Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
1.10.0
-
None
-
3
Description
We currently decide during the build configuration phase whether to link against OpenSSL or not. Whenever the developer enabled both libevent+openssl, we internally signal via USE_SSL_SOCKET.
OpenSSL already provides more to us than only code used for TLS – our JWT handling also relies on OpenSSL.
We should consider cleaning this up. We could introduce another internal configuration signal, say HAVE_SSL. When configuring, the user could enable SSL without libevent and get our JWT specific code but no TLS.
In our CMake code, we could replace https://github.com/apache/mesos/blob/558829eb24f4ad636348497075bbc0428a4794a4/cmake/CompilationConfigure.cmake#L583-L586 with
if (ENABLE_SSL) add_definitions(-DHAVE_SSL=1) if (ENABLE_LIBEVENT) add_definitions(-DUSE_SSL_SOCKET=1) endif () endif ()
When -DENABLE_SSL gets supplied, the preprocessor would see HAVE_SSL. When the user supplies -DENABLE_SSL and -DENABLE_LIBVENT, the resulting set preprocessor defines would be USE_SSL_SOCKET and HAVE_SSL.