We currently decide during the build configuration phase whether to link against OpenSSL or not. Whenever the developer enabled both libevent+openssl, we internally signal via USE_SSL_SOCKET.
OpenSSL already provides more to us than only code used for TLS – our JWT handling also relies on OpenSSL.
We should consider cleaning this up. We could introduce another internal configuration signal, say HAVE_SSL. When configuring, the user could enable SSL without libevent and get our JWT specific code but no TLS.
In our CMake code, we could replace https://github.com/apache/mesos/blob/558829eb24f4ad636348497075bbc0428a4794a4/cmake/CompilationConfigure.cmake#L583-L586 with
When -DENABLE_SSL gets supplied, the preprocessor would see HAVE_SSL. When the user supplies -DENABLE_SSL and -DENABLE_LIBVENT, the resulting set preprocessor defines would be USE_SSL_SOCKET and HAVE_SSL.