summaryrefslogtreecommitdiff
path: root/ssl.c
AgeCommit message (Collapse)Author
2022-08-15Make it possible to set SSL verify modeStan Hu
If no SSL certificates are provided, many Redis clients default to disabling SSL peer verification. Previously it was a bit cumbersome to configure this because the client would either have to reimplement `redisCreateSSLContext()` or reach into the internals to set the OpenSSL verify mode. We can improve the SSL API by introducing a `redisCreateSSLContextWithOptions()` call that takes into structured parameters for SSL initialization. This structure contains a verify mode that is used to set the OpenSSL verify mode. Relates to https://github.com/redis/hiredis/issues/646
2021-04-11improve SSL leak fix redis/hiredis#896Hans Zandbelt
Free SSL object when redisSSLConnect fails but avoid doing that for callers of redisInitiateSSL who are supposed to manager their own SSL object. Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>
2020-11-10Free SSL object when redisSSLConnect failsAleksandr Yeganov
2020-10-18Formattingmichael-grunder
2020-09-08Add support for system CA certificate store on WindowsAlessio M
2020-07-29Move SSL management to a distinct private pointer. (#855)Michael Grunder
We need to allow our users to use redisContext->privdata as context for any RESP3 PUSH messages, which means we can't use it for managing SSL connections. Bulletpoints: * Create a secondary redisContext member for internal use only called privctx and rename the redisContextFuncs->free_privdata accordingly. * Adds a `free_privdata` function pointer so the user can tie allocated memory to the lifetime of a redisContext (like they can already do with redisAsyncContext) * Enables SSL tests in .travis.yml
2020-07-08Use _WIN32 define instead of WIN32 (#845)Michael Grunder
It appears that _WIN32 is always defined by MSVC whereas WIN32 may not be, depending on configuration.
2020-06-07sdsrange overflow fix (#830)Michael Grunder
Fix overflow bug in `sdsrange`
2020-05-30Tiny OOM fixmichael-grunder
2020-05-24New SSL API to replace redisSecureConnection().Yossi Gottlieb
2020-05-22Allow users to replace allocator and handle OOM everywhere. (#800)Michael Grunder
* Adds an indirection to every allocation/deallocation to allow users to plug in ones of their choosing (use custom functions, jemalloc, etc). * Gracefully handle OOM everywhere in hiredis. This should make it possible for users of the library to have more flexibility in how they handle such situations. * Changes `redisReaderTask->elements` from an `int` to a `long long` to prevent a possible overflow when transferring the task elements into a `redisReply`. * Adds a configurable `max elements` member to `redisReader` that defaults to 2^32 - 1. This can be set to "unlimited" by setting the value to zero.
2020-04-09Added CMake package config and fixed hiredis_ssl on Windows (#783)Michael Grunder
* Add CMake package configuration so hiredis can be more easily included in other projects. * Fixes hiredis_ssl such that it compiles and works in windows Co-authored-by: nrivera <nrivera@blizzard.com> Co-authored-by: Nick <heronr1@gmail.com>
2020-01-28Safe allocation wrappers (#754)Michael Grunder
Create allocation wrappers with a configurable OOM handler (defaults to abort()). See #752, #747
2019-11-25Fix dead code in sslLogCallback relating to should_log variable.Nathan Scott
Coverity scans found that the should_log logic in sslLogCallback is not working as expected because the variable is not correctly initialised (the conditional code before logging always sets the value to 1, which it already is).
2019-09-16Make SSL timeout error compatible with rest.Yossi Gottlieb
2019-09-01Separate hiredis and hiredis_ssl library build.Yossi Gottlieb
2019-08-29Rename sslio.Yossi Gottlieb