TLS

[ianopolous]

Is is possible to create a Host that uses TLS1.3 or QUIC secure channels/transports?

[Nashatyrev]

Nope, these are not yet implemented in jvm-libp2p unfortunately

[ianopolous]

I've implemented libp2p-tls in a fork:
https://github.com/Peergos/jvm-libp2p/tree/feat/libp2p-tls
Hopefully will be able to upstream once it's stable. We've also implemented yamux, which is stable.

[Nashatyrev]

@ianopolous wow, that's great!
There are some integration points we need to discuss (logger, why SecureChannel needs to be aware of muxer protocol ,and some minor others) but it would be great to see PRs from you!
Yamux is especially valuable as it is optionally supported by Ethereum

[ianopolous]

go-libp2p has already removed mplex support by default because mplex doesn't have backpressure, and kubo was about to remove it as well. So yamux was quite urgent.

SecureChannel needs to know the list of muxer protocols to facilitate early muxer negotitation. Noise could support this, but we've
only implemented it for TLS. TLS uses ALPN to negotiate the muxer during the TLS handshake. I've got TLS 99% done, it connects to kubo/go-libp2p and completes the handshake fine and sets up the agreed muxer. However if I then open a stream on it, say a Ping stream, then somewhere a ProtocolSelect times out and closes the channel. I've been trying to figure out why for a few days now, but I'm not a Kotlin expert and I've also not use netty before. If you have any ideas that would be great.

[ianopolous]

You might also be interested that we've implemented bitswap, kademlia, autonat in another repo and soon will add circuit relay and dcutr.

[ianopolous]

I'm also hoping that, with the TLS implementation working, adding support for quic-v1 should be quite easy once netty merges support for quic.

[ianopolous]

No worries! I've got it working! I was missing a fireChannelActive() after the TLS handshake.