diff options
| author | Viktor Söderqvist <viktor.soderqvist@est.tech> | 2021-03-30 22:11:32 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-03-30 23:11:32 +0300 |
| commit | 5629dbe7155f2534cd44404743003dc37c444b2a (patch) | |
| tree | 732a71d84f855dfdbe2482047fa3e1f0922edd9a /tests/instances.tcl | |
| parent | 8cbd858d450db5399f4b8b907c0374ce8ea152d6 (diff) | |
| download | redis-5629dbe7155f2534cd44404743003dc37c444b2a.tar.gz | |
Add support for plaintext clients in TLS cluster (#8587)
The cluster bus is established over TLS or non-TLS depending on the configuration tls-cluster. The client ports distributed in the cluster and sent to clients are assumed to be TLS or non-TLS also depending on tls-cluster.
The cluster bus is now extended to also contain the non-TLS port of clients in a TLS cluster, when available. The non-TLS port of a cluster node, when available, is sent to clients connected without TLS in responses to CLUSTER SLOTS, CLUSTER NODES, CLUSTER SLAVES and MOVED and ASK redirects, instead of the TLS port.
The user was able to override the client port by defining cluster-announce-port. Now cluster-announce-tls-port is added, so the user can define an alternative announce port for both TLS and non-TLS clients.
Fixes #8134
Diffstat (limited to 'tests/instances.tcl')
| -rw-r--r-- | tests/instances.tcl | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/tests/instances.tcl b/tests/instances.tcl index 255d9740f..ad605c316 100644 --- a/tests/instances.tcl +++ b/tests/instances.tcl @@ -64,6 +64,8 @@ proc exec_instance {type dirname cfgfile} { proc spawn_instance {type base_port count {conf {}} {base_conf_file ""}} { for {set j 0} {$j < $count} {incr j} { set port [find_available_port $base_port $::redis_port_count] + # plaintext port (only used for TLS cluster) + set pport 0 # Create a directory for this instance. set dirname "${type}_${j}" lappend ::dirs $dirname @@ -83,7 +85,9 @@ proc spawn_instance {type base_port count {conf {}} {base_conf_file ""}} { puts $cfg "tls-port $port" puts $cfg "tls-replication yes" puts $cfg "tls-cluster yes" - puts $cfg "port 0" + # plaintext port, only used by plaintext clients in a TLS cluster + set pport [find_available_port $base_port $::redis_port_count] + puts $cfg "port $pport" puts $cfg [format "tls-cert-file %s/../../tls/server.crt" [pwd]] puts $cfg [format "tls-key-file %s/../../tls/server.key" [pwd]] puts $cfg [format "tls-client-cert-file %s/../../tls/client.crt" [pwd]] @@ -118,6 +122,8 @@ proc spawn_instance {type base_port count {conf {}} {base_conf_file ""}} { set cfg [open $cfgfile a+] if {$::tls} { puts $cfg "tls-port $port" + set pport [find_available_port $base_port $::redis_port_count] + puts $cfg "port $pport" } else { puts $cfg "port $port" } @@ -143,6 +149,7 @@ proc spawn_instance {type base_port count {conf {}} {base_conf_file ""}} { pid $pid \ host $::host \ port $port \ + plaintext-port $pport \ link $link \ ] } |