tls
tls copied to clipboard
tokio-rs
Allow vendoring openssl
We have certain environments where vendoring OpenSSL is the only possible solution to get somehow sane compilation for our users. native-tls has a parameter for this, and it only does something on Linux environments. Now, if our users run on AWS Lambda, which is Amazon Linux 2 and holds openssl 1.0. And the node version they have statically links against 1.1.1j, calling a rust napi module linking against openssl 1.0 from statically linked nodejs will cause tls errors due to the cipher params being different.
Would it be possible to expose this feature from tokio-native-tls so we could use this flag from crates such as mysql_async and tokio-postgres?
I have similar use cases, and I believe it's nice to have this feature. Moreover, reqwest allows the user to vendor OpenSSL when using native-tls.
Not saying I'm against this, but as a workaround, you can just depend on a (compatible) version of native-tls (or openssl directly) with the feature enabled, features are additive.
