TLS: Connections refactoring and TLS support.

* Introduce a connection abstraction layer for all socket operations and integrate it across the code base. * Provide an optional TLS connections implementation based on OpenSSL. * Pull a newer version of hiredis with TLS support. * Tests, redis-cli updates for TLS support.
author: Yossi Gottlieb <yossigo@gmail.com> 2019-09-12 10:56:54 +0300
committer: Yossi Gottlieb <yossigo@gmail.com> 2019-10-07 21:06:13 +0300
commit: b087dd1db60ed23d9e59304deb0b1599437f6e23 (patch)
tree: 0533b9d4d626af5ab4b5fdb5d4a2eb500b12c163 /utils/gen-test-certs.sh
parent: f4d37173fef8a020fe99a7b98e32a9201113cc09 (diff)
download: redis-b087dd1db60ed23d9e59304deb0b1599437f6e23.tar.gz
1 files changed, 23 insertions, 0 deletions
diff --git a/utils/gen-test-certs.sh b/utils/gen-test-certs.sh
new file mode 100755
index 000000000..a46edc55a
--- /dev/null
+++ b/utils/gen-test-certs.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+mkdir -p tests/tls
+openssl genrsa -out tests/tls/ca.key 4096
+openssl req \
+    -x509 -new -nodes -sha256 \
+    -key tests/tls/ca.key \
+    -days 3650 \
+    -subj '/O=Redis Test/CN=Certificate Authority' \
+    -out tests/tls/ca.crt
+openssl genrsa -out tests/tls/redis.key 2048
+openssl req \
+    -new -sha256 \
+    -key tests/tls/redis.key \
+    -subj '/O=Redis Test/CN=Server' | \
+    openssl x509 \
+        -req -sha256 \
+        -CA tests/tls/ca.crt \
+        -CAkey tests/tls/ca.key \
+        -CAserial tests/tls/ca.txt \
+        -CAcreateserial \
+        -days 365 \
+        -out tests/tls/redis.crt
+openssl dhparam -out tests/tls/redis.dh 2048
author	Yossi Gottlieb <yossigo@gmail.com>	2019-09-12 10:56:54 +0300
committer	Yossi Gottlieb <yossigo@gmail.com>	2019-10-07 21:06:13 +0300
commit	b087dd1db60ed23d9e59304deb0b1599437f6e23 (patch)
tree	0533b9d4d626af5ab4b5fdb5d4a2eb500b12c163 /utils/gen-test-certs.sh
parent	f4d37173fef8a020fe99a7b98e32a9201113cc09 (diff)
download	redis-b087dd1db60ed23d9e59304deb0b1599437f6e23.tar.gz