libtorrent icon indicating copy to clipboard operation
libtorrent copied to clipboard

Published 20 hours ago verified publisher icon rakshasa

question about protocol.encryption's options

Open colinhd8 opened this issue 8 years ago • 2 comments

As we know that encryption options can be set to none (default) or any combination of the following: allow_incoming, try_outgoing, require, require_RC4, enable_retry, prefer_plaintext. My questions are: 1.allow_incoming ->does it mean that accept encrypted connection? drop the encrypted connection if it was not set even require_RC4 was set? 2.try_outgoing ->does it mean that try to use encrypted connection for outgoing? 3. require, require_RC4 ->what's the difference? is it only apply to outgoing? 4.enable_retry ->retry what? plaintest or encryption? only for outgoing? 5.prefer_plaintext -> why no prefer_encryption option? does it mean that use the encrypted connection default? only for outgoing?

Thanks.

colinhd8 avatar Jan 16 '17 15:01 colinhd8

All the possibilities :

  • are in the context of encrypted connection, as the config directive suggest: protocol.encryption.set
  • are flags: that you can apply them with bit-wise or :
    • order of the options isn't important
    • means you can't answer all your question above, until you specify the full (!) config setting
  • you can see the result of connection settings on peer screen

That being said:

  • 1.yes, that means "accept encrypted connection".
  • 2.yes, it mean "try to use encrypted connection for outgoing"
  • 3.I don't know, probably the type of encryption; it applies to both incoming/outgoing
  • 4.retry encryption; it applies to both incoming/outgoing
  • 5." why no prefer_encryption option" I think you already knows the answer now :) ; "does it mean that use the encrypted connection default?" only if it's set; it applies to both incoming/outgoing

Sample settings and their meaning:

# The default value allows incoming encrypted connections, starts unencrypted
# outgoing connections but retries with encryption if they fail, preferring
# plaintext to RC4 encryption after the encrypted handshake
protocol.encryption.set = allow_incoming,prefer_plaintext,enable_retry

# This will only allow encrypted connections
protocol.encryption.set = require,require_RC4

chros73 avatar Jan 20 '17 19:01 chros73

@chros73 Thank you so much for your answers. I'll try different settings and see what will happen.

colinhd8 avatar Jan 21 '17 09:01 colinhd8