Skip to content

Commit

Permalink
add an experiment to prefer TLS 1.3 over secio
Browse files Browse the repository at this point in the history 
License: MIT
Signed-off-by: Marten Seemann <[email protected]>
  • Loading branch information
@marten-seemann @Stebalien
marten-seemann authored and Stebalien committed Apr 18, 2019
1 parent ed3729d commit 21d46bb
Show file tree
Hide file tree
Showing 4 changed files with 27 additions and 2 deletions.
6 changes: 5 additions & 1 deletion core/node/libp2p.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -362,7 +362,11 @@ func P2PSecurity(enabled bool) interface{} {
}
}
return func(cfg *config.Config) (opts Libp2pOpts) {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(secio.ID, secio.New), libp2p.Security(tls.ID, tls.New)))
if cfg.Experimental.PreferTLS {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(tls.ID, tls.New), libp2p.Security(secio.ID, secio.New)))
} else {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(secio.ID, secio.New), libp2p.Security(tls.ID, tls.New)))
}
return opts
}
}
Expand Down
19 changes: 19 additions & 0 deletions docs/experimental-features.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -683,3 +683,22 @@ ipfs config --json Swarm.EnableAutoNATService true
### Road to being a real feature

- [ ] needs testing


## TLS 1.3 as default handshake protocol

### State

Every node accepts secio and TLS 1.3 connections, but prefers secio over TLS when dialing.

### How to enable

Modify your ipfs config:

```
ipfs config --json Experimental.PreferTLS true
```

### Road to being a real feature

- [ ] needs testing
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ require (
github.com/ipfs/go-ipfs-chunker v0.0.1
github.com/ipfs/go-ipfs-cmdkit v0.0.1
github.com/ipfs/go-ipfs-cmds v0.0.5
github.com/ipfs/go-ipfs-config v0.0.1
github.com/ipfs/go-ipfs-config v0.0.2
github.com/ipfs/go-ipfs-ds-help v0.0.1
github.com/ipfs/go-ipfs-exchange-interface v0.0.1
github.com/ipfs/go-ipfs-exchange-offline v0.0.1
Expand Down
2 changes: 2 additions & 0 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,8 @@ github.com/ipfs/go-ipfs-cmds v0.0.5 h1:+blTEnA0MzkQO86WnpfGnchdojrY5wJLhsbby3/JX
github.com/ipfs/go-ipfs-cmds v0.0.5/go.mod h1:1QVgxSgenZvOMGVC/XUTC7tJxRBGPLxYvpgPpCi3DUk=
github.com/ipfs/go-ipfs-config v0.0.1 h1:6ED08emzI1imdsAjixFi2pEyZxTVD5ECKtCOxLBx+Uc=
github.com/ipfs/go-ipfs-config v0.0.1/go.mod h1:KDbHjNyg4e6LLQSQpkgQMBz6Jf4LXiWAcmnkcwmH0DU=
github.com/ipfs/go-ipfs-config v0.0.2 h1:gmSXTvsuqE6ES1bK9LziWNaEiVkV2Mu/9c50D0haVJY=
github.com/ipfs/go-ipfs-config v0.0.2/go.mod h1:KDbHjNyg4e6LLQSQpkgQMBz6Jf4LXiWAcmnkcwmH0DU=
github.com/ipfs/go-ipfs-delay v0.0.0-20181109222059-70721b86a9a8/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw=
github.com/ipfs/go-ipfs-delay v0.0.1 h1:r/UXYyRcddO6thwOnhiznIAiSvxMECGgtv35Xs1IeRQ=
github.com/ipfs/go-ipfs-delay v0.0.1/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw=
Expand Down

0 comments on commit 21d46bb

Please sign in to comment.