Why max-connections-per-server is hardcode limit to 16?

[eromoe]

I don't understand why this is hardcode. 16 is too low, I want 1024 on windows, so have to rebuild it. Every need more thant 16 need rebuild it , I think aria2 should remove this limitation.

[myfreeer]

Check #126 #577 #580 #648 #729

[eromoe]

16 is plenty. Too easy to do DOS.

Looks like aria2 are trying to protect the site host ... If one really want to do DOS , you can not stop him by this.

But do you ever consider this situation:

Because official do not provide max-connections-per-server > 16 option, so some bad guys build their one with virus and spread to people. People who doesn't know tech always tend to download the dangerous one when they found it does faster than offical (Hackers always advocate their version is much faster).

[trudnorx]

The maximum connection limit needs to be removed.

It clearly goes against the basic principle that the user should be in control.

People clearly have a need for it. If they didn't observe a need for it with real-world usage, this wouldn't be so oft-requested. On the connections I have tested this on, more connections than 16 are needed to get the best speeds. People are experiencing this problem. Asking them to recompile it is inconvenient nonsense.

If we're speaking of a network application, of course it makes sense for the application not to be selfish and not hog bandwidth, e.g. by naturally adapting in order not to bother other applications, but hard-coded limits like this, that always apply even when they are not necessary, and that are enforced AGAINST the user, do not make any sense.

Once again, it is completely clear that there are many real-world cases where this is clearly needed to achieve benefits. Just think of home networks now reaching 100+Mbps commonly, and 500Mbps+ in many cases, and some protocols/server apps/configs being inefficient enough that they require multiple connections - on servers that can without a hitch handle more load.

If people don't need it, they can always choose not to use it. We're speaking of situations in which the user has specifically requested it.

[gzlock]

Server owners can setup they server connections limit, this is not a software needs to worry about.

[recolic]

Azure official tool azcopy creates 128 connections by default, and has 1300Mbps download speed in MSFT intranet. But aria2c has only 70 Mbps download speed. TCP window size limit in a high latency connection restricts bandwidth of single connection.

aria2c is "the ultra fast download utility", but it's not.

[Saren-Arterius]

Please reconsider, servers are much faster than 2013. For attempting DoS, there are many better tools then using aria2.

[iambenmitchell]

This is super annoying. I have a 10Gbps connection and 16 maxes me out at 418MiB/s which, yes it is better than the default which does 110MiB/s but it would be nice to be able to download at max speed

[recolic]

@MrBenFTW You're using wrong command to download file, which limits your bandwidth.

This is a example to force aria2c to actually use specified connection count:

aria2c -k 2M -s 16 -x 16 http://archlinux.ccns.ncku.edu.tw/archlinux/iso/2021.01.01/archlinux-2021.01.01-x86_64.iso

"CN:1" means that you have only one connection open.

[ghost]

Guys, if you need version with limit increased to 256 connections look at my fork:
https://github.com/hardhub/aria2/tree/connections

To get Windows version you probably want to cross-compile it yourself: https://github.com/aria2/aria2/issues/1754 But I heavily modified script to compile it with LIBSSH2 and Ubuntu 20.04 (LTS).
I tested it a bit with SSH, HTTP and Torrents.
I do not have any plans to regular support it but if you need updated version let me know.

You can download it with this link: https://github.com/aria2/aria2/files/6218031/aria2c.zip

[mgrinzPlayer]

No need to compile. I just hex edit range "1-16" to something else e.g. "1-64". You can use OllyDbg, x64dbg, CheatEngine, .... to find the right spot. Then you can use any hex-editor, e.g. HxD, and change one byte.

Example, for official 1.35.0 32bit, you can change at offset 0xEF3C8 one byte, from 0x10 to 0x40 to get upper limit set to 64.

or 0x80 to get upper limit 128

[ghost]

No need to compile. I just hex edit range "1-16" to something else e.g. "1-64".

Have you tested it? I mean to really specify values greater than 16? I think it will not work.

P.S. And libssh2 is still missing even if limit is solved. I needed sftp for my tasks as well.

[mgrinzPlayer]

[ghost]

You can use OllyDbg, x64dbg, CheatEngine, .... to find the right spot.

I think you edit not just text "1-16". So it will be good to provide some details how to find desired constants.

[mgrinzPlayer]

Yeah. Those " were misleading 🙃 As I wrote earlier, I changed one byte only at offset 0xEF3C8. I forgot to mention: windows binary.

[ghost]

Yeah. Those " were misleading upside_down_face As I wrote earlier, I changed one byte only at offset 0xEF3C8. I forgot to mention: windows binary.

But how did you find the correct offset?

[mgrinzPlayer]

We know offset for 32bit. So, example for 64bit 1.35.0 win build and x64dbg. launch x64dbg, press F3, open aria2c binary, be sure CPU tab is viewed, press Ctrl+G and enter aria2c.0, right click and from context menu choose search for->current module->string references. In references tab, inside search box type "-x, --max". Double click found line. You will get something like this you have to look for line with ",10" (which is 0x10, which is 16). In this example, it is one line above. Highlight it, press space, and change to something else, like 40, then exit from this small assemble window: press ctrl+P and click "patch file" button. Save new file.

Then open both files (orig and the patched one) with HxD and compare (Ctrl+K). the difference will be at offset 0xC3175.

Note: in fact this is signed 32bit value (use HxD data inspector).

[nalabrie]

We know offset for 32bit. So, example for 64bit 1.35.0 win build and x64dbg. launch x64dbg, press F3, open aria2c binary, be sure CPU tab is viewed, press Ctrl+G and enter aria2c.0, right click and from context menu choose search for->current module->string references. In references tab, inside search box type "-x, --max". Double click found line. You will get something like this you have to look for line with ",10" (which is 0x10, which is 16). In this example, it is one line above. Highlight it, press space, and change to something else, like 40, then exit from this small assemble window: press ctrl+P and click "patch file" button. Save new file.

Then open both files (orig and the patched one) with HxD and compare (Ctrl+K). the difference will be at offset 0xC3175.

Note: in fact this is signed 32bit value (use HxD data inspector).

This still works for aria2 version 1.36.0 on Windows 64-bit but needs to be done a little differently. The string -x, --max no longer exists so searching for a string reference doesn't work. Here is what I did:

1. launch x64dbg
2. press F3 and open the aria2c binary
3. press Ctrl+G and enter aria2c.0
4. right click and from the context menu choose search for > current module > constant
5. in the signed box type 16 and hit enter
6. this brings you to the references tab similar to @mgrinzPlayer's instructions but instead of searching for a string you will now be searching through any disassembly that contains 16 (hex 0x10). BEFORE searching, click the regex checkbox. Now type mov qword ptr ss.*\],10 and the first result in the list is what you want. It is at offset 0000000000FB036E
7. double click that first result and it'll bring you to the CPU tab
8. press space
9. change the 10 at the end of mov qword ptr ss:[rsp+0x28], 0x10 to any number. I used ff which gives a limit of 255.
10. press ok and close that box
11. press Ctrl+P and click the patch file button, save the new file

Be warned that using big numbers can cause issues with some websites. I use aria2 as an external downloader for youtube-dl and when using the aria2 arguments -c -j 128 -x 128 -s 128 -k 1M I got a lot of errors. It seems YouTube doesn't like when you make too many connections at once. Using -c -j 64 -x 64 -s 64 -k 1M works for me so far.

Using HxD to compare the files like @mgrinzPlayer did, it seems the change is at offset 0xDF773

[mgrinzPlayer]

yes, 64bit aria2c 1.36.0, it is at 0xDF773. For 32bit, it is at 0xC5261.

needs to be done a little differently.

For me, algo is still the same ("current module->string references"):

[nalabrie]

Huh. I guess I went through all that effort for nothing haha. Oh well. I guess I have a weird build of aria2, this is the only result from doing a string search for -x. I have aria2 installed via Chocolatey so maybe that is why. I didn't think it would be compiled any differently. My bad.

[mgrinzPlayer]

weird build of aria2

Offset is the same for me and you - 0xDF773. Maybe your x64dbg version works different (May8 2021 versus Jan 21 2022). I will try the newer version.

edit: yes, x64dbg Jan 21 2022 snapshot is bugged.

edit: it can not find str reference if it starts with space and "-":

[nalabrie]

yes, x64dbg Jan 21 2022 snapshot is bugged. it can not find str reference if it starts with space and "-"

Interesting find. I thought it was odd that our offsets were the same but I still figured a different build of aria2 was more likely than a bug in x64dbg. That is the first time I've accidentally stumbled across a bug that serious. If there isn't already a bug report for it then it might be a good idea to report what you've found whenever you get the chance.

EDIT: if anyone is curious, the December 5, 2021 build of x64dbg doesn't have the issue

[tejasvi]

Max limit 1024: aria3c.zip

Notes:

• Compiled on Ubuntu 20.04 though might work on similar setups.
• Passed through strip to reduce binary size from 109 MB to 2.8 MB.
• Dynamically linked due to issue with static flag #1899.
  • ./configure ARIA2_STATIC=yes --with-ca-bundle='/etc/ssl/certs/ca-certificates.crt' --without-gnutls --with-openssl gives terminated by signal SIGSEGV (Address boundary error) as of c546fa492c752d0594312ee1a2ac8bb4763c40f2.

➜ ldd aria3c

``` linux-vdso.so.1 (0x00007ffc365b3000) libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f32b0be7000) libxml2.so.2 => /lib/x86_64-linux-gnu/libxml2.so.2 (0x00007f32b0a2d000) libgnutls.so.30 => /lib/x86_64-linux-gnu/libgnutls.so.30 (0x00007f32b0857000) libnettle.so.7 => /lib/x86_64-linux-gnu/libnettle.so.7 (0x00007f32b081d000) libgmp.so.10 => /lib/x86_64-linux-gnu/libgmp.so.10 (0x00007f32b0799000) libstdc++.so.6 => /lib/x86_64-linux-gnu/libstdc++.so.6 (0x00007f32b05b7000) libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007f32b0466000) libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007f32b044b000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f32b0259000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f32b0253000) libicuuc.so.66 => /lib/x86_64-linux-gnu/libicuuc.so.66 (0x00007f32b006d000) liblzma.so.5 => /lib/x86_64-linux-gnu/liblzma.so.5 (0x00007f32b0044000) libp11-kit.so.0 => /lib/x86_64-linux-gnu/libp11-kit.so.0 (0x00007f32aff0c000) libidn2.so.0 => /lib/x86_64-linux-gnu/libidn2.so.0 (0x00007f32afeeb000) libunistring.so.2 => /lib/x86_64-linux-gnu/libunistring.so.2 (0x00007f32afd69000) libtasn1.so.6 => /lib/x86_64-linux-gnu/libtasn1.so.6 (0x00007f32afd53000) libhogweed.so.5 => /lib/x86_64-linux-gnu/libhogweed.so.5 (0x00007f32afd1b000) /lib64/ld-linux-x86-64.so.2 (0x00007f32b0ed9000) libicudata.so.66 => /lib/x86_64-linux-gnu/libicudata.so.66 (0x00007f32ae258000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f32ae235000) libffi.so.7 => /lib/x86_64-linux-gnu/libffi.so.7 (0x00007f32ae229000) ```

[jamazi]

for arch users: https://aur.archlinux.org/packages/aria2-unlimited

[SocialistElmo]

god bless you guys, the x64dbg works for me 1.36.0 64 bit on Windows

[N0rdmann]

Still no official intention to let users decide to increase max. connections beyond 16?

or at least double hard-coded limit to 32? Almost 10 years later HW quite improved a bit 😇👌