PhotonLibOS icon indicating copy to clipboard operation
PhotonLibOS copied to clipboard

Published 20 hours ago verified publisher icon alibaba

[Discussion] Add ENABLE_TLS option

Open beef9999 opened this issue 1 year ago • 2 comments

We already have the ENABLE_SASL option which is default OFF, and we used to regard that SSL module is a MUST HAVE.

But the SSL init in net/security-context/tls-stream.cpp will register Photon mutex, and will potentially cause core dumps if the app has used other third-party libs depends on SSL.

Since we can't remove all the third-party which might still be using std::threads, we sometimes need to disable SSL in Photon.

The new ENABLE_TLS option will only affect RPC client and HTTP client, and can defaults to ON.

Another option is not to add this option, but to change RPC client API. If not passing a TLSContext*, the TLS stream will not be initialized, so the SSL global init will not be called.

beef9999 avatar Jan 16 '24 13:01 beef9999

IMO TLS is misleading. Developers may think it means thread local storage

jiangdongzi avatar Feb 03 '24 04:02 jiangdongzi

IMO TLS is misleading. Developers may think it means thread local storage

Yes, I believe so. I once had such confusion. Is there any suggestions?

lihuiba avatar Feb 04 '24 07:02 lihuiba