From a6ed76e71451ed862055e600958286c49c7f3b5b Mon Sep 17 00:00:00 2001
From: Jakob Borg <jakob@nym.se>
Date: Tue, 8 Apr 2014 21:31:23 +0200
Subject: Do not crash on TLS connection without certificate

---
 cmd/syncthing/main.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/cmd/syncthing/main.go b/cmd/syncthing/main.go
index 445dc3ac00..6e19a9b5b4 100644
--- a/cmd/syncthing/main.go
+++ b/cmd/syncthing/main.go
@@ -429,7 +429,13 @@ func listenConnect(myID string, disc *discover.Discoverer, m *Model, tlsCfg *tls
 
 next:
 	for conn := range conns {
-		remoteID := certID(conn.ConnectionState().PeerCertificates[0].Raw)
+		certs := conn.ConnectionState().PeerCertificates
+		if l := len(certs); l != 1 {
+			warnf("Got peer certificate list of length %d != 1; protocol error", l)
+			conn.Close()
+			continue
+		}
+		remoteID := certID(certs[0].Raw)
 
 		if remoteID == myID {
 			warnf("Connected to myself (%s) - should not happen", remoteID)
-- 
cgit v1.2.3