g3tiles: allow to disable openssl async engine by config

2026-05-19 16:28:21 +00:00 · 2024-11-06 19:13:35 +08:00 · 2024-11-06 19:13:35 +08:00 · fecc85bc6c
commit fecc85bc6c
parent aed744e863
3 changed files with 25 additions and 1 deletions
--- a/g3tiles/doc/configuration/servers/openssl_proxy.rst
+++ b/g3tiles/doc/configuration/servers/openssl_proxy.rst
@ -77,6 +77,17 @@ Set if we should send TLS alert when no host config can be recognized.

 **default**: false

+tls_no_async_mode
+-----------------
+
+**optional**, **type**: bool
+
+Set to true to disable the use of OpenSSL async engine if `openssl-async-job` feature is enabled.
+
+**default**: false
+
+.. versionadded:: 0.3.7
+
 virtual_hosts
 -------------

--- a/g3tiles/src/config/server/openssl_proxy/mod.rs
+++ b/g3tiles/src/config/server/openssl_proxy/mod.rs
@ -56,6 +56,8 @@ pub(crate) struct OpensslProxyServerConfig {
    pub(crate) tcp_copy: LimitedCopyConfig,
    pub(crate) tcp_misc_opts: TcpMiscSockOpts,
    pub(crate) tls_ticketer: Option<TlsTicketConfig>,
+    #[cfg(feature = "openssl-async-job")]
+    pub(crate) tls_no_async_mode: bool,
    pub(crate) spawn_task_unconstrained: bool,
    pub(crate) alert_unrecognized_name: bool,
 }
@ -80,6 +82,8 @@ impl OpensslProxyServerConfig {
            tcp_copy: Default::default(),
            tcp_misc_opts: Default::default(),
            tls_ticketer: None,
+            #[cfg(feature = "openssl-async-job")]
+            tls_no_async_mode: false,
            spawn_task_unconstrained: false,
            alert_unrecognized_name: false,
        }
@ -202,6 +206,11 @@ impl OpensslProxyServerConfig {
                self.tls_ticketer = Some(ticketer);
                Ok(())
            }
+            #[cfg(feature = "openssl-async-job")]
+            "tls_no_async_mode" => {
+                self.tls_no_async_mode = g3_yaml::value::as_bool(v)?;
+                Ok(())
+            }
            "spawn_task_unconstrained" | "task_unconstrained" => {
                self.spawn_task_unconstrained = g3_yaml::value::as_bool(v)?;
                Ok(())
--- a/g3tiles/src/serve/openssl_proxy/task/accept.rs
+++ b/g3tiles/src/serve/openssl_proxy/task/accept.rs
@ -253,9 +253,13 @@ impl OpensslAcceptTask {
    #[cfg(feature = "openssl-async-job")]
    fn build_ssl(&self, ssl_ctx: &SslContext) -> Result<Ssl, ErrorStack> {
        use openssl::ssl::SslMode;
+        use tokio::runtime::{Handle, RuntimeFlavor};

        let mut ssl = Ssl::new(ssl_ctx)?;
-        if self.ctx.cc_info.worker_id().is_some() {
+        if self.ctx.server_config.tls_no_async_mode {
+            return Ok(ssl);
+        }
+        if Handle::current().runtime_flavor() == RuntimeFlavor::CurrentThread {
            ssl.set_mode(SslMode::ASYNC);
        }
        Ok(ssl)