hiredis icon indicating copy to clipboard operation
hiredis copied to clipboard

Published 20 hours ago verified publisher icon redis

Set Custom Cipher Suite

Open ayeganov opened this issue 3 years ago • 1 comments

What Does This PR Do?

In corporate environments with good InfoSec teams there exist pretty stringent rules on security. Some of those rules dictate what cipher suites are considered safe, and must be enforced. This PR allows the hiredis users to set the custom cipher suite.

In addition, I borrowed an improvement on the better SSL memory leak fix from the user Hans Zandbelt. He has a PR open for it here https://github.com/redis/hiredis/pull/939. I am including his fix because I don't expect a release any time soon, and I need those fixes in my code base.

ayeganov avatar Apr 29 '21 14:04 ayeganov

Hi, @ayeganov would you mind reworking the PR to match Hiredis' code style? I'd be happy to do it but it would add whitespace-only changes to the commit log.

@yossigo I'll go through the changes in more detail but let me know if you see any problems with this w/r/t the SSL calls.

michael-grunder avatar May 02 '21 19:05 michael-grunder

I'm going to close this PR because I think the way to handle this level of specific SSL configuration is to create your own SSL_CTX and secure the connection with redisInitiateSSL.

michael-grunder avatar Sep 07 '22 05:09 michael-grunder