Use mesalink as drop-in replacement for OpenSSL

[vbrandl]

Since mesalink aims to be compatible to OpenSSL, I'd like to ask if it is already possible to use it as a drop-in replacement for the former mentioned library? So would it be possible to link e.g. a nginx web server against mesalink instead of OpenSSL?

[ymjing]

The ultimate goal of MesaLink is a drop-in replacement for OpenSSL. For now we only have basic SSL and ERR APIs. We're working on X509 and BIO recently. MesaLink depends on rustls; and it cannot do what rustls can't do. We have considered Nginx support but we still have a long way to go.

[vbrandl]

Thanks for your fast answer.
I think it would be good to clarify the current state of the project in the readme or have a tracking issue for missing and already implemented functionality. Either way I'm looking forward to some day replacing OpenSSL with MesaLink ;)

[polarathene]

Has anyone tried using MesaLink with nginx since? Not sure if it helps with the current nginx/openssl issues such as ciphersuite preference/priority with TLS 1.3 being ignored(only uses default from openssl), or rotation of Session Tickets.

Are the main noticeable benefits likely to only be in performance metrics?