bakaid commented on a change in pull request #610: MINIFICPP-814 - Fixed
ListenHTTP and HTTPClient bugs, created tests f…
URL: https://github.com/apache/nifi-minifi-cpp/pull/610#discussion_r305249395
##########
File path: bootstrap.sh
##########
@@ -468,13 +468,6 @@ build_cmake_command(){
add_os_flags
- curl -V | grep OpenSSL &> /dev/null
Review comment:
If we build both libcurl and libressl ourselves, then the risks I outlined
would be mitigated, because we can be sure of the SSL backend libcurl uses and
we can be sure that we use the exact same SSL library curl does, so we will be
able to use configure_ssl_context.
However, by doing this we can not avoid changes entirely.
This current method of determining whether we should use
configure_ssl_context (USE_CURL_NSS) would still have to be changed - if we
limit ourselves to a statically linked libressl and libcurl, then the answer is
we should always use that and we don't really need the curl setopt way of doing
it.
If the main risk of change we want to avoid is switching to the curl setopt
method of configuring SSL where formerly a configure_ssl_context has been used,
then yes, doing this would mitigate that risk of change as well.
While I think this would be a good solution for now, in the long term I
would actually like us to use the curl setopt method - it is more versatile and
does not limit us to this configuration. But I do understand that to mitigate
the risk of doing that we would have to do extensive testing.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
