diff options
author | zhenwei pi <pizhenwei@bytedance.com> | 2022-06-14 19:17:28 +0800 |
---|---|---|
committer | zhenwei pi <pizhenwei@bytedance.com> | 2022-08-22 15:11:25 +0800 |
commit | c4c02f80365e5f7a82efa6a4d4f247503f54a5d8 (patch) | |
tree | 66ad91caccc6597d54adae41551a1dce3907a5ce /src/sentinel.c | |
parent | 709b55b09dee2d22ae306d00b2c9ead1d382c044 (diff) | |
download | redis-c4c02f80365e5f7a82efa6a4d4f247503f54a5d8.tar.gz |
Introduce TLS specified APIs
Introduce .get_peer_cert, .get_ctx and .get_client_ctx for TLS, also
hide redis_tls_ctx & redis_tls_client_ctx.
Then outside could access the variables by connection API only:
- redis_tls_ctx -> connTypeGetCtx(CONN_TYPE_TLS)
- redis_tls_client_ctx -> connTypeGetClientCtx(CONN_TYPE_TLS)
Also remove connTLSGetPeerCert(), use connGetPeerCert() instead.
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Diffstat (limited to 'src/sentinel.c')
-rw-r--r-- | src/sentinel.c | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/src/sentinel.c b/src/sentinel.c index b1c180d41..f0e3e8609 100644 --- a/src/sentinel.c +++ b/src/sentinel.c @@ -44,11 +44,6 @@ extern char **environ; -#ifdef USE_OPENSSL -extern SSL_CTX *redis_tls_ctx; -extern SSL_CTX *redis_tls_client_ctx; -#endif - #define REDIS_SENTINEL_PORT 26379 /* ======================== Sentinel global state =========================== */ @@ -2381,6 +2376,9 @@ static int instanceLinkNegotiateTLS(redisAsyncContext *context) { #ifndef USE_OPENSSL (void) context; #else + SSL_CTX *redis_tls_ctx = connTypeGetCtx(CONN_TYPE_TLS); + SSL_CTX *redis_tls_client_ctx = connTypeGetClientCtx(CONN_TYPE_TLS); + if (!redis_tls_ctx) return C_ERR; SSL *ssl = SSL_new(redis_tls_client_ctx ? redis_tls_client_ctx : redis_tls_ctx); if (!ssl) return C_ERR; |