-
Notifications
You must be signed in to change notification settings - Fork 247
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: socks+tls #1087
Comments
Merged
Please try #1090 and let me know if it works as you expect. |
Thanks, but wont be able to test this fast with current wire protocol upgrade (need to upgrade hell a lot of nodes) |
neilalexander
added a commit
that referenced
this issue
Nov 4, 2023
Closes #1087. Co-authored-by: Neil Alexander <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
TLS is the most secure option to connect the nodes, now it got even better with that password feature which probably makes it impossible to MITM yggdrasil connection to the node (i know its encrypted end2end but attacker on ISP side can at least fuck up connection and routes like that).
But I'm really missing socks option for TLS. For some reason yggdrasil socks option can only work with TCP, and sometimes its pretty convenient to add bunch of other gateways this way.
Nothing urgent here but i just wonder why socks+tls doesnt exists, its still TCP and can be wrapped into socks same way. QUIC on the other hand would be tricky to route over socks (with all those UDP bind tricks), but TLS supposed to be pretty trivial.
Btw: If you implement socks+QUIC via UDP bind it should be even faster, because UDP bind is just userspace port forwarding and causes zero processing lags compared to TCP via socks which endures encapsulation and routing overheads inside socks server. Openvpn was able to do udpbind via socks and it was pretty much fast, not distinguishable from direct UDP connection.
The text was updated successfully, but these errors were encountered: