[crossfire] encrypting the connection

Preston Crow pc-crossfire06 at crowcastle.net
Fri Oct 20 19:22:17 CDT 2017


Would it make sense to encrypt the connection between the client and the 
server?  I'm particularly concerned about the sending of passwords in 
plaintext, as they're probably the same as other user passwords in most 
cases.

It would be fairly simple to wrap the server side with stunnel, but 
without built-in client support, this wouldn't do any good.

I've never used openssl or similar libraries, but that would seem like 
the right approach.  I doubt that the added overhead would cause latency 
or cpu load issues.



More information about the crossfire mailing list