This is an evented proxy around OpenSSL's async interface. It has a totally reasonably ring buffer library it uses to buffer the data it's proxying, and virtually no other logic. It's so simple it doesn't really even present many obvious opportunities for security bugs.
My only complaint is that Jamie didn't tap us to look at it too. I feel slighted!
Apart from that, this is great stuff. I have clients that can use it immediately. Thanks!
you're welcome! I did want to make this simple and bulletproof, avoiding dangerous or clever things on the critical path. Particularly wrt the upstream socket. I'm happy you approve.
And we definitely have your number in the Rolodex for some crazy things we might try soon when we need some sanity checks that we haven't gotten in over our heads.
My only complaint is that Jamie didn't tap us to look at it too. I feel slighted!
Apart from that, this is great stuff. I have clients that can use it immediately. Thanks!