DATAREDIS-480 - Add support for all lettuce SSL options.

LettuceConnectionFactory now supports verifyPeer and startTls options for Redis Standalone usage.

Original pull request: spring-projects#180.
CLA: 166820160311101157 (Balázs Németh)

Author: Balazs Nemeth

src/main/java/org/springframework/data/redis/connection/lettuce/LettuceConnectionFactory.java

@@ -99,6 +99,8 @@ public class LettuceConnectionFactory implements InitializingBean, DisposableBea
 	private ClusterCommandExecutor clusterCommandExecutor;
 	private ClientResources clientResources;
 	private boolean useSsl;
+	private boolean verifyPeer = true;
+	private boolean startTls;
 
 	/**
 	 * Constructs a new <code>LettuceConnectionFactory</code> instance with default settings.
@@ -327,6 +329,43 @@ public boolean isUseSsl() {
 		return useSsl;
 	}
 
+	/**
+	 * Sets to use verify certificate validity/hostname check when SSL is used
+	 *
+	 * @param verifyPeer {@literal false} not to verify hostname.
+	 */
+	public void setVerifyPeer(boolean verifyPeer) {
+		this.verifyPeer = verifyPeer;
+	}
+
+	/**
+	 * Returns whether to verify certificate validity/hostname check when SSL is used
+	 *
+	 * @return
+	 */
+	public boolean isVerifyPeer() {
+		return verifyPeer;
+	}
+
+	/**
+	 * Returns whether to issue a StartTLS
+	 *
+	 * @return
+     */
+	public boolean isStartTls() {
+		return startTls;
+	}
+
+
+	/**
+	 * Sets to issue StartTLS
+	 *
+	 * @param startTls {@literal true} to issue StartTLS
+     */
+	public void setStartTls(boolean startTls) {
+		this.startTls = startTls;
+	}
+
 	/**
 	 * Indicates if validation of the native Lettuce connection is enabled
 	 *
@@ -556,6 +595,8 @@ private AbstractRedisClient createRedisClient() {
 			builder.withPassword(password);
 		}
 		builder.withSsl(useSsl);
+		builder.withVerifyPeer(verifyPeer);
+		builder.withStartTls(startTls);
 		builder.withTimeout(timeout, TimeUnit.MILLISECONDS);
 		if (clientResources != null) {
 			return RedisClient.create(clientResources, builder.build());

src/test/java/org/springframework/data/redis/connection/lettuce/LettuceConnectionFactoryUnitTests.java

@@ -150,4 +150,46 @@ public void sslShouldBeSetCorrectlyOnClient() {
 		assertThat(connectionFactory.isUseSsl(), is(true));
 	}
 
+	/**
+	 * @see DATAREDIS-480
+	 */
+	@Test
+	public void verifyPeerOptionShouldBeSetCorrectlyOnClient() {
+
+		LettuceConnectionFactory connectionFactory = new LettuceConnectionFactory();
+		connectionFactory.setClientResources(LettuceTestClientResources.getSharedClientResources());
+		connectionFactory.setVerifyPeer(false);
+		connectionFactory.afterPropertiesSet();
+		ConnectionFactoryTracker.add(connectionFactory);
+
+		AbstractRedisClient client = (AbstractRedisClient) getField(connectionFactory, "client");
+		assertThat(client, instanceOf(RedisClient.class));
+
+		RedisURI redisUri = (RedisURI) getField(client, "redisURI");
+
+		assertThat(redisUri.isVerifyPeer(), is(false));
+		assertThat(connectionFactory.isVerifyPeer(), is(false));
+	}
+
+	/**
+	 * @see DATAREDIS-480
+	 */
+	@Test
+	public void startTLSOptionShouldBeSetCorrectlyOnClient() {
+
+		LettuceConnectionFactory connectionFactory = new LettuceConnectionFactory();
+		connectionFactory.setClientResources(LettuceTestClientResources.getSharedClientResources());
+		connectionFactory.setStartTls(true);
+		connectionFactory.afterPropertiesSet();
+		ConnectionFactoryTracker.add(connectionFactory);
+
+		AbstractRedisClient client = (AbstractRedisClient) getField(connectionFactory, "client");
+		assertThat(client, instanceOf(RedisClient.class));
+
+		RedisURI redisUri = (RedisURI) getField(client, "redisURI");
+
+		assertThat(redisUri.isStartTls(), is(true));
+		assertThat(connectionFactory.isStartTls(), is(true));
+	}
+
 }