-
Notifications
You must be signed in to change notification settings - Fork 675
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
BoringSSL support #814
BoringSSL support #814
Conversation
Not sure about this PR specifically, but answering some of the questions
If you know where BoringSSL is installed, you can specify
BoringSSL doesn't seem have specified releases. As a result |
I'll add some clarity to the issues my PR doesn't address:
|
These changes address the concerns listed above. |
@alanxz Any idea why the 'tsan' test is failing? I cannot make a connection between these changes and that failure. |
I think something to do with the github actions runner has changed (unrelated to this pull), doing a re-run on the individual job seems to make it work. |
As a note for this PR: BoringSSL doesn't promise API stability (see: https://github.com/google/boringssl/blob/master/README.md), so while I will accept this, I won't promise stability going forward. |
BoringSSL support
This is a PR to compile/link RabbitMQ against either BoringSSL or OpenSSL.
Why BoringSSL?
Consider an Android static library that depends on both
librabbitmq
andlibcurl
.OpenSSL isn't the best option because it doesn't naturally support the certificates on an Android device. Forcing it to work involves either including certificates with
mylib.a
or modifying the user's file system.libcurl
expects to link against BoringSSL for Android, but RabbitMQ only compiles/links against OpenSSL. BoringSSL is a fork from OpenSSL somylib.a
cannot compile/link against both without getting collisions.I have verified that BoringSSL works out-of-the-box on Android without any hacking for
libcurl
, and that this PR allowslibrabbitmq
to work with BoringSSL in my limited tests. Backward compatibility with OpenSSL has been maintained.