diff options
Diffstat (limited to 'syncplay-proxy')
| -rwxr-xr-x | syncplay-proxy/syncplay-proxy | 62 | ||||
| -rw-r--r-- | syncplay-proxy/syncplay-proxy.service | 23 |
2 files changed, 85 insertions, 0 deletions
diff --git a/syncplay-proxy/syncplay-proxy b/syncplay-proxy/syncplay-proxy new file mode 100755 index 0000000..5ed7a4e --- /dev/null +++ b/syncplay-proxy/syncplay-proxy @@ -0,0 +1,62 @@ +#!/usr/bin/python3 + +# See https://github.com/Syncplay/syncplay/issues/346 for this script's raison-d'etre. + +# original: https://github.com/Syncplay/syncplay/issues/346#issuecomment-698134786 +# forked for LibertaCasa by Georg Pfuetzenreuter <georg@lysergic.dev> +# notable changes: utilize IPv6 + +import select +import socket +import socketserver +import sys + +listen_port = int(sys.argv[1]) +forward_port = int(sys.argv[2]) + +class SyncplayRequestHandler(socketserver.BaseRequestHandler): + def handle(self): + print('Handling connection from:', self.client_address) + data = self.request.recv(1024) + if data.strip() != b'{"TLS": {"startTLS": "send"}}': + print('Bad connection header from:', self.client_address) + try: + self.request.close() + except: + pass + return + print('Opening forwarding connection on behalf of:', self.client_address) + forwarded_conn = socket.socket(socket.AF_INET6, socket.SOCK_STREAM) + forwarded_conn.connect(('localhost', forward_port)) + # Acknowledge to the client that we are ready. + self.request.sendall(b'{"TLS": {"startTLS": "true"}}\r\n') + # Start proxying. + print('Proxying started for:', self.client_address) + sockets = (self.request, forwarded_conn) + while True: + rlist, _, xlist = select.select(sockets, (), sockets) + if len(xlist): + break + for s in rlist: + if s is self.request: + forwarded_conn.sendall(self.request.recv(1024)) + elif s is forwarded_conn: + self.request.sendall(forwarded_conn.recv(1024)) + print('Proxying stopped for:', self.client_address) + try: + forwarded_conn.close() + except: + pass + try: + self.request.close() + except: + pass + +class SyncplayServer(socketserver.ThreadingTCPServer): + address_family = socket.AF_INET6 + def server_bind(self): + self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + socketserver.ThreadingTCPServer.server_bind(self) + +with SyncplayServer(('', listen_port), SyncplayRequestHandler) as server: + server.serve_forever() diff --git a/syncplay-proxy/syncplay-proxy.service b/syncplay-proxy/syncplay-proxy.service new file mode 100644 index 0000000..6d11d46 --- /dev/null +++ b/syncplay-proxy/syncplay-proxy.service @@ -0,0 +1,23 @@ +[Unit] +Description=Syncplay TLS Fixer +Wants=network.target + +[Service] +User=syncplay +Group=syncplay +ExecStart=/usr/bin/python3.10 /usr/local/bin/syncplay-proxy 8999 8997 +ProtectSystem=strict +ProtectHome=yes +PrivateDevices=yes +PrivateTmp=yes +PrivateUsers=yes +ProtectKernelTunables=yes +ProtectKernelLogs=yes +ProtectControlGroups=yes +ReadWritePaths=/var/lib/syncplay +RestrictAddressFamilies=AF_INET6 AF_INET +SystemCallArchitectures=native +SystemCallFilter=@system-service + +[Install] +WantedBy=multi-user.target |