Draft: TLS Support
Motivation
Currently this package provides no easy way of adding TLS support to a Redis connection. In certain environments such as Azure a Redis server is often times only exposed using TLS first and an unencrypted connection second. It can be done by providing a custom TCP client to RediStack, but given that this also requires the user to correctly take care of adding all the handlers they need I figured this made the API unnecessarily more complex for a simple use case.
Modifications
- Add TLSConfiguration support to the configuration structs of RedisConnection and RedisConnectionPool
- Add TLSConfiguration and SSLContext creation in makeTCPClient when applicable
- Hostname resolution was already present in the project, I re-used that to validate when a consumer of this API is attempting to create a TLS version of a connection that it hard fails on a hostname not being present.
Result
A non API-breaking change where a TLSConfiguration can now be passed to RediStack to enable TLS
Checklist
-
Copyright headers in new files (see CONTRIBUTING.md) -
Unit tests added -
API Documentation comments
I have not as of yet added any unit tests, as this would require a special Redis setup with an exposed TLS port to be available for the test runners. These changes were co-developed with vapor-redis in order to validate its usage. I'm waiting on comments / feedback on how to proceed on this particular issue.