6GUA := false, false, false
-			for _, addr := range rec.Addresses {
-				// We do fast and loose matching on strings here instead of
-				// parsing the address and the IP and doing "proper" checks,
-				// to keep things fast and generate less garbage.
-				if strings.Contains(addr.Address, "[") {
-					seenIPv6 = true
-					if strings.Contains(addr.Address, "[2") {
-						seenIPv6GUA = true
-					}
-				} else {
-					seenIPv4 = true
-				}
-				if seenIPv4 && seenIPv6 && seenIPv6GUA {
-					break
-				}
-			}
-			if seenIPv4 {
-				currentIPv4++
-			}
-			if seenIPv6 {
-				currentIPv6++
-			}
-			if seenIPv6GUA {
-				currentIPv6GUA++
-			}
-		case rec.Seen > cutoff24h:
-			last24h++
-		case rec.Seen > cutoff1w:
-			last1w++
-		default:
-			// drop the record if it's older than a week
-			s.m.Delete(key)
-		}
-		return true
-	})
-
-	databaseKeys.WithLabelValues("current").Set(float64(current))
-	databaseKeys.WithLabelValues("currentIPv4").Set(float64(currentIPv4))
-	databaseKeys.WithLabelValues("currentIPv6").Set(float64(currentIPv6))
-	databaseKeys.WithLabelValues("currentIPv6GUA").Set(float64(currentIPv6GUA))
-	databaseKeys.WithLabelValues("last24h").Set(float64(last24h))
-	databaseKeys.WithLabelValues("last1w").Set(float64(last1w))
-	databaseStatisticsSeconds.Set(time.Since(now).Seconds())
-}
-
-func (s *inMemoryStore) write() (err error) {
-	t0 := time.Now()
-	defer func() {
-		if err == nil {
-			databaseWriteSeconds.Set(time.Since(t0).Seconds())
-			databaseLastWritten.Set(float64(t0.Unix()))
-		}
-	}()
-
-	dbf := path.Join(s.dir, "records.db")
-	fd, err := os.Create(dbf + ".tmp")
-	if err != nil {
-		return err
-	}
-	bw := bufio.NewWriterSize(fd, 1<<20)
-
-	var buf []byte
-	var rangeErr error
-	now := s.clock.Now()
-	cutoff1w := now.Add(-7 * 24 * time.Hour).UnixNano()
-	n := 0
-	s.m.Range(func(key protocol.DeviceID, value *discosrv.DatabaseRecord) bool {
-		if n%1000 == 0 {
-			runtime.Gosched()
-		}
-		n++
-
-		if value.Seen < cutoff1w {
-			// drop the record if it's older than a week
-			return true
-		}
-		rec := &discosrv.ReplicationRecord{
-			Key:       key[:],
-			Addresses: value.Addresses,
-			Seen:      value.Seen,
-		}
-		s := proto.Size(rec)
-		if s+4 > len(buf) {
-			buf = make([]byte, s+4)
-		}
-		n, err := protoutil.MarshalTo(buf[4:], rec)
-		if err != nil {
-			rangeErr = err
-			return false
-		}
-		binary.BigEndian.PutUint32(buf, uint32(n))
-		if _, err := bw.Write(buf[:n+4]); err != nil {
-			rangeErr = err
-			return false
-		}
-		return true
-	})
-	if rangeErr != nil {
-		_ = fd.Close()
-		return rangeErr
-	}
-
-	if err := bw.Flush(); err != nil {
-		_ = fd.Close
-		return err
-	}
-	if err := fd.Close(); err != nil {
-		return err
-	}
-	if err := os.Rename(dbf+".tmp", dbf); err != nil {
-		return err
-	}
-
-	if info, err := os.Lstat(dbf); err == nil {
-		slog.Info("Saved database", "name", dbf, "size", info.Size(), "modtime", info.ModTime())
-	} else {
-		slog.Warn("Failed to stat database after save", "error", err)
-	}
-
-	// Upload to blob storage
-	if s.blobs != nil {
-		fd, err = os.Open(dbf)
-		if err != nil {
-			slog.Error("Failed to upload database to blob storage", "error", err)
-			return nil
-		}
-		defer fd.Close()
-		if err := s.blobs.Upload(context.Background(), s.objKey, fd); err != nil {
-			slog.Error("Failed to upload database to blob storage", "error", err)
-		}
-		slog.Info("Finished uploading database")
-	}
-
-	return nil
-}
-
-func (s *inMemoryStore) read() (int, error) {
-	fd, err := os.Open(path.Join(s.dir, "records.db"))
-	if err != nil {
-		return 0, err
-	}
-	defer fd.Close()
-
-	br := bufio.NewReader(fd)
-	var buf []byte
-	nr := 0
-	for {
-		var n uint32
-		if err := binary.Read(br, binary.BigEndian, &n); err != nil {
-			if errors.Is(err, io.EOF) {
-				break
-			}
-			return nr, err
-		}
-		if int(n) > len(buf) {
-			buf = make([]byte, n)
-		}
-		if _, err := io.ReadFull(br, buf[:n]); err != nil {
-			return nr, err
-		}
-		rec := &discosrv.ReplicationRecord{}
-		if err := proto.Unmarshal(buf[:n], rec); err != nil {
-			return nr, err
-		}
-		key, err := protocol.DeviceIDFromBytes(rec.Key)
-		if err != nil {
-			key, err = protocol.DeviceIDFromString(string(rec.Key))
-		}
-		if err != nil {
-			slog.Error("Got bad device ID while reading database", "error", err)
-			continue
-		}
-
-		slices.SortFunc(rec.Addresses, Cmp)
-		rec.Addresses = slices.CompactFunc(rec.Addresses, Equal)
-		s.m.Store(key, &discosrv.DatabaseRecord{
-			Addresses: expire(rec.Addresses, s.clock.Now()),
-			Seen:      rec.Seen,
-		})
-		nr++
-	}
-	return nr, nil
-}
-
-// merge returns the merged result of the two database records a and b. The
-// result is the union of the two address sets, with the newer expiry time
-// chosen for any duplicates. The address list in a is overwritten and
-// reused for the result.
-func merge(a, b *discosrv.DatabaseRecord) *discosrv.DatabaseRecord {
-	// Both lists must be sorted for this to work.
-
-	a.Seen = max(a.Seen, b.Seen)
-
-	aIdx := 0
-	bIdx := 0
-	for aIdx < len(a.Addresses) && bIdx < len(b.Addresses) {
-		switch cmp.Compare(a.Addresses[aIdx].Address, b.Addresses[bIdx].Address) {
-		case 0:
-			// a == b, choose the newer expiry time
-			a.Addresses[aIdx].Expires = max(a.Addresses[aIdx].Expires, b.Addresses[bIdx].Expires)
-			aIdx++
-			bIdx++
-		case -1:
-			// a < b, keep a and move on
-			aIdx++
-		case 1:
-			// a > b, insert b before a
-			a.Addresses = append(a.Addresses[:aIdx], append([]*discosrv.DatabaseAddress{b.Addresses[bIdx]}, a.Addresses[aIdx:]...)...)
-			bIdx++
-		}
-	}
-	if bIdx < len(b.Addresses) {
-		a.Addresses = append(a.Addresses, b.Addresses[bIdx:]...)
-	}
-
-	return a
-}
-
-// expire returns the list of addresses after removing expired entries.
-// Expiration happen in place, so the slice given as the parameter is
-// destroyed. Internal order is preserved.
-func expire(addrs []*discosrv.DatabaseAddress, now time.Time) []*discosrv.DatabaseAddress {
-	cutoff := now.UnixNano()
-	naddrs := addrs[:0]
-	for i := range addrs {
-		if i > 0 && addrs[i].Address == addrs[i-1].Address {
-			// Skip duplicates
-			continue
-		}
-		if addrs[i].Expires >= cutoff {
-			naddrs = append(naddrs, addrs[i])
-		}
-	}
-	if len(naddrs) == 0 {
-		return nil
-	}
-	return naddrs
-}
-
-func Cmp(d, other *discosrv.DatabaseAddress) (n int) {
-	if c := cmp.Compare(d.Address, other.Address); c != 0 {
-		return c
-	}
-	return cmp.Compare(d.Expires, other.Expires)
-}
-
-func Equal(d, other *discosrv.DatabaseAddress) bool {
-	return d.Address == other.Address
-}

cmd/stdiscosrv/database_test.go

@@ -1,264 +0,0 @@
-// Copyright (C) 2018 The Syncthing Authors.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at https://mozilla.org/MPL/2.0/.
-
-package main
-
-import (
-	"context"
-	"fmt"
-	"testing"
-	"time"
-
-	"github.com/syncthing/syncthing/internal/gen/discosrv"
-	"github.com/syncthing/syncthing/lib/protocol"
-)
-
-func TestDatabaseGetSet(t *testing.T) {
-	db := newInMemoryStore(t.TempDir(), 0, nil)
-	ctx, cancel := context.WithCancel(context.Background())
-	go db.Serve(ctx)
-	defer cancel()
-
-	// Check missing record
-
-	rec, err := db.get(&protocol.EmptyDeviceID)
-	if err != nil {
-		t.Error("not found should not be an error")
-	}
-	if len(rec.Addresses) != 0 {
-		t.Error("addresses should be empty")
-	}
-
-	// Set up a clock
-
-	now := time.Now()
-	tc := &testClock{now}
-	db.clock = tc
-
-	// Put a record
-
-	rec.Addresses = []*discosrv.DatabaseAddress{
-		{Address: "tcp://1.2.3.4:5", Expires: tc.Now().Add(time.Minute).UnixNano()},
-	}
-	if err := db.put(&protocol.EmptyDeviceID, rec); err != nil {
-		t.Fatal(err)
-	}
-
-	// Verify it
-
-	rec, err = db.get(&protocol.EmptyDeviceID)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if len(rec.Addresses) != 1 {
-		t.Log(rec.Addresses)
-		t.Fatal("should have one address")
-	}
-	if rec.Addresses[0].Address != "tcp://1.2.3.4:5" {
-		t.Log(rec.Addresses)
-		t.Error("incorrect address")
-	}
-
-	// Wind the clock one half expiry, and merge in a new address
-
-	tc.wind(30 * time.Second)
-
-	addrs := []*discosrv.DatabaseAddress{
-		{Address: "tcp://6.7.8.9:0", Expires: tc.Now().Add(time.Minute).UnixNano()},
-	}
-	if err := db.merge(&protocol.EmptyDeviceID, addrs, tc.Now().UnixNano()); err != nil {
-		t.Fatal(err)
-	}
-
-	// Verify it
-
-	rec, err = db.get(&protocol.EmptyDeviceID)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if len(rec.Addresses) != 2 {
-		t.Log(rec.Addresses)
-		t.Fatal("should have two addresses")
-	}
-	if rec.Addresses[0].Address != "tcp://1.2.3.4:5" {
-		t.Log(rec.Addresses)
-		t.Error("incorrect address[0]")
-	}
-	if rec.Addresses[1].Address != "tcp://6.7.8.9:0" {
-		t.Log(rec.Addresses)
-		t.Error("incorrect address[1]")
-	}
-
-	// Pass the first expiry time
-
-	tc.wind(45 * time.Second)
-
-	// Verify it
-
-	rec, err = db.get(&protocol.EmptyDeviceID)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if len(rec.Addresses) != 1 {
-		t.Log(rec.Addresses)
-		t.Fatal("should have one address")
-	}
-	if rec.Addresses[0].Address != "tcp://6.7.8.9:0" {
-		t.Log(rec.Addresses)
-		t.Error("incorrect address")
-	}
-
-	// Set an address
-
-	addrs = []*discosrv.DatabaseAddress{
-		{Address: "tcp://6.7.8.9:0", Expires: tc.Now().Add(time.Minute).UnixNano()},
-	}
-	if err := db.merge(&protocol.GlobalDeviceID, addrs, tc.Now().UnixNano()); err != nil {
-		t.Fatal(err)
-	}
-
-	// Verify it
-
-	rec, err = db.get(&protocol.GlobalDeviceID)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if len(rec.Addresses) != 1 {
-		t.Log(rec.Addresses)
-		t.Fatal("should have one address")
-	}
-}
-
-func TestFilter(t *testing.T) {
-	// all cases are expired with t=10
-	cases := []struct {
-		a []*discosrv.DatabaseAddress
-		b []*discosrv.DatabaseAddress
-	}{
-		{
-			a: nil,
-			b: nil,
-		},
-		{
-			a: []*discosrv.DatabaseAddress{{Address: "a", Expires: 9}, {Address: "b", Expires: 9}, {Address: "c", Expires: 9}},
-			b: []*discosrv.DatabaseAddress{},
-		},
-		{
-			a: []*discosrv.DatabaseAddress{{Address: "a", Expires: 10}},
-			b: []*discosrv.DatabaseAddress{{Address: "a", Expires: 10}},
-		},
-		{
-			a: []*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 10}, {Address: "c", Expires: 10}},
-			b: []*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 10}, {Address: "c", Expires: 10}},
-		},
-		{
-			a: []*discosrv.DatabaseAddress{{Address: "a", Expires: 5}, {Address: "b", Expires: 15}, {Address: "c", Expires: 5}, {Address: "d", Expires: 15}, {Address: "e", Expires: 5}},
-			b: []*discosrv.DatabaseAddress{{Address: "b", Expires: 15}, {Address: "d", Expires: 15}},
-		},
-	}
-
-	for _, tc := range cases {
-		res := expire(tc.a, time.Unix(0, 10))
-		if fmt.Sprint(res) != fmt.Sprint(tc.b) {
-			t.Errorf("Incorrect result %v, expected %v", res, tc.b)
-		}
-	}
-}
-
-func TestMerge(t *testing.T) {
-	cases := []struct {
-		a, b, res []*discosrv.DatabaseAddress
-	}{
-		{nil, nil, nil},
-		{
-			nil,
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}},
-		},
-		{
-			nil,
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 10}, {Address: "c", Expires: 10}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 10}, {Address: "c", Expires: 10}},
-		},
-		{
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 15}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 15}},
-		},
-		{
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}},
-			[]*discosrv.DatabaseAddress{{Address: "b", Expires: 15}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}},
-		},
-		{
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 15}, {Address: "b", Expires: 15}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 15}, {Address: "b", Expires: 15}},
-		},
-		{
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}},
-			[]*discosrv.DatabaseAddress{{Address: "b", Expires: 15}, {Address: "c", Expires: 20}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}, {Address: "c", Expires: 20}},
-		},
-		{
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}},
-			[]*discosrv.DatabaseAddress{{Address: "b", Expires: 5}, {Address: "c", Expires: 20}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}, {Address: "c", Expires: 20}},
-		},
-		{
-			[]*discosrv.DatabaseAddress{{Address: "y", Expires: 10}, {Address: "z", Expires: 10}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 5}, {Address: "b", Expires: 15}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 5}, {Address: "b", Expires: 15}, {Address: "y", Expires: 10}, {Address: "z", Expires: 10}},
-		},
-		{
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}, {Address: "d", Expires: 10}},
-			[]*discosrv.DatabaseAddress{{Address: "b", Expires: 5}, {Address: "c", Expires: 20}},
-			[]*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}, {Address: "c", Expires: 20}, {Address: "d", Expires: 10}},
-		},
-	}
-
-	for _, tc := range cases {
-		rec := merge(&discosrv.DatabaseRecord{Addresses: tc.a}, &discosrv.DatabaseRecord{Addresses: tc.b})
-		if fmt.Sprint(rec.Addresses) != fmt.Sprint(tc.res) {
-			t.Errorf("Incorrect result %v, expected %v", rec.Addresses, tc.res)
-		}
-		rec = merge(&discosrv.DatabaseRecord{Addresses: tc.b}, &discosrv.DatabaseRecord{Addresses: tc.a})
-		if fmt.Sprint(rec.Addresses) != fmt.Sprint(tc.res) {
-			t.Errorf("Incorrect result %v, expected %v", rec.Addresses, tc.res)
-		}
-	}
-}
-
-func BenchmarkMergeEqual(b *testing.B) {
-	for i := 0; i < b.N; i++ {
-		ar := []*discosrv.DatabaseAddress{{Address: "a", Expires: 10}, {Address: "b", Expires: 15}}
-		br := []*discosrv.DatabaseAddress{{Address: "a", Expires: 15}, {Address: "b", Expires: 10}}
-		res := merge(&discosrv.DatabaseRecord{Addresses: ar}, &discosrv.DatabaseRecord{Addresses: br})
-		if len(res.Addresses) != 2 {
-			b.Fatal("wrong length")
-		}
-		if res.Addresses[0].Address != "a" || res.Addresses[1].Address != "b" {
-			b.Fatal("wrong address")
-		}
-		if res.Addresses[0].Expires != 15 || res.Addresses[1].Expires != 15 {
-			b.Fatal("wrong expiry")
-		}
-	}
-	b.ReportAllocs() // should be zero per operation
-}
-
-type testClock struct {
-	now time.Time
-}
-
-func (t *testClock) wind(d time.Duration) {
-	t.now = t.now.Add(d)
-}
-
-func (t *testClock) Now() time.Time {
-	t.now = t.now.Add(time.Nanosecond)
-	return t.now
-}

cmd/stdiscosrv/etc/firewall-ufw/stdiscosrv

@@ -1,4 +0,0 @@
-[stdiscosrv]
-title=Syncthing discovery server
-description=Lets syncthing clients discover each other
-ports=8443/tcp