FAQ

Asked and answered

MesaLink only supports TLS 1.2 and 1.3.

SSLv3, TLS 1.0, and TLS 1.1 all have known security issues.

MeasLink supports 6 ciphersuites for TLS 1.2:

MeasLink supports 3 ciphersuites for TLS 1.3:

MesaLink uses *ring* for crypto operations; and *ring*’s crypto primitives come from BoringSSL, a fork of OpenSSL. Therefore, MesaLink is not slower than OpenSSL.

On the contrary, MesaLink 1.0 is even slightly faster than OpenSSL 1.1.1b. The following result was obtained using brpc’s SSL unit tests on a workstation (Intel Core i7-8086K) running Ubuntu 16.04.5.

Block size16B64B256B1KB4KB
MesaLink 1.0.021 MB/s82 MB/s307 MB/s982 MB/s2091 MB/s
OpenSSL 1.1.1b20 MB/s49 MB/s229 MB/s754 MB/s1901 MB/s

MesaLink and its dependencies are written in the Rust programming language. Rust’s rich type system and ownership model guarantee memory-safety and thread-safety; many classes of bugs can be eliminated at just compile-time!

MesaLink implements OpenSSL C APIs with Rust FFI. If you call an exported C FFI function from Rust, it’s no different to calling that same exported C function from a different C or C++ library. Unlike Java/Go, there is zero overhead.

MesaLink depends on the following high-quality open source projects in the Rust community. Thanks for code and inspiration!

MesaLink is distributed under the 3-clause BSD license. A copy can be obtained here.

MesaLink supports two build systems: Autotools and CMake. You’ll also need a working Rust toolchain which can be obtained here.

$ ./autogen.sh --enable-examples
$ make
$ make install
$ mkdir build && cd build
$ cmake ..
$ cmake --build .

Yiming Jing at Baidu X-Lab maintains and contributes most of the code to the MesaLink project since 04/2018. You are more than welcome to participate by submitting issues/pull requests.