hiredis-rb Support SSL connections

Support SSL connections

Open stanhu opened this issue 2 years ago • 1 comments

To do:

Currently if SSL peer verification fails, this C extension seg faults in rb_sys_fail(0). This C extension should never seg fault.
Disable SSL peer verification if no certificates are configured. Requires https://github.com/redis/hiredis/pull/1085.
Update vendored hiredis-rb with those changes.
Update redis-rb with this change:

diff --git a/lib/redis/connection/hiredis.rb b/lib/redis/connection/hiredis.rb
index 1dbb6a3..5d23600 100644
--- a/lib/redis/connection/hiredis.rb
+++ b/lib/redis/connection/hiredis.rb
@@ -15,6 +15,8 @@ class Redis
 
         if config[:scheme] == "unix"
           connection.connect_unix(config[:path], connect_timeout)
+        elsif config[:scheme] == "rediss" || config[:ssl]
+          connection.connect_ssl(config[:host], config[:port], connect_timeout, config[:ssl_params])
         else
           connection.connect(config[:host], config[:port], connect_timeout)
         end

Aug 10 '22 16:08 stanhu

I'm going to abandon efforts on this since redis-client fixes all the issues I identified with hiredis-rb: https://github.com/redis/hiredis-rb/issues/58#issuecomment-1211033335

Aug 10 '22 18:08 stanhu

Closing because redis-rb v5.0 will have hiredis support, and this pull request would need changes for redis-rb in any case.

Aug 23 '22 05:08 stanhu

hiredis-rb hiredis-rb copied to clipboard

Support SSL connections

hiredis-rb
hiredis-rb copied to clipboard