diff --git a/.github/workflows/test-redis.yml b/.github/workflows/test-redis.yml index 9f065d20..f4918852 100644 --- a/.github/workflows/test-redis.yml +++ b/.github/workflows/test-redis.yml @@ -5,11 +5,6 @@ name: Redis jobs: Tests: runs-on: ubuntu-latest - services: - redis: - image: 'redis:latest' - ports: - - '6379:6379' strategy: matrix: go-version: @@ -21,11 +16,28 @@ jobs: - ubuntu-latest - windows-latest steps: - - name: Install Go - uses: actions/setup-go@v1 - with: - go-version: '${{ matrix.go-version }}' - - name: Fetch Repository - uses: actions/checkout@v2 - - name: Run Test - run: cd ./redis && go test ./... -v -race + - name: Fetch Repository + uses: actions/checkout@v2 + + - name: Setup Redis + uses: shogo82148/actions-setup-redis@v1 + with: + redis-version: 'latest' + auto-start: 'false' + redis-port: '6379' + redis-tls-port: '6380' + + - name: Run Redis + run: | + redis-server --tls-port 6380 --port 6379 \ + --tls-cert-file ./redis/tests/tls/redis.crt \ + --tls-key-file ./redis/tests/tls/redis.key \ + --tls-ca-cert-file ./redis/tests/tls/ca.crt& + + - name: Install Go + uses: actions/setup-go@v1 + with: + go-version: '${{ matrix.go-version }}' + + - name: Run Test + run: cd ./redis && go test ./... -v -race diff --git a/redis/README.md b/redis/README.md index 47183adc..4bedeca8 100644 --- a/redis/README.md +++ b/redis/README.md @@ -41,13 +41,15 @@ store := redis.New() // Initialize custom config store := redis.New(redis.Config{ - Host: "127.0.0.1", - Port: 6379, - Username: "", - Password: "", - Database: 0, - Reset: false, -}) + Host: "127.0.0.1", + Port: 6379, + Username: "", + Password: "", + URL: "", + Database: 0, + Reset: false, + TLSConfig: nil, +} // or just the url with all information store = redis.New(redis.Config{ @@ -94,6 +96,11 @@ type Config struct { // // Optional. Default is false Reset bool + + // TLS Config to use. When set TLS will be negotiated. + // + // Optional. Default is nil + TLSConfig *tls.Config } ``` @@ -101,11 +108,13 @@ type Config struct { ### Default Config ```go var ConfigDefault = Config{ - Host: "127.0.0.1", - Port: 6379, - Username: "", - Password: "", - Database: 0, - Reset: false, + Host: "127.0.0.1", + Port: 6379, + Username: "", + Password: "", + URL: "", + Database: 0, + Reset: false, + TLSConfig: nil, } ``` diff --git a/redis/config.go b/redis/config.go index 3f0d9a83..4734e22b 100644 --- a/redis/config.go +++ b/redis/config.go @@ -1,5 +1,7 @@ package redis +import "crypto/tls" + // Config defines the config for storage. type Config struct { // Host name where the DB is hosted @@ -38,6 +40,9 @@ type Config struct { // Optional. Default is false Reset bool + // TLS Config to use. When set TLS will be negotiated. + TLSConfig *tls.Config + //////////////////////////////////// // Adaptor related config options // //////////////////////////////////// @@ -47,13 +52,14 @@ type Config struct { // ConfigDefault is the default config var ConfigDefault = Config{ - Host: "127.0.0.1", - Port: 6379, - Username: "", - Password: "", - URL: "", - Database: 0, - Reset: false, + Host: "127.0.0.1", + Port: 6379, + Username: "", + Password: "", + URL: "", + Database: 0, + Reset: false, + TLSConfig: nil, } // Helper function to set default values diff --git a/redis/redis.go b/redis/redis.go index d703cf06..599fd3b2 100644 --- a/redis/redis.go +++ b/redis/redis.go @@ -25,15 +25,17 @@ func New(config ...Config) *Storage { if cfg.URL != "" { options, err = redis.ParseURL(cfg.URL) + options.TLSConfig = cfg.TLSConfig if err != nil { panic(err) } } else { options = &redis.Options{ - Addr: fmt.Sprintf("%s:%d", cfg.Host, cfg.Port), - DB: cfg.Database, - Username: cfg.Username, - Password: cfg.Password, + Addr: fmt.Sprintf("%s:%d", cfg.Host, cfg.Port), + DB: cfg.Database, + Username: cfg.Username, + Password: cfg.Password, + TLSConfig: cfg.TLSConfig, } } diff --git a/redis/redis_test.go b/redis/redis_test.go index 8e09d1a6..ada0f8e6 100644 --- a/redis/redis_test.go +++ b/redis/redis_test.go @@ -1,6 +1,8 @@ package redis import ( + "crypto/tls" + "log" "testing" "time" @@ -142,3 +144,46 @@ func Test_Redis_Initalize_WithURL(t *testing.T) { utils.AssertEqual(t, nil, testStoreUrl.Close()) } + +func Test_Redis_Initalize_WithURL_TLS(t *testing.T) { + cer, err := tls.LoadX509KeyPair("./tests/tls/client.crt", "./tests/tls/client.key") + if err != nil { + log.Println(err) + return + } + tlsCfg := &tls.Config{ + MinVersion: tls.VersionTLS12, + CurvePreferences: []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256}, + PreferServerCipherSuites: true, + InsecureSkipVerify: true, + Certificates: []tls.Certificate{cer}, + CipherSuites: []uint16{ + tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, + tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, + tls.TLS_RSA_WITH_AES_256_GCM_SHA384, + tls.TLS_RSA_WITH_AES_256_CBC_SHA, + }, + } + + testStoreUrl := New(Config{ + URL: "redis://localhost:6380", + TLSConfig: tlsCfg, + }) + + var ( + key = "clark" + val = []byte("kent") + ) + + err = testStoreUrl.Set(key, val, 0) + utils.AssertEqual(t, nil, err) + + result, err := testStoreUrl.Get(key) + utils.AssertEqual(t, nil, err) + utils.AssertEqual(t, val, result) + + err = testStoreUrl.Delete(key) + utils.AssertEqual(t, nil, err) + + utils.AssertEqual(t, nil, testStoreUrl.Close()) +} diff --git a/redis/tests/gen-test-certs.sh b/redis/tests/gen-test-certs.sh new file mode 100644 index 00000000..4bcd3e32 --- /dev/null +++ b/redis/tests/gen-test-certs.sh @@ -0,0 +1,57 @@ +#!/bin/bash + +# Generate some test certificates which are used by the regression test suite: +# +# ./tls/ca.{crt,key} Self signed CA certificate. +# ./tls/redis.{crt,key} A certificate with no key usage/policy restrictions. +# ./tls/client.{crt,key} A certificate restricted for SSL client usage. +# ./tls/server.{crt,key} A certificate restricted for SSL server usage. +# ./tls/redis.dh DH Params file. + +generate_cert() { + local name=$1 + local cn="$2" + local opts="$3" + + local keyfile=./tls/${name}.key + local certfile=./tls/${name}.crt + + [ -f $keyfile ] || openssl genrsa -out $keyfile 2048 + openssl req \ + -new -sha256 \ + -subj "/O=Redis Test/CN=$cn" \ + -key $keyfile | \ + openssl x509 \ + -req -sha256 \ + -CA ./tls/ca.crt \ + -CAkey ./tls/ca.key \ + -CAserial ./tls/ca.txt \ + -CAcreateserial \ + -days 365 \ + $opts \ + -out $certfile +} + +mkdir -p ./tls +[ -f ./tls/ca.key ] || openssl genrsa -out ./tls/ca.key 4096 +openssl req \ + -x509 -new -nodes -sha256 \ + -key ./tls/ca.key \ + -days 3650 \ + -subj '/O=Redis Test/CN=Certificate Authority' \ + -out ./tls/ca.crt + +cat > ./tls/openssl.cnf <<_END_ +[ server_cert ] +keyUsage = digitalSignature, keyEncipherment +nsCertType = server +[ client_cert ] +keyUsage = digitalSignature, keyEncipherment +nsCertType = client +_END_ + +generate_cert server "Server-only" "-extfile ./tls/openssl.cnf -extensions server_cert" +generate_cert client "Client-only" "-extfile ./tls/openssl.cnf -extensions client_cert" +generate_cert redis "Generic-cert" + +[ -f ./tls/redis.dh ] || openssl dhparam -out ./tls/redis.dh 2048 \ No newline at end of file diff --git a/redis/tests/tls/ca.crt b/redis/tests/tls/ca.crt new file mode 100644 index 00000000..c9351d37 --- /dev/null +++ b/redis/tests/tls/ca.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIE5jCCAs4CCQCX6TN/mZGB/zANBgkqhkiG9w0BAQsFADA1MRMwEQYDVQQKDApS +ZWRpcyBUZXN0MR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMjEx +MTExMTYzNjE2WhcNMzExMTA5MTYzNjE2WjA1MRMwEQYDVQQKDApSZWRpcyBUZXN0 +MR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDnZXRXrYURmTc/559vMe7CZnwtKul2ZMOtS7UDPCcw +G3I1KHCxFkAxLNDhLtIENWId90Lc1mAIKtULy+RX2ORfOhYZ+JDK3sY25+53dgFq +vdPdtSpiiLklSh5XXdLcNq5sg8Zs1W514otDrfooYWqUp7BU4vZ0Cb/MWP/WEynD +ne3Aj1lpsEqV4+ydYhoki91tY9VS9y48VOZ+VC/+aCcbkm4G8FSczLZrglmnDq0v +d/ZrQ6dtALvPzKXdPA0HuqacT7VZ09d9tVOBj8xRkq5YEgUNHStkzZiRHzFXtRx5 ++mH/WkkzbA1C7eUeRFxIxp+C1KZB08cg9CgdrJYs/osFttesSncOIdDieauaqkTU +wlcEY//sv/eiOv4XCIvuG+39r0ITQ4m8Amb28v0uaz2s1e8UVpk1mLuUVcpspmAf +q0UUyb3aKjkluBn5rZuHxZLP14FueojFTLIXW6sNKYGqHqh4TicogmqCQAGhd9wo +Wis21+xeOI9FgojASxugN+tY/64nwYQfCWsv8AuZegjyQ+AodGrtIHEbrAdgeYOj +heEYDePaKMau/0vc14vlOs5EssXf49QYhciRqESc+0O85rHemgqhb4Qz31V3AGf1 +NP0wvqA97AmBYRLZSNc4ExvmQponOIVJY+idWiqJuRZSOeScEx0sx22MF1Nhwaw+ +3QIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQCN1SnYfobIM0bY1bI/n5njNV8HEFAT +X9EoXEKEg8lTJNNHSAEBDGgJMH4tc2+gQ/AQxdjCTJXlYP7ET5eHHPiUxXRqwjZr +MDSVbipaqJ3AVkJs+XeqrxyjsJ0S4uPd82gYzcPYCP6Zq2hFGTnzlnNE8oZq+Ys9 +mdVEwWmOnD+sl8pcRuccxUfPAJoZK3A5G+X2xctJLwMM6Y82ppu5XVMbmuoMTQaK +pkhw6wZwah6Fa0QSgL1Lro63aDG1xDvUi8HXD7baZw/nNT/rI81ZFwT735sRkRm5 +7WXnfic8/SsQGk0zw8grUy+Q/7YSonr6LxUPd6vSJk3ZBEWo/FbDpXRSLaZQiR2S +87gWa1Mt/a98OHR736q1jBvIeiGhC0dB1mj2Cclvtc3rO0uJzsHBzviE4008t8mn +mCVTp03nvMMO9BOpwECDOnBok4aMfqiIMJlPrl2ieiZX1lM5xiwZkzS/x9mTp6dx +9dhppRo/y9ViuB8PVxkDQCPjnZ+WefRXTW6Vtacc4D6LNQgJytFL4nVBAzgABfpv +cUOk41qGpY/n9VscZRGadyHjz2f0l4LY6GeIDg/iF9/qzOFTTRx6eyJ4ueeq2+/T +V5Ro8kzYg8aXkDY2dFLdSz8KBkaZ++8A6Q7h2SPVNfAepKGLHyB76ktMaqjonhbn +rq7Y+FUj+SMshw== +-----END CERTIFICATE----- diff --git a/redis/tests/tls/ca.key b/redis/tests/tls/ca.key new file mode 100644 index 00000000..0246669e --- /dev/null +++ b/redis/tests/tls/ca.key @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEA52V0V62FEZk3P+efbzHuwmZ8LSrpdmTDrUu1AzwnMBtyNShw +sRZAMSzQ4S7SBDViHfdC3NZgCCrVC8vkV9jkXzoWGfiQyt7GNufud3YBar3T3bUq +Yoi5JUoeV13S3DaubIPGbNVudeKLQ636KGFqlKewVOL2dAm/zFj/1hMpw53twI9Z +abBKlePsnWIaJIvdbWPVUvcuPFTmflQv/mgnG5JuBvBUnMy2a4JZpw6tL3f2a0On +bQC7z8yl3TwNB7qmnE+1WdPXfbVTgY/MUZKuWBIFDR0rZM2YkR8xV7Ucefph/1pJ +M2wNQu3lHkRcSMafgtSmQdPHIPQoHayWLP6LBbbXrEp3DiHQ4nmrmqpE1MJXBGP/ +7L/3ojr+FwiL7hvt/a9CE0OJvAJm9vL9Lms9rNXvFFaZNZi7lFXKbKZgH6tFFMm9 +2io5JbgZ+a2bh8WSz9eBbnqIxUyyF1urDSmBqh6oeE4nKIJqgkABoXfcKForNtfs +XjiPRYKIwEsboDfrWP+uJ8GEHwlrL/ALmXoI8kPgKHRq7SBxG6wHYHmDo4XhGA3j +2ijGrv9L3NeL5TrORLLF3+PUGIXIkahEnPtDvOax3poKoW+EM99VdwBn9TT9ML6g +PewJgWES2UjXOBMb5kKaJziFSWPonVoqibkWUjnknBMdLMdtjBdTYcGsPt0CAwEA +AQKCAgARw2kN/gUUF8X1AuvrVlL023c25G9tpkibOg+YQvrjJ4g56nPUNFgTLlSO +pNB8gDibAktAtrhCiD84m5tY3w6Q/N2LethqqnVe66kTxJxRPGdSQsERNVu5MBpq +LIquWwhCzk7iNfQ32n9EX8uvY+MRrFnN+mpe+AygPEjPf0MagDorKRX9FgpzvT6B +ynElUxNZfWt35f/Ho+DZ286fYhF2fWQy5iooq1JpqGUHfQnwde4Vx+jHZmIEjrpA +5IY/jKWTpE7QqYGGZfAWJxrRPEhj/GYk3pNhNqM6qMFZ8U5RUtZJCv5Jk0blV2va +Sfcnow/FtFta/E3yCqw1svUIWTYEwekaJIB5n3K2vbYwFdrsfrLJ0dOu3qMW4H4A +XSzuSleswPQf3wE3HKfPL4H2RsQsl7M/1tEFZWzegT5b9jAjDPQOagKi9OoQf39f +iJlPxzt91ukcYiYLcPbV6vr3WP+8TJshV3u2gd85zdQ6N+Jm7fcbtjT8UjJYa2RQ +UM6OiNrOPEqwZcRlXbBDyIQYIBN8VMVS610NekHDgSmWNpdofmquMUoWSukL4Vl7 +FA+kPgAyvoHU4nUc13rFOis71ZUYP+JzFEWdE16q72ehemFnEgRNcyTUQAlz5Wl+ +SApH9ibqjXfD/jYFpHlIg+Aw6LQqo+g9m7MyNHb7MNEyVfOjhQKCAQEA9MePx+uZ +vSIDcmxNsi0lIELbpwOSwgYH8v2WWWHARVZF9i9ZQ94R+PHmVFouzOZ6AB89EqDw +c7qSX5rveJH8FurXOWu9LPIwSR0SATB67yPh2GR55vTQP9F3gHRA1nB4Wto6Uhk/ +2W1WBNnO3xOcOzitvBuPHCRMK193pa6HDmKXzZHeDA3NPhaM13eGI37rpM3tqm7I +lyeZrCo2Tps+8j9qkBOQ1VaPUtc36bMZpnTlnTP3fFp7oaQKgtHnpqpQsVZuzt90 +Y8UeVRe0LOWi6VOWjiasVvQl14338CNyKoi9KCu3NL4B+4OQBoxNrpEsd0/OKEXX +grCIRg12tajluwKCAQEA8gDX4wqOzmdrcqsIlACREhyubnIDEJ7WmceR+dklrs1/ +aaYL0H8IVSBmszzIUiTA9kjEFCU9vls6vjguBpF49YlXQc2pmyu26zQc83X4m9n8 +roO6Jdlic5lkYbUtuB6c3AE7J5vTg2Yc9oLAOMibkjLrwfgQpBfMHhUY9hWpTBFF +8tBiUFB0ZDTcdDpIWd3P20j/RSB7e28sq34k6t0KkiWkIVecEHTq4uI6TGePzvIW +vdDVAKM4nllPYUPK6jQRvJ+fsKxnqmra0MoOPIpwpvsyg888992KaKC6zL2/EWP0 +axExlKVYruyo7GNsSPOZq9eJ40Txc0nHbYUO3LEYRwKCAQBUM5GyI8lu1hR5d+gC +MqViw5zrhr8lHw38+F6PwKBzOYo3dXIvdmSYTh39RkhzE5VEFXrcvZ/5L2TKnnFh ++FXPTFlc10LsAyO5Atb+sb6YJK+70FRerjg0u8lv1o23NlkwZ4FIXIcqNAIzCPmw +ov5LIOQioRhJhfLtuJlf1PmAaUnu3Q6U9upzQS6Rr/vkmfRVbMEkr5cw595k6uBj +iePNUSNHDHP17yC+Tmpdac6ZA/04ZnfrvvRoVhWHis0098FqP2E+qH9REq2sd8ry +5stzl91iaMs/3hxmWd/AK3FKUF9BQkhzTClCa69PkVPniOjS4hD4qY3I1xEJh/gd +5UuhAoIBAQCBO/4OGvdENmpk4/1CvEK8f2CPTodgetJzcOX9nP7IqKkgDDJG92/F +tfXiRdVcOJBrdVRwxaqBW0q1hl7d1xXXWa6lT2UBnoiidkP3p8pJwFF2CJaB2+L9 +hK7cltqBdqehvW6PqmF7zC4vXoe0Szz5CARqo0SPvL2eWvnngI3WN2s5ThsSdMST +Nr97uhwlEZUMr6DSk5QdyLL8KfMhEUWx4jQSMiz/hNBitRkY8D0V8KZAW6NEIeX8 +egkwEfnstD28kym+OXNqyIFt+lk771pVcdP6G9OdMkvVr+/RoorEiLJf8uCdVudT +EsLq6fVLx/sKj6HtIkYmoQHE9MeJB3HFAoIBAQCrl5LBfNKjqx9ijX/ghAvvHm52 +T9cSJxHZ2VaIghAIwXDAA7vUpeLlXcR8zHp+TozFWpfEcZh4ztmfmEozN8Ljcutr +94VX7urIdC/JYzfJ2rzNmJdk0sgXZ+yv4LJ9RvoehIuhwQc95JLdnlEP3kNBiqUM +N7i66BLdWq015b6WCIYS8DeBfETkXRLMH2hawpB1ZmhiWQ3G49cGJU/CXt8471dC +urEwlHtCLDvZ4peTCoVtV0OgNTcE05RPO15gFIMWrHF/UoZiV+PZCHTJNzjupjNw +8xgu+EhDo62M8t+SILwNRPvusAbOLXsnTbq7xbmWR/9zPtJscBCxMCxiHkKc +-----END RSA PRIVATE KEY----- diff --git a/redis/tests/tls/ca.txt b/redis/tests/tls/ca.txt new file mode 100644 index 00000000..eab96d20 --- /dev/null +++ b/redis/tests/tls/ca.txt @@ -0,0 +1 @@ +F93DEACFF8ACD904 diff --git a/redis/tests/tls/client.crt b/redis/tests/tls/client.crt new file mode 100644 index 00000000..0a81b5b0 --- /dev/null +++ b/redis/tests/tls/client.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEBTCCAe2gAwIBAgIJAPk96s/4rNkDMA0GCSqGSIb3DQEBCwUAMDUxEzARBgNV +BAoMClJlZGlzIFRlc3QxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAe +Fw0yMTExMTExNjM2MTZaFw0yMjExMTExNjM2MTZaMCsxEzARBgNVBAoMClJlZGlz +IFRlc3QxFDASBgNVBAMMC0NsaWVudC1vbmx5MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAtKcK6sWYkbgmWKV03WzmLbicEr9gMZVsoyxgNV52ciFnPQ72 +2B0PEafTO4CFdzTj3titqqOtcQVVqo6uCZroBfwCYzEgozBEPvECcY/ldw1uiN9c +EyCKTAEGFqnSZwJ4UfC/JDnsNRjflLrAZ5xsQV56+yreYurY8WzCmdjpxkHQ0i0s +BBG0wdd/d4G8EYSHjOhtoqckUCeHU3Z8+WOn3LeIjK2XaAZTJHC+a9Pjj376degV +bgEQufwrTiyOimwoMVvu2biMEyPo6KXJeofaPjAMeS2uD89czV2qjPPoLrb+x1mZ +wVWK+PIiQE5cgBGhjNTEToj0xI8ZhGiqvoLTdQIDAQABoyIwIDALBgNVHQ8EBAMC +BaAwEQYJYIZIAYb4QgEBBAQDAgeAMA0GCSqGSIb3DQEBCwUAA4ICAQAkDELpveEq +jdQ2S3meMJlBjSI5raNkZ3eduV8TMQd7w7Wti6/DYhpquYyt1SqKnDm5Req5BC0D +Q6EgJuTOJ8ElkZ0PC3mZXDsAsHrjgJ9PAgMpGv9HB4XkAjvD9YdKH610IkmOUHMu +pToFdck+woe5lbQsILJl2AE72zzqCgDM1K7FxMoP6ZN8fmX+7/TSwiEfVgkwLDgp +FkGPCGGnHcWYW3H+4UF1UbjP1uZwiSAq2GbzfHuUrCQhVUCnFOEygMowgK8CtZgb +ONJV3ePGSE8ESh/hQPnihlJBASXT7AXO/8Z4pW1J54VgamTrDKbiz/35fNAcsCId +tfiPXGTAG1QSWHMB+Lio9okNleb0RNHsXWQH3j6oNjPfMOGqYIpmkefv+2nivin+ +LAfzbcSGNXnus19HtsS+AjUNeSeoR1IIBg/aRmYeDCX1sBTugyIo8njdWtyT3Pj4 +LgOuMi/vyNL6hocdwkTfMqceMo3cCF+G0R6V1yrZ5xKFTmkqT8E2SqHC1sHHqI9o +G1AvHtivIlNuACilB/s7ptnDdgcGPu5aNSWPm3S1GctR6JHOxbGzSaa1UiIAHzoT +B1HLud63T/6YDWTWn01zLfE1X+tdSkekTEk9qCyQZRokbvrP/oIwSpnuuzPlUlYn +OvQBR7Rly6F3JkME8rk9sCYv995CiUr+4A== +-----END CERTIFICATE----- diff --git a/redis/tests/tls/client.key b/redis/tests/tls/client.key new file mode 100644 index 00000000..076b998e --- /dev/null +++ b/redis/tests/tls/client.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEAtKcK6sWYkbgmWKV03WzmLbicEr9gMZVsoyxgNV52ciFnPQ72 +2B0PEafTO4CFdzTj3titqqOtcQVVqo6uCZroBfwCYzEgozBEPvECcY/ldw1uiN9c +EyCKTAEGFqnSZwJ4UfC/JDnsNRjflLrAZ5xsQV56+yreYurY8WzCmdjpxkHQ0i0s +BBG0wdd/d4G8EYSHjOhtoqckUCeHU3Z8+WOn3LeIjK2XaAZTJHC+a9Pjj376degV +bgEQufwrTiyOimwoMVvu2biMEyPo6KXJeofaPjAMeS2uD89czV2qjPPoLrb+x1mZ +wVWK+PIiQE5cgBGhjNTEToj0xI8ZhGiqvoLTdQIDAQABAoIBAQCeCzGi2QG0Ik3x +6baG7Pmm8EYipKjMWDR1wKHeruiiypReN5Q+15VSVeeXu8WH146vbBLrIUzgftFG +aJLbtljcu29/RgCOo/BgvErt/Py8HdUhC3+rACHdglvIQgPfuKp4zUz7rWz3uu4H +WSZwvsl6muSujf+GvHzVIdhR7hH/LianictHN6OBvuIk6+88LYxOvPzvOuzTs6o8 +D4CdNwaWUtOm4/gV2/UXKBosbdpIoVbYAAOZPnu4gLAJV9ICnLDKMtZ+buZNEBdo +Pt3vtzN9LqmaiC1BfaH3Uqr2nhPW86VwLIr61uFGRG5Y1GS2XXOq+dgxW8BmXWMP +42J2GUlBAoGBAN+mPYJUckGFlToREOefwHsKJqPP+1aK4LjibqXZSnTtRvAur/kD +Bw/b8xGSHx/pisQU9wwtbaaVy0tbW6fMBBweOiZMJdQ3XRaH87GfPDyEmqRnUWAF +/NiyshHDmg6HK6Dm1hT4Ndd35PO1xJDsgGyqCrsMRwfAON0pfSVxdWyFAoGBAM7I +n7tBdWeTWeVVFuZdyTVOWsYO14ZRsHULd30gO+bXaXFAK7X8/5tawZ4PXJq4VD0f +rpOcsnNtuROpbh3MshsplEDuq+JQ9DlhBTiz8wVcKp9z3RCY4GQjuPNIFuVMjN6i +dsL0U+IKwMPpYnlgimW3sNygO3q/nNxrUobBITYxAoGBAKYkC7t+2iXcg1/Qf7th +jI6amtvETFUc9BXEeCgSRGKaRcF1HVqhqiRY47fg0ehWCLTjUicktDk1PAFuC6ea +Qk9VESOUG+ILgsaTFjCUNx5J78tDyUrJB+0+ylOx+Abk2T89XDnVrcG0GkwFctGq +LzkKFNChLT8Px+5bvNEM+Qs1AoGANcSjDBzkO09sU56BetsuI4dBQTjAv/Njz7tw +kX+dM9QVXdZSx1qG2E2MBN53tN9zQAWJ7mYTXMJOGpe2w1bjhP6VxyCIXyuvpW/d +3LWl3mHtz1JgTB2EU2WahN/c3DjAdG+IM/82BJPJNefsrCT3N6XA/k1Hyg4i6omZ +huKXETECgYEAqr6GHzgFy3Y4OIpobwuAKvrY2/s7bo68pF6QTqvxalkJkjkp5HyP +FobWC0GxrPfwjkRbQTRANA0vVwFP/MnCU1ag3UeoYamOmG2GnTiiYWQehovAhOyi +TK7QXf+j5o4nrRt/TRfyeZH9XevX53HIGuFRtFZbm+WMn4bPjQj7ypg= +-----END RSA PRIVATE KEY----- diff --git a/redis/tests/tls/openssl.cnf b/redis/tests/tls/openssl.cnf new file mode 100644 index 00000000..f56038a1 --- /dev/null +++ b/redis/tests/tls/openssl.cnf @@ -0,0 +1,6 @@ +[ server_cert ] +keyUsage = digitalSignature, keyEncipherment +nsCertType = server +[ client_cert ] +keyUsage = digitalSignature, keyEncipherment +nsCertType = client diff --git a/redis/tests/tls/redis.crt b/redis/tests/tls/redis.crt new file mode 100644 index 00000000..4fcc921a --- /dev/null +++ b/redis/tests/tls/redis.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID3TCCAcUCCQD5PerP+KzZBDANBgkqhkiG9w0BAQsFADA1MRMwEQYDVQQKDApS +ZWRpcyBUZXN0MR4wHAYDVQQDDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMjEx +MTExMTYzNjE3WhcNMjIxMTExMTYzNjE3WjAsMRMwEQYDVQQKDApSZWRpcyBUZXN0 +MRUwEwYDVQQDDAxHZW5lcmljLWNlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQC/lqyvZ+JecRTRWFEoyfIYnxz+1HiZwFGL7BhSrPf7Y6CSDwV+A7tB +Pvu7gSQx69cfMIeS78n/pNV4P0dCgiEiOYZlqa8z1H3MVG6ZuM9uIfeubAeOvG5M +Emk9UJ3KU01XFFLCaQ9u+WPJNUQyB+hUDE92k3PQ+sh3getcgYDQm6ktt1lZOgUK +JwXPNg6E1HlLDMrf4kqsCLMHCAuI7pT0RjMrK6mNEvs7hFf487zj857Jd1XJ069l +Fhqt/LOW7jOOCEXiGtfWEJ8pApsIsc1Pdgzxh+WS1HH0qRELMv0RUJXnhw/uiE1A +TwLVUD91YwboSLIYf/E3m7zREaXwf14RAgMBAAEwDQYJKoZIhvcNAQELBQADggIB +ADWC4NSOil1EAqtrZbNAMm2beofNCcgkcO1FzYjgLXlEmq7ntvJF6LNhVBFtQCJw +dRFfYqAH2TPI9nU3NadaJFCNTC3MQaSaIOXe4ntV2H8swbNlHEonjJ+PutK+GQYL +6+ZF4heW7ZgOREr1cldVFo7GWQIGKR0jlckscn6OwHcBiqxYdrW8xXfUEcRH0EJk +pFn8QjZlCBvMM1oVSPE4xdi04DRJJxHeE++KNH17KyoTSuvIrHvf24bKr2RlPvN8 +HC6cvLGSWVZYu4MKx2tWtQUNwnA+oQ+Ri7Id+KdpEBn+UJrSoZ0hu5xz9LBakbXo +CoJJ9vzhHn4VP0Q1/UT+GQzdC39P+s2TErHKNQFql+qZYNJltJcbq3uWQHL0K0v7 +ai7AXsGSIJHWTMT3LihKBeWFLDZBugWxpFF6SjHmcONpv1KSfxHvRw+OrNARPIof +13/5IEx6SecT3E7EVjVZyyTgpjv3lOburIrw1amHqTtxRaewMjloYCQwjVmrgyme +BcjZtsHzXjF7/AmlEtwnc6BE0jUwJHznfyfV8rYTwfO0Ew/xrLJ3EAvMTNMOOvfl +Ll5DDqA61Ai2/61rVhoUEyjPNDjB8hyY8NB0F81Mbbhm8T4/BY+TAX9MxFv9Rt/y +3nBxLL8uIt1LUC7blW4sR+DsUEmk8nlJ/TW+166B+2+M +-----END CERTIFICATE----- diff --git a/redis/tests/tls/redis.dh b/redis/tests/tls/redis.dh new file mode 100644 index 00000000..814aa0f9 --- /dev/null +++ b/redis/tests/tls/redis.dh @@ -0,0 +1,8 @@ +-----BEGIN DH PARAMETERS----- +MIIBCAKCAQEA1nYlp0dgMjvcReATfJwuS1lAtpvaTl8/Fu1/CuQ4rCoB9fgqvlTv +jgnHRAW42FD9NwOQibol/mDAmThd8Srq/teu84w9j4CGsd3+qO+/HP16GHLACVkP +LmImh30irqfTC2JkuiRccMYmt4N93Ba8FgC+GLcEjEB0JKW/JBZ71qO8fvwvvI7h +QU4YddezMsPG3L6TDYX0cFCSrcBNKa8mGgGLtppT30UWvAH0QAlsd6jiIR1cto+T +yDAv5WYIkBlsGcH70X1EEglHz48USV0Xu5lADkiazpXvKTl3XkD6gVkrCcxHF1iE +7VEbxKaGx5HsdRw7EV6Fdxp98mGRWjBlKwIBAg== +-----END DH PARAMETERS----- diff --git a/redis/tests/tls/redis.key b/redis/tests/tls/redis.key new file mode 100644 index 00000000..b38982a9 --- /dev/null +++ b/redis/tests/tls/redis.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAv5asr2fiXnEU0VhRKMnyGJ8c/tR4mcBRi+wYUqz3+2Ogkg8F +fgO7QT77u4EkMevXHzCHku/J/6TVeD9HQoIhIjmGZamvM9R9zFRumbjPbiH3rmwH +jrxuTBJpPVCdylNNVxRSwmkPbvljyTVEMgfoVAxPdpNz0PrId4HrXIGA0JupLbdZ +WToFCicFzzYOhNR5SwzK3+JKrAizBwgLiO6U9EYzKyupjRL7O4RX+PO84/OeyXdV +ydOvZRYarfyzlu4zjghF4hrX1hCfKQKbCLHNT3YM8YflktRx9KkRCzL9EVCV54cP +7ohNQE8C1VA/dWMG6EiyGH/xN5u80RGl8H9eEQIDAQABAoIBAQCsjHdaQqWNiSrG +oFP3+Gkh46uplpJHZv4KlsgRLdbpggDLitvXcmTjjmYJqXV/wHgujvaLT4sNwta/ +Rb5YF/rfaA+y3+/7LhVeQWya5edruQvo+0KTOwHbYXmGz2RNJFkzZAplLVnJCLLm +NCMHLDgB+lRW5tYYEMUbXNcsqTXqqbSj9YHJ31z4y4GMXvw/ZIqikixgJzvIKe6P +zXBkK+J9otHWO3Z3CMFoRmhI0fp/wIiOlp9Xk2QzhUIIo5mzpRP2FnVBQH6qA1Qx +HcHy/kHCNOtkebaM50tCHwSZi+w6WjKRfbTpQHCaUIjvTfVEup088iI8b+gt48Zz +noX1efhBAoGBAPwCiX71kICymFBMyfE+0KZqg95w5oOygb/UvqmfAAHL8wwAxFRB +zTG6GQE67P/nROxUm3mr3JcTgszGcNBfeB9d3J59AFIoyHCOk8fXUS4I1JOKdIdg +XIwtCcIrCkCcLrzUVZlT8mJRH0F4U/LaB0NHiRZe25AWSVUdpbA/SDlHAoGBAMKf +O9iWdGZT6YC8FnFjS+HV7mJlUmaEgGXLqwVnEXOuGKell6WS5GN9XEcP8BnUqaoi +ARCWfku18x2LgOm1WZf9voPUvGwYAOuvzFtX9d8MYQQnI+fZX7ZpRO0Pako0kQhr +4SUadVQXXJIbB6kHr3JVP7dICEn2LOmlhWLnRlnnAoGBAOzxqbuAQaxvvzwI5vp3 +mBBQJ8qWlnYO+WWXLukmwQfvbYbEldOuxrJRij8Y20rEdI5MAp7EkzRMuPe2QM36 +ZWQAiXVOjGWzSLpjo9kKvp4s2UobrPK4DGwT0JAKjaov7tXGQvFV95ivM1cIPs4g +ZyG/+cnZyFDSU4K+zFFJPqvzAoGAaaa5fT1H2RjqZJk2cb1evy08aKvqTH7XmOs0 +Xw1xmuPCvJeXOCoC08OE6YrMY6lfpV0qSM/5pa4TWVGW3Mg259y2pKhC1Uc+kLNx +c5DPh5MXw4Jf6ofFfqes5Cf/ImNg7DpsEZFIair4dNQ5l1f1tVJz8VIoNcZu4TOa +snMsbLcCgYALyGUUdgCDZErB32O2I6o6vLQh6Lc0YqbjrGGkvuygOEUiLa5Wtjqe +AHyb9aT39jSCFEaTMKPma3T555+Lkk1Io2jYRVenoFS+O1nlRQKuIbIyuejA/SFm +z8rZ8EMT4g485CZJ3VjkoVXNXl/L61F1I9vK31Il88qgvm4y2JlYyg== +-----END RSA PRIVATE KEY----- diff --git a/redis/tests/tls/server.crt b/redis/tests/tls/server.crt new file mode 100644 index 00000000..ed2f8156 --- /dev/null +++ b/redis/tests/tls/server.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEBTCCAe2gAwIBAgIJAPk96s/4rNkCMA0GCSqGSIb3DQEBCwUAMDUxEzARBgNV +BAoMClJlZGlzIFRlc3QxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAe +Fw0yMTExMTExNjM2MTZaFw0yMjExMTExNjM2MTZaMCsxEzARBgNVBAoMClJlZGlz +IFRlc3QxFDASBgNVBAMMC1NlcnZlci1vbmx5MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEApvPQ66+fMPnJMf8BkGMq35EAT3FJIECqd3K/DNS2zox53gSj +P9cPuaW+JBlMUXTpGhgNKSLD8TMwJcA406A/pJScLNrdfoI9RvlKblwWWxcr2QBS +gFvEcnAYByVQb7S9gEOZev5CHGPw9Bav4jYZ+nTc+ERDuMC6HaqrjbLk1UbkuvAV +cWipYygtVFeeWx1TdHmez7n+kXcKNVojp1BbNJj5162zYXD7CnWrepA0r8b3ETEs +jTFRmJd6UgjZ/u+apf+DlIQ5UZOWPUs1okzmCjHAL0hp55Mj6lRW7F+ZEX8uC/pG +jOz/Qi2AIztZp+tYSQmyXlsEODft88D6StWKLwIDAQABoyIwIDALBgNVHQ8EBAMC +BaAwEQYJYIZIAYb4QgEBBAQDAgZAMA0GCSqGSIb3DQEBCwUAA4ICAQAkwYDPD0Qk +mi3YyIdK/+KtiDcyTAYszQfKx5luSZ1+dU9fSc3xM8vMy2ZogpzOjjq+Gmxm+/mj +8FonHMnlBH21tyuCBxs/yXeR8bqNRL1PyGN3lI0/3IF2dlQGGUBhmnSvgt1ZL0G6 +jeonmiLg+DjOPr38lO1B0qY+gwhmrJkGf6+NmwfCWJg6xO7D2fKS9iRRb4DTxfms +6UPpFtaHOKSGQMjvDQ86t0tAgavYBYib4xAxRwnkxfriVhncEybOpmlO5tEU1Xl8 +D1Ax/LYgHFZa0W89NrlFoFx6mVpBHjUml9OBYaZkzrsMix6J+47aJPyceKThh86Q +TmKEOV1Zko55JBUGoFDzfyCLHYiugdupwrvW1nEJ07JfODbrwbMC6uNRR5CxowgA +oRS1TTHINqOKFR03AbrqQ1yDf6Ufh4k/2f+L4i8TKeH2A6IKmXfgMEWvqf6gw1tm +7z8j0klDxH5ezQUjSJS0jf65JFLX3TxdbfZEwLvZUg73m0XUNouvq6agUmcIoeHv +IKycZntJ4YPPerIGMMM9iGh6ij/NWeNZSQQ5Y0wk7yXsI2PPOUj1O9blzDU5NrgN +0DXjoVQqRgFln1U6lAtqxCkjp1YIo/LGKtscpXingSj2IRsbGkT5tUMmCv+sOd+x +2DenVLRlUlVuEDkkwcA9mwxKYaafCv2tqg== +-----END CERTIFICATE----- diff --git a/redis/tests/tls/server.key b/redis/tests/tls/server.key new file mode 100644 index 00000000..97e762b9 --- /dev/null +++ b/redis/tests/tls/server.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEApvPQ66+fMPnJMf8BkGMq35EAT3FJIECqd3K/DNS2zox53gSj +P9cPuaW+JBlMUXTpGhgNKSLD8TMwJcA406A/pJScLNrdfoI9RvlKblwWWxcr2QBS +gFvEcnAYByVQb7S9gEOZev5CHGPw9Bav4jYZ+nTc+ERDuMC6HaqrjbLk1UbkuvAV +cWipYygtVFeeWx1TdHmez7n+kXcKNVojp1BbNJj5162zYXD7CnWrepA0r8b3ETEs +jTFRmJd6UgjZ/u+apf+DlIQ5UZOWPUs1okzmCjHAL0hp55Mj6lRW7F+ZEX8uC/pG +jOz/Qi2AIztZp+tYSQmyXlsEODft88D6StWKLwIDAQABAoIBAG+d3BRmIrDUnp1t +VndYxWYYhDOYkoIcmZsoPPBwGhO3ORak1RuuRZYhaCCsRSjEV7+ZStswof1U8qCa +haN+pG386PjYDnMw0ZTsv8VOjaeysx7uJzonoAu+Q2IroT49gOAK0ca3zC085+/Y +Zxh+gRnAHadhxED1oLiKzQz8CB9JpNIWWIhMEAPUgnnVMRzED62OyMTsX6ztPSx0 +EiM1sNU7Jnf9TVMYS1LjJ9SNqbT9tmPaRj4DM2X17Iolg6ntx3rl8xeKQfcrOl/1 +EWjiXBSmmqsGpQZPyD8uCE4d1/V+5sNpRkPRBJVoqPKRdmSHCgOPkeWDv1zoJZv5 +RnS6MKECgYEA0nRtQt6j3USq/PDdnzRjskks7qsfOtsMR7ebQFwD+bbpAiY+walu +zTFwr1KggAtfjlp1pegnLg2aIvCoVr3wDAf7itAFIY34OKXsgV6AAu8k/Kr2KYgI +ZbPKmhn7bCH3vCzC+SsN0kBHhOmWLiErx50mpVPFgjkOHG/RQZa24NECgYEAyxVH +cGfSMWRe/e25R6F8b5V+oUThCZ6JyL0n03Vp9OFt1FN9OleBjezA47AysnKFnqIa +jsUwjXEZOFHmNSO9tPoNxqPH5vaE/BShSTVdP/zeOXF3BQLajrqwC6+2tzDMmpmT +erc1lPWHIMrvNaVkF/9mVbaDyZcGa4eNwm0Iev8CgYAtcTRSdw587aHaIgxInyBT +09ce5dZFeBzrs2qTeArntaYUb7unR3WEWwOQ589+NnZ4n3G91CX5nLhGiR5gNH0L +rAGVlJs3Bpeta65otMYBXC/pWuTyTMw7YZoCsk+GpsL+X8/ty20dlAGdYm6qIUF5 +xaYdlrwUBUvVuhM+DVQJsQKBgALJ9AUzJ8vN2RAbp6O4MAFISEjmrUB4kOPU1Ssu +PZpDTkLQMrQOZ5UPX0bBMLEKqZMYHs0/H/+RQgtn9IVeTEij9nR341Lkp8becaiT +twgd7N9VE5FaDK5RGgHPE+9IGEc3PLM+uNmm1Yg5wTc3YjyCIWGj9ANcs5Xecq/s +12T5AoGAAlLIzXB5KStzhEibmwgmXLDL16hgTXmMHZ59Uy3Wz5g5r66rUqQL1Fg0 +RjtRYeCjylVzDGw5ffzQYPUg2DqAncD/K2Pgw1EirwdZfzdWU7oXIiA+FYEEi0Z3 +q3VVFmHAJaTQpU2A5UpL5+a8s0oPxxmU8p+FVhVuTLSuX8GcJr0= +-----END RSA PRIVATE KEY-----