Skip to content

add SSL support #446

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 13, 2014
Merged

add SSL support #446

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4c827b4
add SSL support
oranagra Mar 22, 2014
3cd989d
fix line too long (coding style test)
oranagra Mar 23, 2014
6f760cc
fixing coding style
oranagra Mar 25, 2014
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 22 additions & 3 deletions redis/client.py
100644 → 100755
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,14 @@
ExecAbortError,
)

try:
import ssl
ssl_available = True
ssl_cert_reqs = ssl.CERT_NONE
except ImportError:
ssl_available = False
ssl_cert_reqs = 0

SYM_EMPTY = b('')


Expand Down Expand Up @@ -345,8 +353,12 @@ def from_url(cls, url, db=None, **kwargs):
"""
url = urlparse(url)

# We only support redis:// schemes.
assert url.scheme == 'redis' or not url.scheme
# We only support redis:// and resiss:// schemes.
assert url.scheme == 'redis' or \
url.scheme == 'rediss' or \
not url.scheme
if url.scheme == 'rediss':
kwargs['use_ssl'] = True

# Extract the database ID from the path component if hasn't been given.
if db is None:
Expand All @@ -362,11 +374,18 @@ def __init__(self, host='localhost', port=6379,
db=0, password=None, socket_timeout=None,
connection_pool=None, charset='utf-8',
errors='strict', decode_responses=False,
unix_socket_path=None):
unix_socket_path=None,
use_ssl=False, keyfile=None, certfile=None,
cert_reqs=ssl_cert_reqs, ca_certs=None):
if not connection_pool:
kwargs = {
'db': db,
'password': password,
'keyfile': keyfile,
'use_ssl': use_ssl,
'certfile': certfile,
'ca_certs': ca_certs,
'cert_reqs': cert_reqs,
'socket_timeout': socket_timeout,
'encoding': charset,
'encoding_errors': errors,
Expand Down
23 changes: 22 additions & 1 deletion redis/connection.py
100644 → 100755
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,13 @@
import sys
import threading

try:
import ssl
ssl_available = True
ssl_cert_reqs = ssl.CERT_NONE
except ImportError:
ssl_available = False
ssl_cert_reqs = 0

from redis._compat import (b, xrange, imap, byte_to_chr, unicode, bytes, long,
BytesIO, nativestr, basestring,
Expand Down Expand Up @@ -220,12 +227,19 @@ class Connection(object):
def __init__(self, host='localhost', port=6379, db=0, password=None,
socket_timeout=None, encoding='utf-8',
encoding_errors='strict', decode_responses=False,
parser_class=DefaultParser):
parser_class=DefaultParser,
use_ssl=False, keyfile=None, certfile=None,
cert_reqs=ssl_cert_reqs, ca_certs=None):
self.pid = os.getpid()
self.host = host
self.port = port
self.db = db
self.password = password
self.use_ssl = use_ssl
self.keyfile = keyfile
self.certfile = certfile
self.ca_certs = ca_certs
self.cert_reqs = cert_reqs
self.socket_timeout = socket_timeout
self.encoding = encoding
self.encoding_errors = encoding_errors
Expand Down Expand Up @@ -275,6 +289,13 @@ def _connect(self):
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(self.socket_timeout)
sock.connect((self.host, self.port))

if ssl_available and self.use_ssl:
sock = ssl.wrap_socket(sock,
cert_reqs=self.cert_reqs,
keyfile=self.keyfile,
certfile=self.certfile,
ca_certs=self.ca_certs, )
return sock

def _error_message(self, exception):
Expand Down