[Question] Behavior of "transport.useEncryption" and "transport.tls.enable" setting on client.

lcharles123 commented 3 weeks ago

Bug Description

The frpc.toml have transport.tls.enable option on general section. Under[[proxies]]section there are a transport.useEncryption option. Both true means two layers of encryption? So transport.tls.enable are enough to encrypting the packets? I want only one layer of encryption, possible the one more simple and fast. Anyway, thanks for this awesome software!

frpc Version

0.60.0

frps Version

0.60.0

System Architecture

linux/amd64

Configurations

Client:

serverAddr = "server.org"
serverPort = 7000
transport.protocol = "tcp"
transport.ConnectServerLocalIP = "one.local.ip"

transport.tls.enable = true
transport.tls.certFile = "/root/frp_0.60.0_linux_amd64/certs/client.crt"
transport.tls.keyFile = "/root/frp_0.60.0_linux_amd64/certs/client.key"
transport.tls.trustedCaFile = "/root/frp_0.60.0_linux_amd64/certs/ca.crt"

auth.token = "mytoken"

[[proxies]]
name = "net.11."
type = "tcp"
localPort = 4433
remotePort = 4433
transport.useEncryption = true

Server:

bindPort = 7000
quicBindPort = 7000

transport.tls.force = true
transport.tls.certFile = "/etc/frp/server.crt"
transport.tls.keyFile = "/etc/frp/server.key"
transport.tls.trustedCaFile = "/etc/frp/ca.crt"
transport.maxPoolCount = 256

auth.method = "token"
auth.token = "mytoken"

webServer.addr = "127.0.0.1"
webServer.port = 7500

Logs

No response

Steps to reproduce

...

Affected area

[X] Docs
[ ] Installation
[ ] Performance and Scalability
[ ] Security
[X] User Experience
[ ] Test and Release
[ ] Developer Infrastructure
[ ] Client Plugin
[ ] Server Plugin
[ ] Extensions
[ ] Others

fatedier commented 3 weeks ago

Simply put, all you need is TLS.

github-actions[bot] commented 4 days ago

Issues go stale after 21d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

fatedier / frp