-
Notifications
You must be signed in to change notification settings - Fork 139
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rationalise TLSConfiguration construction. #299
Conversation
/// contexts, you should use `forServer` instead. | ||
/// | ||
/// For customising fields, modify the returned TLSConfiguration object. | ||
public static func forClient() -> TLSConfiguration { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I'm okay with .forClient/Server
but we should consciously decide that we're not sticking to the "Begin names of factory methods with “make”, e.g. x.makeIterator()." Swift naming guideline here.
Other options could be:
(TLSConfiguration).makeClientTLSConfiguration()
(TLSConfiguration).makeClientConfiguration()
Sadly, we can't really go for init
s here because the client constructor doesn't have arguments so there's no where to stick the word "client".
/// Create a TLS configuration for use with server-side contexts. This allows setting the `NIOTLSCipher` property specifically. | ||
/// | ||
/// This provides sensible defaults while requiring that you provide any data that is necessary | ||
/// for server-side function. For client use, try `forClient` instead. | ||
@available(*, deprecated, renamed: "TLSConfiguration.forServer(certificateChain:privateKey:)") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this right (and elsewhere)? I think we want just "forServer(certificateChain:privateKey:)"
here otherwise Xcode shoves in the TLSConfiguration
as well when you apply the fix its.
7e4b112
to
5e7e80b
Compare
865fbf3
to
3ed9d64
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM assuming the CI turns green
3ed9d64
to
9fb90e5
Compare
Motivation: Currently whenever we add new config to TLSConfiguration, we add a new static factory function that needs to provide the field. This is because we currently allow configuration primarily by way of initializers. This is increasingly not scaling, leading to a proliferation of almost identical static factory functions. We can replace this proliferation by having only "default" constructions that default basically everything, and then having users use getters/setters to initialize things. This also works well when we have multiple ways of interacting with config, e.g. with the various cipher suite operations. Modifications: - Deprecate all existing factory functions. - Replace with two: forClient() and forServer(certificateChain:privateKey:). These configure only the mandatory things for each mode. - Replace all uses of the deprecated initializers with the new ones, configuring fields manually as needed. Result: More consistent configuration objects.
9fb90e5
to
53d0e28
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is a very sensible change!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, this looks great to me!
@swift-nio-bot test this please |
Co-authored-by: Fabian Fett <fabianfett@apple.com>
@swift-nio-bot test this please |
Since you use `.makeClientConfiguration()` and it has been introduce in PR apple/swift-nio-ssl#299 please update your base requirement of `swift-nio-ssl`. Please consider release a point update. Thanks
Motivation:
Currently whenever we add new config to TLSConfiguration, we add a new
static factory function that needs to provide the field. This is because
we currently allow configuration primarily by way of initializers. This
is increasingly not scaling, leading to a proliferation of almost
identical static factory functions.
We can replace this proliferation by having only "default" constructions
that default basically everything, and then having users use
getters/setters to initialize things. This also works well when we have
multiple ways of interacting with config, e.g. with the various cipher
suite operations.
Modifications:
forServer(certificateChain:privateKey:). These configure only the
mandatory things for each mode.
configuring fields manually as needed.
Result:
More consistent configuration objects.