Re: [libmicrohttpd] using other TLS libraries

[Christian Grothoff]

Hi Gauthier,

I agree with Evgeny, good job. However, there is one (modest) change I
would like to see, which is that the TLS backend(s) should be loaded via
dlopen()/dlsym()/libltdl instead of hard-linked with MHD. That way, we
could actually have one "libmicrohttpd.so" binary installed and the
application can choose which (of the available, possibly none) of the
TLS backends it wants to use. If we do not do this, we end up with the
libcurl situation where you never know what TLS backend is available,
and if you do need a specific one, you're in hell.

That said, I think your refactoring is _exactly_ the right step in that
direction and it should take very little to go from there where I would
like to see this go.

Finally, while I agree with Evgeny that we want to see microhttpd2.h as
the new API, I disagree that this needs to wait for the microhttpd2-API
to be finalized or even implemented. I think if someone adds the
dlopen() capability to this, it could be merged rather quickly. The main
issue with dlopen() is the logic needed to reliably identify the
(relocatable) path to the plugin/shared library, which is _always_ very
messy IMO. (see gnunet/src/util/{os_installation.c,plugin.c} for how
I've hacked up solutions for this in the past).


Happy hacking!

Christian

On 10/18/2017 04:01 PM, Gauthier Haderer wrote:
> Hello,
> 
> I recently made changes to abstract the TLS API needed by MHD. And I
> added support for OpenSSL. Could someone review my changes and tell me
> if this is something that could be part of an official version?
> 
> You will find more information here:
> https://gnunet.org/bugs/view.php?id=4917#c12475
> 
> Thank you,
> 
> 
> Gauthier

signature.asc
Description: OpenPGP digital signature