Do not crash on TLS connection without certificatev0.7.3 v0.7

author: Jakob Borg <jakob@nym.se> 2014-04-08 21:31:23 +0200
committer: Jakob Borg <jakob@nym.se> 2014-04-08 21:54:02 +0200
commit: a6ed76e71451ed862055e600958286c49c7f3b5b (patch)
tree: 911dedee485ec548d1fe371df400f8f08ec2122b
parent: d3915b8dbfea3d36b31fe7b5615c9397e1d11eee (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/cmd/syncthing/main.go b/cmd/syncthing/main.go
index 445dc3ac0..6e19a9b5b 100644
--- a/cmd/syncthing/main.go
+++ b/cmd/syncthing/main.go
@@ -429,7 +429,13 @@ func listenConnect(myID string, disc *discover.Discoverer, m *Model, tlsCfg *tls
 
 next:
 	for conn := range conns {
-		remoteID := certID(conn.ConnectionState().PeerCertificates[0].Raw)
+		certs := conn.ConnectionState().PeerCertificates
+		if l := len(certs); l != 1 {
+			warnf("Got peer certificate list of length %d != 1; protocol error", l)
+			conn.Close()
+			continue
+		}
+		remoteID := certID(certs[0].Raw)
 
 		if remoteID == myID {
 			warnf("Connected to myself (%s) - should not happen", remoteID)
author	Jakob Borg <jakob@nym.se>	2014-04-08 21:31:23 +0200
committer	Jakob Borg <jakob@nym.se>	2014-04-08 21:54:02 +0200
commit	a6ed76e71451ed862055e600958286c49c7f3b5b (patch)
tree	911dedee485ec548d1fe371df400f8f08ec2122b
parent	d3915b8dbfea3d36b31fe7b5615c9397e1d11eee (diff)