mirror of
https://github.com/iv-org/invidious.git
synced 2025-07-09 21:55:47 -05:00
abaaeb7f4a
The standard Crystal `HTTP::Client` creates a new SSL context for every client/reconnection. This is not ideal because creating a new SSL context is an incredibly slow operation. The standard practice instead is to cache or use a single SSL CTX throughout the lifetime of the application. The OpenSSL context has been designed with this in mind, and even explicitly recommends it. It even works concurrently across many threads. Reusing a single SSL context significantly speeds up the process of starting and restarting clients. Which is incredibly important in the case of the Invidious connection pool where new clients are often spun up. The only caveat is that a cached SSL context may become out of sync with the system ca store. But for an Invidious instance following the best practices of frequent restarts this is an non-issue. See https://github.com/crystal-lang/crystal/issues/15419