 |
RedisX v1.0
A simple, light-weight Redis database client
|
|
RedisX v1.0
A simple, light-weight Redis database client
|
Functions | |
| int | redisxSetDHCipherParams (Redis *redis, const char *dh_params_file) |
| int | redisxSetMutualTLS (Redis *redis, const char *cert_file, const char *key_file) |
| int | redisxSetTLS (Redis *redis, const char *ca_path, const char *ca_file) |
| int | redisxSetTLSCiphers (Redis *redis, const char *cipher_list) |
| int | redisxSetTLSCipherSuites (Redis *redis, const char *list) |
| int | redisxSetTLSServerName (Redis *redis, const char *host) |
| int | redisxSetTLSVerify (Redis *redis, boolean value) |
| int redisxSetDHCipherParams | ( | Redis * | redis, |
| const char * | dh_params_file | ||
| ) |
Sets parameters for DH-based cyphers when using a TLS encrypted connection to Redis.
| redis | A Redis instance. |
| dh_params_file | Path to the DH-based cypher parameters file (in PEM format; we don't support the old DER format), or NULL for no params. |
References x_error(), X_FAILURE, X_SUCCESS, and xStringCopyOf().
| int redisxSetMutualTLS | ( | Redis * | redis, |
| const char * | cert_file, | ||
| const char * | key_file | ||
| ) |
Set a TLS certificate and private key for mutual TLS. You will still need to call redisxSetTLS() also to create a complete TLS configuration. Redis normally uses mutual TLS, which requires both the client and the server to authenticate themselves. For this you need the server's TLS certificate and private key also. It is possible to configure Redis servers to verify one way only with a CA certificate, in which case you don't need to call this to configure the client.
To disable mutual TLS, set both file name arguments to NULL.
| redis | A Redis instance. |
| cert_file | Path to the server's certificate file. |
| key_file | Path to the server'sprivate key file. |
References x_error(), X_FAILURE, X_NULL, X_SUCCESS, and xStringCopyOf().
| int redisxSetTLS | ( | Redis * | redis, |
| const char * | ca_path, | ||
| const char * | ca_file | ||
| ) |
Configures a TLS-encrypted connection to Redis with the specified CA certificate file. Normally you will want to set up mutual TLS with redisxSetMutualTLS() also, unless the server is not requiring mutual authentication. Additionally, you might also want to set parameters for DH-based cyphers if needed using redisxSetDHCypherParams().
| redis | A Redis instance. |
| ca_path | Directory containing CA certificates. It may be NULL to use the default locations. |
| ca_file | CA certificate file relative to specified directory. It may be NULL to use default certificate. |
References TRUE, x_error(), X_FAILURE, X_SUCCESS, and xStringCopyOf().
| int redisxSetTLSCiphers | ( | Redis * | redis, |
| const char * | cipher_list | ||
| ) |
Sets the TLS ciphers to try (TLSv1.2 and earlier).
| redis | A Redis instance. |
| cipher_list | a colon (:) separated list of ciphers, or NULL for default ciphers. |
References x_error(), X_FAILURE, X_SUCCESS, and xStringCopyOf().
| int redisxSetTLSCipherSuites | ( | Redis * | redis, |
| const char * | list | ||
| ) |
Sets the TLS ciphers suites to try (TLSv1.3 and later).
| redis | A Redis instance. |
| list | a colon (:) separated list of cipher suites, or NULL for default cipher suites. |
References x_error(), X_FAILURE, X_SUCCESS, and xStringCopyOf().
| int redisxSetTLSServerName | ( | Redis * | redis, |
| const char * | host | ||
| ) |
Sets the Server name for TLS Server Name Indication (SNI), an optional extra later of security.
| redis | A Redis instance. |
| host | server name to use for SNI. |
References x_error(), X_FAILURE, X_SUCCESS, and xStringCopyOf().
Sets whether to verify the the certificate. Certificates are verified by default.
| redis | A Redis instance. |
| value | TRUE (non-zero) to verify certificates, or else FALSE (0) |
1.9.8