Expose internals and add an option to disable AUTH/HELLO on new conne…

…ction (#16) * Expose internals for Redis proxy (v9.0.0-rc.1) * Add an option to disable AUTH and HELLO on new connection
gravitational · Oct 24, 2022 · ed9116f · ed9116f
1 parent f6940c8
commit ed9116f
Show file tree

Hide file tree

Showing 5 changed files with 68 additions and 30 deletions.
diff --git a/command.go b/command.go
@@ -468,6 +468,11 @@ func (cmd *Cmd) readReply(rd *proto.Reader) (err error) {
 	return err
 }
 
+func (cmd *Cmd) ReadReply(rd *proto.Reader) (err error) {
+	cmd.val, err = rd.ReadReply()
+	return err
+}
+
 //------------------------------------------------------------------------------
 
 type SliceCmd struct {

diff --git a/internal/proto/writer.go b/internal/proto/writer.go
@@ -59,6 +59,10 @@ func (w *Writer) writeLen(n int) error {
 	return err
 }
 
+func (w *Writer) WriteLen(n int) error {
+	return w.writeLen(n)
+}
+
 func (w *Writer) WriteArg(v interface{}) error {
 	switch v := v.(type) {
 	case nil:

diff --git a/options.go b/options.go
@@ -128,6 +128,10 @@ type Options struct {
 
 	// Enables read only queries on slave/follower nodes.
 	readOnly bool
+
+	// DisableAuthOnConnect (Teleport) disables sending AUTH or HELLO commands
+	// on new connection.
+	DisableAuthOnConnect bool
 }
 
 func (opt *Options) init() {

diff --git a/proto.go b/proto.go
@@ -0,0 +1,23 @@
+package redis
+
+import (
+	"bytes"
+	"io"
+
+	"github.com/go-redis/redis/v9/internal/proto"
+)
+
+type Reader = proto.Reader
+type Writer = proto.Writer
+type RedisError = proto.RedisError
+
+const RespArray = proto.RespArray
+const RespInt = proto.RespInt
+
+func NewReader(rd io.Reader) *Reader {
+	return proto.NewReader(rd)
+}
+
+func NewWriter(wr *bytes.Buffer) *Writer {
+	return proto.NewWriter(wr)
+}
diff --git a/redis.go b/redis.go
@@ -221,45 +221,47 @@ func (c *baseClient) initConn(ctx context.Context, cn *pool.Conn) error {
 	}
 	cn.Inited = true
 
-	username, password := c.opt.Username, c.opt.Password
-	if c.opt.CredentialsProvider != nil {
-		username, password = c.opt.CredentialsProvider()
-	}
-
 	connPool := pool.NewSingleConnPool(c.connPool, cn)
 	conn := newConn(c.opt, connPool)
 
-	var auth bool
+	if !c.opt.DisableAuthOnConnect {
+		username, password := c.opt.Username, c.opt.Password
+		if c.opt.CredentialsProvider != nil {
+			username, password = c.opt.CredentialsProvider()
+		}
 
-	// For redis-server < 6.0 that does not support the Hello command,
-	// we continue to provide services with RESP2.
-	if err := conn.Hello(ctx, 3, username, password, "").Err(); err == nil {
-		auth = true
-	} else if !strings.HasPrefix(err.Error(), "ERR unknown command") {
-		return err
-	}
+		var auth bool
 
-	_, err := conn.Pipelined(ctx, func(pipe Pipeliner) error {
-		if !auth && password != "" {
-			if username != "" {
-				pipe.AuthACL(ctx, username, password)
-			} else {
-				pipe.Auth(ctx, password)
-			}
+		// For redis-server < 6.0 that does not support the Hello command,
+		// we continue to provide services with RESP2.
+		if err := conn.Hello(ctx, 3, username, password, "").Err(); err == nil {
+			auth = true
+		} else if !strings.HasPrefix(err.Error(), "ERR unknown command") {
+			return err
 		}
 
-		if c.opt.DB > 0 {
-			pipe.Select(ctx, c.opt.DB)
-		}
+		_, err := conn.Pipelined(ctx, func(pipe Pipeliner) error {
+			if !auth && password != "" {
+				if username != "" {
+					pipe.AuthACL(ctx, username, password)
+				} else {
+					pipe.Auth(ctx, password)
+				}
+			}
 
-		if c.opt.readOnly {
-			pipe.ReadOnly(ctx)
-		}
+			if c.opt.DB > 0 {
+				pipe.Select(ctx, c.opt.DB)
+			}
 
-		return nil
-	})
-	if err != nil {
-		return err
+			if c.opt.readOnly {
+				pipe.ReadOnly(ctx)
+			}
+
+			return nil
+		})
+		if err != nil {
+			return err
+		}
 	}
 
 	if c.opt.OnConnect != nil {