Asked and answered
What SSL/TLS versions are supported in MesaLink?
MesaLink only supports TLS 1.2 and 1.3.
SSLv3, TLS 1.0, and TLS 1.1 all have known security issues.
What ciphersuites are supported in MesaLink?
MeasLink supports 6 ciphersuites for TLS 1.2:
MeasLink supports 3 ciphersuites for TLS 1.3:
Is MesaLink slower/faster than OpenSSL?
MesaLink uses *ring* for crypto operations; and *ring*’s crypto primitives come from BoringSSL, a fork of OpenSSL. Therefore, MesaLink is not slower than OpenSSL.
On the contrary, MesaLink 1.0 is even slightly faster than OpenSSL 1.1.1b. The following result was obtained using brpc’s SSL unit tests on a workstation (Intel Core i7-8086K) running Ubuntu 16.04.5.
|MesaLink 1.0.0||21 MB/s||82 MB/s||307 MB/s||982 MB/s||2091 MB/s|
|OpenSSL 1.1.1b||20 MB/s||49 MB/s||229 MB/s||754 MB/s||1901 MB/s|
Why is MesaLink memory safe?
MesaLink and its dependencies are written in the Rust programming language. Rust’s rich type system and ownership model guarantee memory-safety and thread-safety; many classes of bugs can be eliminated at just compile-time!
Why is MesaLink compatible with OpenSSL, even if it is written in Rust?
MesaLink implements OpenSSL C APIs with Rust FFI. If you call an exported C FFI function from Rust, it’s no different to calling that same exported C function from a different C or C++ library. Unlike Java/Go, there is zero overhead.
What crates does MesaLink depdend on?
MesaLink depends on the following high-quality open source projects in the Rust community. Thanks for code and inspiration!
rustls: A modern TLS library in Rust, maintained by Joseph Birr-Pixton @ctz
sct.rs: Certificate transparency SCT verification library in rust, maintained by Joseph Birr-Pixton @ctz
ring: Safe, fast, small crypto using Rust, by Brian Smith @briansmith
webpki: WebPKI X.509 Certificate Validation in Rust, maintained by Brian Smith @briansmith
What license does MesaLink use?
MesaLink is distributed under the 3-clause BSD license. A copy can be obtained here.
How do I build MesaLink?
MesaLink supports two build systems: Autotools and CMake. You’ll also need a working Rust toolchain which can be obtained here.
$ ./autogen.sh --enable-examples $ make $ make install
$ mkdir build && cd build $ cmake .. $ cmake --build .
Who is maintaining the MesaLink project?
Yiming Jing at Baidu X-Lab maintains and contributes most of the code to the MesaLink project since 04/2018. You are more than welcome to participate by submitting issues/pull requests.