Adding a second TLS implementation
mdounin at mdounin.ru
Thu Feb 11 13:28:31 UTC 2021
On Wed, Feb 10, 2021 at 08:07:46PM -0800, Kevin Burke wrote:
> > We are, however, open for patches to improve portability of the
> > SSL code, such as providing ngx_ssl_*() wrapper functions in (very
> > few, actually) places where SSL library interfaces are used
> > directly rather than via appropriate ngx_ssl_*() wrappers.
> If implemented, would the additional wrapper functions make it possible to
> compile in a memory safe TLS integration as a third party module?
Unlikely. SSL implementation is integrated into nginx core and
cannot be replaced as a module. It is, however, will make it
possible to provide alternative SSL implementations with minimal
patching, simply by providing alternatives to ngx_even_openssl.[ch].
More information about the nginx-devel