Redis driver fork update v9.6.1 #47049
Conversation
greedy52
added
the
no-changelog
greedy52
force-pushed
the
STeve/redis_driver_update
branch
from
458c630 to
8bdc468
Compare
greedy52
force-pushed
the
STeve/redis_driver_update
branch
from
8bdc468 to
576b62a
Compare
| OnConnect: onConnect, | ||
|
|
||
| // Auth should be done by the `OnConnect` callback here. So disable | ||
| // "automatic" auth by the client. | ||
| DisableAuthOnConnect: true, |
There was a problem hiding this comment.
In the previous driver, we disabled auth on connect and performed auth during OnConnect callback.
We are switching to use CredentialsProviderContext now for auth and we set Protocol to v2 so the driver won't do RESP3 HELLO
There was a problem hiding this comment.
looking at drive code it will always send HELLO 2 now instead of not doing HELLO at all (on connection), right?
There was a problem hiding this comment.
yes, and the auth will be done using HELLO 2 AUTH <user> <password> instead of just AUTH. In my opinion, it's a win for newer servers. I haven't tested older version (<6.2) tho. The driver suppose to fallback to regular AUTH. We can test that during release testing.
| func authWithPasswordOnConnect(username, password string) onClientConnectFunc { | ||
| return func(ctx context.Context, conn *redis.Conn) error { | ||
| return authConnection(ctx, conn, username, password) | ||
| func authWithPasswordOnConnect(username, password string) fetchCredentialsFunc { |
There was a problem hiding this comment.
Simple refactor to change the onConnect functions to credentials provider.
github-actions
bot
added
database-access
| // but Teleport currently only supports RESP2. The client generally | ||
| // fallbacks to RESP2 when they receive an unknown command error for the | ||
| // HELLO message. | ||
| e.maybeHandleFirstHello() |
There was a problem hiding this comment.
This logic is caught and verified by TestAccessRedis test (which is basically a bug in our code that we haven't caught before with "older" clients)
| OnConnect: onConnect, | ||
|
|
||
| // Auth should be done by the `OnConnect` callback here. So disable | ||
| // "automatic" auth by the client. | ||
| DisableAuthOnConnect: true, |
There was a problem hiding this comment.
looking at drive code it will always send HELLO 2 now instead of not doing HELLO at all (on connection), right?
|
Friendly ping @r0mant |
…/redis_driver_update
public-teleport-github-review-bot
bot
removed the request for review
from fheinecke
* Redis driver fork update * fix lint * update integrations * fix typo
Part of #43544
Fork branch: https://github.com/gravitational/redis/tree/teleport/v9.6.1
Fork release: https://github.com/gravitational/redis/releases/tag/v9.6.1-teleport.1