Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TLS not working. #6

Closed
yuroyami opened this issue Jun 4, 2022 · 3 comments
Closed

TLS not working. #6

yuroyami opened this issue Jun 4, 2022 · 3 comments
Assignees
@yuroyami
Labels
bug Something isn't working

Comments

@yuroyami
Copy link
Owner

yuroyami commented Jun 4, 2022

The TLS (Transport Layer Security) connection is not getting established. As a consequence, Syncplay now connects to the servers via a bare unprotected TCP/IP socket.

For many people, this is neither a priority nor an issue. But most of us prefer a secured connection over TLS/SSL if possible, which is one of the major features for Desktop's Syncplay.

This will be fixed asap.
@yuroyami yuroyami self-assigned this Jun 4, 2022
@yuroyami yuroyami added the bug Something isn't working label Jun 4, 2022
@Et0h
Copy link

Et0h commented Jul 8, 2022
edited
Loading

Syncplay uses Opportunistic TLS.

In my understanding the way it works from the Syncplay client's perspective is as follows:

  • Syncplay client connects to the server and sends the message {"TLS": {"startTLS": "send"}} using plaintext.
  • If TLS is supported then server responds with {"TLS": {"startTLS": "true"}} using plaintext.
  • Once the {"TLS": {"startTLS": "true"}} message is received by the client, the Syncplay client will actually try start the TLS connection. The client will wait until the connection is established before proceeding with the 'hello' messages which is sent over the upgraded connection. Subsequent messages will also be encrypted.
  • Otherwise server responds {"TLS": {"startTLS": "false"}} in plaintext and Syncplay just tells the user that TLS is not supported and sends the hello messages and subsequent messages in plaintext.
  • If the Syncplay server is 1.6.3 or below then it would respond with an error message when it gets the starTLS message and terminate the connection. In this case, Syncplay client reconnects and skips asking if the server supports TLS and just sends the hello message and subsequent messages in plaintext. Syncplay 1.6.4 with TLS support was released in June 2019 so you might not need to handle this edge case, but that's the expected behaviour for the Syncplay client.

@yuroyami
Copy link
Owner Author

yuroyami commented Jul 9, 2022

@Et0h The issue I thought I was facing was getting Twisted to accept Java's TLS connection which keeps getting rejected for some reason. I read your TLS support explanation on the official GitHub. Android's SSL socketing protocol is a pain in the ass and I kept blaming it while I totally forgot to send a TLS message to begin with. I should've analyzed the Python source code more thoroughly to make sure I am not missing anything. That will be immensely helpful to fix this issue. Much appreciated.

@yuroyami
Copy link
Owner Author

yuroyami commented Jan 6, 2024

Fixed as of v0.13.0

@yuroyami yuroyami closed this as completed Jan 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuroyami yuroyami

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Et0h @yuroyami