[CDRIVER-1116] mongoc_ssl_config_t Created: 13/Feb/16  Updated: 14/Jul/16  Resolved: 14/Jul/16

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: None
Fix Version/s: 1.5.0

Type: Improvement Priority: Minor - P4
Reporter: Hannes Magnusson Assignee: Hannes Magnusson
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to CDRIVER-1115 Read X.509 only once Closed
Epic Link: TLS Improvements

 Description   

The inline ifdefs are escalating a bit quicker then I anticipated, even though there is a stream abstraction.

In an effort to avoid crazyness we should introduce mongoc_ssl_config_t that contains the current mongoc_ssl_opts_t, and essentials such as crypto engine and tls library type, and probably a callback table (mongoc_ssl_implementation_t?) for some of the functions (like which subject_extract to call).

The config could also possibly contain the cached X.509 data having read them in once, so protect us from re-reading the file (possibly removed in between!).

Original suggestion from Jesse:
I propose we create an ssl_config_t, which includes the ssl_opts_t, plus a pointer to an ssl_implementation_t that's a higher-level SSL and crypto abstraction, plus any cached values parsed from files. The pool or the client has an ssl_config_t. So, mongoc_ssl_extra_subject (config, filename) gets the config-specific implementation and calls that.



 Comments   
Comment by Hannes Magnusson [ 14/Jul/16 ]

It's actually only couple of places where we do these switch/case based ifdef checks.
I don't think its worth the API additions to weave new mongoc_ssl_config_t through everywhere

Generated at Wed Feb 07 21:11:36 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.