Hi everyone, I'm working on FLINK-38320 [1] to upgrade Pekko, for which I'm also upgrading Netty to a newer version (4.2.4.Final), and this version of Netty is compiled against a recent enough version of BoringSSL that's updated to Apache 2.0 license [2]. As far as I know, the only reason Flink could not distribute flink-shaded-netty-tcnative-static is that BoringSSL had a BSD-style license with an advertising clause. Even though Netty packages still contain the old license of BoringSSL, one of the maintainers has confirmed that the version they depend on actually has Apache 2.0 license [3].
I guess there's no obstacle anymore to build and distribute flink-shaded-netty-tcnative-static, which will make users' life easier already, but I want to hear the community's point of view on also including it in Flink distribution itself so users don't have to do that manually. All users would have to do is set `security.ssl.provider=OPENSSL` to get significant performance improvements compared to the default JDK setting. Earlier discussions about this were quickly shut down due to the licensing issues [4], but I think it's worth it to consider it again now. This change might cause some additional work needed for users that want to use dynamically linked version of netty-tcnative as they would probably need to get rid of the included flink-shaded-netty-tcnative-static library from the distribution to to fix possible conflicts and ambiguity between the two libraries. Best regards, Mate [1] https://issues.apache.org/jira/browse/FLINK-38320 [2] https://github.com/google/boringssl/blob/cccf8525db8a57153d3cb3e22efed2db4b71a8ab/LICENSE [3] https://github.com/netty/netty/issues/15653 [4] https://issues.apache.org/jira/browse/LEGAL-393
