Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make hiredis uses default CA certs #125

Merged
merged 1 commit into from
Jun 16, 2023
Merged

Make hiredis uses default CA certs #125

merged 1 commit into from
Jun 16, 2023

Conversation

elthariel
Copy link
Contributor

Using hiredis with rediss:// url without explicitly specifying a CA file/directory fails with a quite obscure message:

Resource temporarily unavailable

After a bit of investigation I realized it was because hiredis wasn't configured with any CA, and wasn't using the default system ones.
Since the ruby implementation worked and uses the default system CA, here's a proposed fix to have a consistent behavior between hiredis and the ruby driver

byroot
byroot reviewed Jun 16, 2023
View reviewed changes
Copy link
Member

@byroot byroot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A minor thing, but otherwise LGTM.

hiredis-client/lib/redis_client/hiredis_connection.rb Outdated
Comment on lines 12 to 18
def default_ca_file
OpenSSL::X509::DEFAULT_CERT_FILE
end

def default_ca_path
OpenSSL::X509::DEFAULT_CERT_DIR
end
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
def default_ca_file
OpenSSL::X509::DEFAULT_CERT_FILE
end
def default_ca_path
OpenSSL::X509::DEFAULT_CERT_DIR
end

Let's not expose methods just to access constants.

Copy link
Contributor Author

@elthariel elthariel Jun 16, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I initially added those method to ease testing, but I don't understand anything to minitest, mocking the thing was a bit complex so I dropped the idea.

Would you rather have me use the constant directly, or make those methods private ?

(Edit: my understanding is that you prefer using the constants directly, so I updated the PR in that way)

@byroot byroot merged commit 2ca9169 into redis-rb:master Jun 16, 2023
11 checks passed
@byroot
Copy link
Member

byroot commented Jun 16, 2023

Thank you!

@elthariel
Copy link
Contributor Author

Thank you for your amazing reactivity @byroot . I wish you a great weekend in the pink city

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@byroot byroot byroot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@elthariel @byroot