coosld/kubo
1
0
Fork 0
mirror of https://github.com/ipfs/kubo.git synced 2026-02-26 04:47:45 +08:00
Code Issues Actions 13 Packages Projects Releases Wiki Activity

add an experiment to prefer TLS 1.3 over secio

Browse Source 
License: MIT
Signed-off-by: Marten Seemann <martenseemann@gmail.com>
This commit is contained in:
Marten Seemann 2019-04-18 09:17:20 +09:00 committed by Steven Allen
parent ed3729d3ca
commit 21d46bbe32
4 changed files with 27 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/node/libp2p.go
View File

@ -362,7 +362,11 @@ func P2PSecurity(enabled bool) interface{} {
}
}
return func(cfg *config.Config) (opts Libp2pOpts) {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(secio.ID, secio.New), libp2p.Security(tls.ID, tls.New)))
if cfg.Experimental.PreferTLS {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(tls.ID, tls.New), libp2p.Security(secio.ID, secio.New)))
} else {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(secio.ID, secio.New), libp2p.Security(tls.ID, tls.New)))
}
return opts
}
}

19
docs/experimental-features.md
View File

@ -683,3 +683,22 @@ ipfs config --json Swarm.EnableAutoNATService true
### Road to being a real feature
- [ ] needs testing
## TLS 1.3 as default handshake protocol
### State
Every node accepts secio and TLS 1.3 connections, but prefers secio over TLS when dialing.
### How to enable
Modify your ipfs config:
```
ipfs config --json Experimental.PreferTLS true
```
### Road to being a real feature
- [ ] needs testing

2
go.mod
View File

@ -34,7 +34,7 @@ require (
github.com/ipfs/go-ipfs-chunker v0.0.1
github.com/ipfs/go-ipfs-cmdkit v0.0.1
github.com/ipfs/go-ipfs-cmds v0.0.5
github.com/ipfs/go-ipfs-config v0.0.1
github.com/ipfs/go-ipfs-config v0.0.2
github.com/ipfs/go-ipfs-ds-help v0.0.1
github.com/ipfs/go-ipfs-exchange-interface v0.0.1
github.com/ipfs/go-ipfs-exchange-offline v0.0.1

2
go.sum
View File

@ -160,6 +160,8 @@ github.com/ipfs/go-ipfs-cmds v0.0.5 h1:+blTEnA0MzkQO86WnpfGnchdojrY5wJLhsbby3/JX
github.com/ipfs/go-ipfs-cmds v0.0.5/go.mod h1:1QVgxSgenZvOMGVC/XUTC7tJxRBGPLxYvpgPpCi3DUk=
github.com/ipfs/go-ipfs-config v0.0.1 h1:6ED08emzI1imdsAjixFi2pEyZxTVD5ECKtCOxLBx+Uc=
github.com/ipfs/go-ipfs-config v0.0.1/go.mod h1:KDbHjNyg4e6LLQSQpkgQMBz6Jf4LXiWAcmnkcwmH0DU=
github.com/ipfs/go-ipfs-config v0.0.2 h1:gmSXTvsuqE6ES1bK9LziWNaEiVkV2Mu/9c50D0haVJY=
github.com/ipfs/go-ipfs-config v0.0.2/go.mod h1:KDbHjNyg4e6LLQSQpkgQMBz6Jf4LXiWAcmnkcwmH0DU=
github.com/ipfs/go-ipfs-delay v0.0.0-20181109222059-70721b86a9a8/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw=
github.com/ipfs/go-ipfs-delay v0.0.1 h1:r/UXYyRcddO6thwOnhiznIAiSvxMECGgtv35Xs1IeRQ=
github.com/ipfs/go-ipfs-delay v0.0.1/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw=