Skip to content

G
go-ipfs
提交 21d46bbe 作者: Marten Seemann 提交者: Steven Allen
操作

add an experiment to prefer TLS 1.3 over secio 

License: MIT
Signed-off-by: 's avatarMarten Seemann <martenseemann@gmail.com>
上级 ed3729d3
正在显示 包含 27 行增加2 行删除
core/node/libp2p.go
...@@ -362,7 +362,11 @@ func P2PSecurity(enabled bool) interface{} { ...@@ -362,7 +362,11 @@ func P2PSecurity(enabled bool) interface{} {
} }
} }
return func(cfg *config.Config) (opts Libp2pOpts) { return func(cfg *config.Config) (opts Libp2pOpts) {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(secio.ID, secio.New), libp2p.Security(tls.ID, tls.New))) if cfg.Experimental.PreferTLS {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(tls.ID, tls.New), libp2p.Security(secio.ID, secio.New)))
} else {
opts.Opts = append(opts.Opts, libp2p.ChainOptions(libp2p.Security(secio.ID, secio.New), libp2p.Security(tls.ID, tls.New)))
}
return opts return opts
} }
} }
......
docs/experimental-features.md
...@@ -683,3 +683,22 @@ ipfs config --json Swarm.EnableAutoNATService true ...@@ -683,3 +683,22 @@ ipfs config --json Swarm.EnableAutoNATService true
### Road to being a real feature ### Road to being a real feature
- [ ] needs testing - [ ] needs testing
## TLS 1.3 as default handshake protocol
### State
Every node accepts secio and TLS 1.3 connections, but prefers secio over TLS when dialing.
### How to enable
Modify your ipfs config:
```
ipfs config --json Experimental.PreferTLS true
```
### Road to being a real feature
- [ ] needs testing
go.mod
...@@ -34,7 +34,7 @@ require ( ...@@ -34,7 +34,7 @@ require (
github.com/ipfs/go-ipfs-chunker v0.0.1 github.com/ipfs/go-ipfs-chunker v0.0.1
github.com/ipfs/go-ipfs-cmdkit v0.0.1 github.com/ipfs/go-ipfs-cmdkit v0.0.1
github.com/ipfs/go-ipfs-cmds v0.0.5 github.com/ipfs/go-ipfs-cmds v0.0.5
github.com/ipfs/go-ipfs-config v0.0.1 github.com/ipfs/go-ipfs-config v0.0.2
github.com/ipfs/go-ipfs-ds-help v0.0.1 github.com/ipfs/go-ipfs-ds-help v0.0.1
github.com/ipfs/go-ipfs-exchange-interface v0.0.1 github.com/ipfs/go-ipfs-exchange-interface v0.0.1
github.com/ipfs/go-ipfs-exchange-offline v0.0.1 github.com/ipfs/go-ipfs-exchange-offline v0.0.1
......
go.sum
...@@ -160,6 +160,8 @@ github.com/ipfs/go-ipfs-cmds v0.0.5 h1:+blTEnA0MzkQO86WnpfGnchdojrY5wJLhsbby3/JX ...@@ -160,6 +160,8 @@ github.com/ipfs/go-ipfs-cmds v0.0.5 h1:+blTEnA0MzkQO86WnpfGnchdojrY5wJLhsbby3/JX
github.com/ipfs/go-ipfs-cmds v0.0.5/go.mod h1:1QVgxSgenZvOMGVC/XUTC7tJxRBGPLxYvpgPpCi3DUk= github.com/ipfs/go-ipfs-cmds v0.0.5/go.mod h1:1QVgxSgenZvOMGVC/XUTC7tJxRBGPLxYvpgPpCi3DUk=
github.com/ipfs/go-ipfs-config v0.0.1 h1:6ED08emzI1imdsAjixFi2pEyZxTVD5ECKtCOxLBx+Uc= github.com/ipfs/go-ipfs-config v0.0.1 h1:6ED08emzI1imdsAjixFi2pEyZxTVD5ECKtCOxLBx+Uc=
github.com/ipfs/go-ipfs-config v0.0.1/go.mod h1:KDbHjNyg4e6LLQSQpkgQMBz6Jf4LXiWAcmnkcwmH0DU= github.com/ipfs/go-ipfs-config v0.0.1/go.mod h1:KDbHjNyg4e6LLQSQpkgQMBz6Jf4LXiWAcmnkcwmH0DU=
github.com/ipfs/go-ipfs-config v0.0.2 h1:gmSXTvsuqE6ES1bK9LziWNaEiVkV2Mu/9c50D0haVJY=
github.com/ipfs/go-ipfs-config v0.0.2/go.mod h1:KDbHjNyg4e6LLQSQpkgQMBz6Jf4LXiWAcmnkcwmH0DU=
github.com/ipfs/go-ipfs-delay v0.0.0-20181109222059-70721b86a9a8/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw= github.com/ipfs/go-ipfs-delay v0.0.0-20181109222059-70721b86a9a8/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw=
github.com/ipfs/go-ipfs-delay v0.0.1 h1:r/UXYyRcddO6thwOnhiznIAiSvxMECGgtv35Xs1IeRQ= github.com/ipfs/go-ipfs-delay v0.0.1 h1:r/UXYyRcddO6thwOnhiznIAiSvxMECGgtv35Xs1IeRQ=
github.com/ipfs/go-ipfs-delay v0.0.1/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw= github.com/ipfs/go-ipfs-delay v0.0.1/go.mod h1:8SP1YXK1M1kXuc4KJZINY3TQQ03J2rwBG9QfXmbRPrw=
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论