diff options
author | Yossi Gottlieb <yossigo@gmail.com> | 2020-12-11 18:31:40 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-11 18:31:40 +0200 |
commit | 8c291b97b95f2e011977b522acf77ead23e26f55 (patch) | |
tree | 14935b675574e1f8f2cc79f90219de537c8fc0f0 /tests/support/server.tcl | |
parent | 4e064fbab4d310b508593b46ed6ce539aea7aa25 (diff) | |
download | redis-8c291b97b95f2e011977b522acf77ead23e26f55.tar.gz |
TLS: Add different client cert support. (#8076)
This adds a new `tls-client-cert-file` and `tls-client-key-file`
configuration directives which make it possible to use different
certificates for the TLS-server and TLS-client functions of Redis.
This is an optional directive. If it is not specified the `tls-cert-file`
and `tls-key-file` directives are used for TLS client functions as well.
Also, `utils/gen-test-certs.sh` now creates additional server-only and client-only certs and will skip intensive operations if target files already exist.
Diffstat (limited to 'tests/support/server.tcl')
-rw-r--r-- | tests/support/server.tcl | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/tests/support/server.tcl b/tests/support/server.tcl index e5b167a35..1cddb7068 100644 --- a/tests/support/server.tcl +++ b/tests/support/server.tcl @@ -229,6 +229,7 @@ proc start_server {options {code undefined}} { # setup defaults set baseconfig "default.conf" set overrides {} + set omit {} set tags {} set keep_persistence false @@ -241,6 +242,9 @@ proc start_server {options {code undefined}} { "overrides" { set overrides $value } + "omit" { + set omit $value + } "tags" { # If we 'tags' contain multiple tags, quoted and seperated by spaces, # we want to get rid of the quotes in order to have a proper list @@ -306,8 +310,10 @@ proc start_server {options {code undefined}} { set data [split [exec cat "tests/assets/$baseconfig"] "\n"] set config {} if {$::tls} { - dict set config "tls-cert-file" [format "%s/tests/tls/redis.crt" [pwd]] - dict set config "tls-key-file" [format "%s/tests/tls/redis.key" [pwd]] + dict set config "tls-cert-file" [format "%s/tests/tls/server.crt" [pwd]] + dict set config "tls-key-file" [format "%s/tests/tls/server.key" [pwd]] + dict set config "tls-client-cert-file" [format "%s/tests/tls/client.crt" [pwd]] + dict set config "tls-client-key-file" [format "%s/tests/tls/client.key" [pwd]] dict set config "tls-dh-params-file" [format "%s/tests/tls/redis.dh" [pwd]] dict set config "tls-ca-cert-file" [format "%s/tests/tls/ca.crt" [pwd]] dict set config "loglevel" "debug" @@ -343,6 +349,11 @@ proc start_server {options {code undefined}} { dict set config $directive $arguments } + # remove directives that are marked to be omitted + foreach directive $omit { + dict unset config $directive + } + # write new configuration to temporary file set config_file [tmpfile redis.conf] create_server_config_file $config_file $config |