piaf icon indicating copy to clipboard operation
piaf copied to clipboard
verified publisher icon anmonteiro

`ocaml-tls` support

Open copy opened this issue 1 year ago • 3 comments

Note that there's a tls-eio bridge already on opam: https://github.com/mirleft/ocaml-tls/blob/main/eio/tls_eio.mli

copy avatar Dec 23 '24 01:12 copy

what's the value proposition of ocaml-tls for you in piaf?

I wasn't planning on adding support for OCaml-TLS, but if it's not too intrusive (read, no/minimal functors) I may merge it if someone else does the work.

anmonteiro avatar Dec 23 '24 01:12 anmonteiro

what's the value proposition of ocaml-tls for you in piaf?

  1. Compiling OpenSSL is a pain. This affects me, because I want to compile statically on a platform that doesn't provide libssl.a. It may also be easier for people who want to cross-compile.
  2. Generally, avoid big C dependencies with poor security tracks
  3. Support MirageOS, which, as far as I know, only supports ocaml-tls

I wasn't planning on adding support for OCaml-TLS, but if it's not too intrusive (read, no/minimal functors) I may merge it if someone else does the work.

I will look into this. Would you be open to splitting the piaf package into piaf, piaf-ssl and piaf-tls?

copy avatar Dec 23 '24 04:12 copy

Support MirageOS, which, as far as I know, only supports ocaml-tls

I believe even after porting to ocaml-tls this won't support mirageOS right away: IIRC MirageOS currently has no EIO story, and Piaf will still depend on unix.

Would you be open to splitting the piaf package into piaf, piaf-ssl and piaf-tls?

I think I'd rather not do this, but won't say no right away. In the past I've gotten around functorization by using dune's select field (example)

The compilation / C-language footprint arguments make sense to me.

anmonteiro avatar Dec 23 '24 04:12 anmonteiro