Skip to content

Reuse the TLS connector across connection attempts#4242

Open
goffrie wants to merge 2 commits intolaunchbadge:mainfrom
get-convex:tls-cache
Open

Reuse the TLS connector across connection attempts#4242
goffrie wants to merge 2 commits intolaunchbadge:mainfrom
get-convex:tls-cache

Conversation

@goffrie
Copy link
Copy Markdown

@goffrie goffrie commented Apr 21, 2026

Creating a TLS connector (native_tls::TlsConnector or rustls::ClientConfig) is often expensive, primarily because it needs to load and parse the trusted roots. However, TLS settings are rarely changed during a pool's lifecycle, so the cost can be amortized by reusing the connector.

This PR:

  • refactors the TLS code in sqlx-core to split up the creation of a TLS connector from the actual handshake;
  • caches the TLS connector in MySqlConnectOptions/PgConnectOptions. It's stored in an Arc<OnceLock> so that clones of the same ConnectOptions will share TLS connectors. The cache is cleared if any relevant settings are changed.

To avoid behaviour changes we still create the connector at the moment that it's first needed, and only cache it if the connector was successfully created.

Does your PR solve an issue?

no

Is this a breaking change?

No; it is only a breaking change in sqlx-core which is not subject to semver

@goffrie goffrie force-pushed the tls-cache branch 2 times, most recently from 0a96412 to 9db9a93 Compare April 21, 2026 22:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@goffrie