Merge pull request #6841 from yossigo/tls-doc-update

TLS: Update documentation.

2 files changed, 32 insertions, 31 deletions

diff --git a/README.md b/README.md
index 3442659e6..c08013416 100644
--- a/README.md
+++ b/README.md
@@ -35,6 +35,11 @@ It is as simple as:
 
     % make
 
+To build with TLS support, you'll need OpenSSL development libraries (e.g.
+libssl-dev on Debian/Ubuntu) and run:
+
+    % make BUILD_TLS=yes
+
 You can run a 32 bit Redis binary using:
 
     % make 32bit
@@ -43,6 +48,13 @@ After building Redis, it is a good idea to test it using:
 
     % make test
 
+If TLS is built, running the tests with TLS enabled (you will need `tcl-tls`
+installed):
+
+    % ./utils/gen-test-certs.sh
+    % ./runtest --tls
+
+
 Fixing build problems with dependencies or cached build options
 ---------
 
@@ -125,6 +137,12 @@ as options using the command line. Examples:
 All the options in redis.conf are also supported as options using the command
 line, with exactly the same name.
 
+Running Redis with TLS:
+------------------
+
+Please consult the [TLS.md](TLS.md) file for more information on
+how to use Redis with TLS.
+
 Playing with Redis
 ------------------
 
diff --git a/TLS.md b/TLS.md
index 76fe0be2e..e480c1e9d 100644
--- a/TLS.md
+++ b/TLS.md
@@ -1,8 +1,5 @@
-TLS Support -- Work In Progress
-===============================
-
-This is a brief note to capture current thoughts/ideas and track pending action
-items.
+TLS Support
+===========
 
 Getting Started
 ---------------
@@ -69,37 +66,23 @@ probably not be so hard. For cluster keys migration it might be more difficult,
 but there are probably other good reasons to improve that part anyway.
 
 To-Do List
-==========
-
-Additional TLS Features
------------------------
-
-1. Add metrics to INFO?
-2. Add session caching support. Check if/how it's handled by clients to assess
-   how useful/important it is.
-
-redis-benchmark
----------------
-
-The current implementation is a mix of using hiredis for parsing and basic
-networking (establishing connections), but directly manipulating sockets for
-most actions.
-
-This will need to be cleaned up for proper TLS support. The best approach is
-probably to migrate to hiredis async mode.
-
-redis-cli
----------
+----------
 
-1. Add support for TLS in --slave and --rdb modes.
+- [ ] Add session caching support. Check if/how it's handled by clients to
+  assess how useful/important it is.
+- [ ] redis-benchmark support. The current implementation is a mix of using
+  hiredis for parsing and basic networking (establishing connections), but
+  directly manipulating sockets for most actions. This will need to be cleaned
+  up for proper TLS support. The best approach is probably to migrate to hiredis
+  async mode.
+- [ ] redis-cli `--slave` and `--rdb` support.
 
-Others
-------
+Multi-port
+----------
 
 Consider the implications of allowing TLS to be configured on a separate port,
-making Redis listening on multiple ports.
+making Redis listening on multiple ports:
 
-This impacts many things, like
 1. Startup banner port notification
 2. Proctitle
 3. How slaves announce themselves