stefanofiorentino
commented
3 years ago I guess you are talking about a specific ssl frontend, don't you?
Closed bsergean closed 3 years ago
stefanofiorentino
commented
3 years ago I guess you are talking about a specific ssl frontend, don't you?
bsergean
commented
3 years ago That's right there are many ... OpenSSL is the obvious one but there's mbedtls too which is a fine library I've worked with. I used DarwinSSL too (as can be seen in curl), but that one is deprecated now and throw out warnings.
Those other libraries I pointed out use OpenSSL. The one thing annoying with OpenSSL is that it doesn't have proper CMake support yet in the base library (BoringSSL has it though).
On Nov 7, 2020, at 2:35 AM, Stefano Fiorentino notifications@github.com wrote:
I guess you are talking about a specific ssl frontend, don't you?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/skypjack/uvw/issues/229#issuecomment-723428921, or unsubscribe https://github.com/notifications/unsubscribe-auth/AC2O6UO5DAOCSN3T55N4J23SOUPGLANCNFSM4TNCXQYQ.
stefanofiorentino
commented
3 years ago @bsergean, as far as I know, uvw will stick with libuv implemented behaviors/capabilities.
I've worked with a (no concurrent) solution, based my experiments on this @darrenjs example.
Hope this helps you.
bsergean
commented
3 years ago Thanks for the pointers Stephano. I have written some SSL code myself and it is quite tedious to get things right, which is why I wonder what could be done to hide some of that complexity behind a nice C++ api.
Here is the code I refer too, with 'backends' implementation for OpenSSL, MbedTLS and AppleSSL (which does not really have a name, the best is SecureTransport which is a C api which is deprecated and throw warnings on recent macOS versions).
https://github.com/machinezone/IXWebSocket/blob/master/ixwebsocket/IXSocketAppleSSL.h
For OpenSSL I am not using the BIO interface, this is what the wrapper code looks like. It is not using the concurrent libuv based, the concurrency is thread based in that library. Here is what the code looks like ->
https://github.com/machinezone/IXWebSocket/blob/master/ixwebsocket/IXSocketOpenSSL.cpp
On Nov 10, 2020, at 7:20 AM, Stefano Fiorentino notifications@github.com wrote:
@bsergean https://github.com/bsergean, as far as I know, uvw will stick with libuv implemented behaviors/capabilities. I've worked with a (no concurrent) solution, based my experiments on this https://github.com/darrenjs/openssl_examples/blob/master/ssl_server_nonblock.c @darrenjs https://github.com/darrenjs example. Hope this helps you.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/skypjack/uvw/issues/229#issuecomment-724770783, or unsubscribe https://github.com/notifications/unsubscribe-auth/AC2O6UKI2UF6XPWMWEMZTTLSPFK5BANCNFSM4TNCXQYQ.
skypjack
commented
3 years ago I think we can safely close this issue.
uvw sticks with what is offered by libuv and SSL isn't part of its API.
So, as far as I can tell, this is something to implement on top of uvw as you would implement it on top of libuv.
Unfortunately I've not enough bandwidth to implement and maintain a support layer for SSL in my free time. I'm sorry.
bsergean
commented
3 years ago That makes sense. Thanks for providing your thoughts !
On Feb 3, 2021, at 11:38 PM, Michele Caini notifications@github.com wrote:
I think we can safely close this issue. uvw sticks with what is offered by libuv and SSL isn't part of its API. So, as far as I can tell, this is something to implement on top of uvw as you would implement it on top of libuv. Unfortunately I've not enough bandwidth to implement and maintain a support layer for SSL in my free time. I'm sorry.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/skypjack/uvw/issues/229#issuecomment-773100416, or unsubscribe https://github.com/notifications/unsubscribe-auth/AC2O6UMQZC5MPD5UX5OSFHLS5JFGHANCNFSM4TNCXQYQ.
Hi there,
Supporting SSL/TLS is pretty essential in my opinion for network code. libuv does not seem to have a strong answer, but the most official thing it seems is the combination of those 2 projects done by a core libuv developer. So maybe they could be wrapped in C++ ? None of those projects are very active which is sad.
uv_link_t is also used in this library it seems / https://github.com/aldanor/uv-ssl-client/blob/master/src/client.cpp
In my mind what would be ideal is to have a new object like a uvw::tcp client which is ssl compatible, with the same easy to use apis as the other ones in uvw.
Thoughts ?