-
Notifications
You must be signed in to change notification settings - Fork 191
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Global connection context #227
base: master
Are you sure you want to change the base?
Conversation
yes, this is supposed to be much faster, as the system store would be loaded only once, and shared by all subsequent TLS connections. I haven't checked that it works under a unsafePerformIO context, but I don't see any reason why not. One thing that I'm worried about with this, is whether or not there's going to be any lazy IO pending until the certificate store is used. |
As I've written the code, there definitely will be laziness. The question is whether this is a good thing or not. Options:
|
I think it would make sense that the whole of the certificate store is strictly loaded once, only after it's been really needed (so lazy from the outside point of view, but strict inside); I think that's the best outcome, as it still allow fast HTTP without needing the cert store. But I haven't checked that the certificate store loading does the right thing here. |
@@ -122,7 +134,9 @@ convertConnection conn = makeConnection | |||
|
|||
-- | Evil global manager, to make life easier for the common use case | |||
globalManager :: IORef Manager | |||
globalManager = unsafePerformIO (newManager tlsManagerSettings >>= newIORef) | |||
globalManager = unsafePerformIO $ do | |||
man <- newManager $ mkManagerSettingsContext (Just globalContext) def Nothing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IIUC this hunk is just expanding >>=
to do-notation (fine) and inlining/copy-pasting tlsManagerSettings
—why the inlining? If there's a tricky good reason, a comment would be useful, lest somebody tries removing the duplication.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is a tricky reason: my lack of clarity. I'm not sure if all of the changes I applied here should go through. I was originally planning on just modifying globalManager
and not implementing the globalContext
, and then I took it a step further and defaulted to everyone sharing a globalContext
. Once we're sure that we can use globalContext
, I'd revert this hunk. Otherwise, I'd get rid of globalContext
and inline the init call to here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah yes I was wondering. I compulsively use separate commits for such separate steps (so the choice reduces to cherry-picking), but I totally realize that's usually overkill 😅
@vincenthz Just to confirm, I should hold off on merging this PR (or any version of it) until you've had a chance to check that, right? |
436ac32
to
1848e64
Compare
1848e64
to
e96f049
Compare
From an API standpoint it would be more general to have:
|
Pinging @sjakobi and @vincenthz. This is intended to speed up manager creation (#214). However, I'm not sure how safe it is to have a global connection context like this. @vincenthz can you weigh in on this approach? Once I get an idea of the semantics of this, I'll clean up this commit and ask for a second review.