9.0.2 (#242)

* feat: support rustls/ring backend --------- Co-authored-by: Lucas Kent <[email protected]>
aembke · Apr 30, 2024 · fd8f35d · fd8f35d
1 parent 6ae3f98
commit fd8f35d
Show file tree

Hide file tree

Showing 21 changed files with 702 additions and 238 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -95,6 +95,14 @@ commands:
           name: Run cluster tests with rustls features
           command: source tests/environ && tests/scripts/tls-creds.sh && tests/runners/cluster-rustls.sh
       - save-cargo-deps-cache
+  test_rustls_cluster_ring:
+    steps:
+      - checkout
+      - restore-cargo-deps-cache
+      - run:
+          name: Run cluster tests with rustls/ring features
+          command: source tests/environ && tests/scripts/tls-creds.sh && tests/runners/cluster-rustls-ring.sh
+      - save-cargo-deps-cache
   test_default_nil_types_features:
     steps:
       - checkout
@@ -199,6 +207,16 @@ jobs:
       FRED_CI_TLS: true
     steps:
       - test_rustls_cluster
+  test-cluster-rustls-ring-features-7_2:
+    machine:
+      image: ubuntu-2204:2022.10.2
+      docker_layer_caching: true
+    resource_class: medium
+    environment:
+      REDIS_VERSION: 7.2.4
+      FRED_CI_TLS: true
+    steps:
+      - test_rustls_cluster_ring
   test-sentinel-7_2:
     machine:
       image: ubuntu-2204:2022.10.2
@@ -265,5 +283,6 @@ workflows:
       - test-misc
       - test-cluster-tls-features-7_2
       - test-cluster-rustls-features-7_2
+      - test-cluster-rustls-ring-features-7_2
       - clippy-lint
       - check-all-interface-features
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## 9.0.2
+
+* Add `enable-rustls-ring` feature flag
+
 ## 9.0.1
 
 * Fix `partial-tracing` imports

diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "fred"
-version = "9.0.1"
+version = "9.0.2"
 authors = ["Alec Embke <[email protected]>"]
 edition = "2021"
 description = "An async Redis client built on Tokio."
@@ -36,14 +36,14 @@ semver = "1.0"
 socket2 = "0.5"
 urlencoding = "2.1"
 crossbeam-queue = "0.3"
-rustls = { version = "0.23", optional = true }
+rustls = { version = "0.23", optional = true, default-features = false }
 native-tls = { version = "0.2", optional = true }
 tokio-native-tls = { version = "0.3", optional = true }
 tracing = { version = "0.1", optional = true }
 tracing-futures = { version = "0.2", optional = true }
 nom = { version = "7.1", optional = true }
 serde_json = { version = "1", optional = true }
-tokio-rustls = { version = "0.26", optional = true }
+tokio-rustls = { version = "0.26", optional = true, default-features = false }
 rustls-native-certs = { version = "0.7", optional = true }
 trust-dns-resolver = { version = "0.23", optional = true }
 async-trait = { version = "0.1" }
@@ -122,7 +122,18 @@ subscriber-client = ["i-pubsub"]
 metrics = []
 mocks = []
 dns = ["trust-dns-resolver", "trust-dns-resolver/tokio"]
-enable-rustls = ["rustls", "tokio-rustls", "rustls-native-certs"]
+# Enables rustls with the rustls/aws_lc_rs crypto backend
+enable-rustls = [
+    "rustls", "tokio-rustls", "rustls-native-certs",
+    "rustls/std", "tokio-rustls/logging", "tokio-rustls/tls12",
+    "tokio-rustls/aws_lc_rs"
+]
+# Enables rustls with the rustls/ring backend
+enable-rustls-ring = [
+    "rustls", "tokio-rustls", "rustls-native-certs",
+    "rustls/std", "tokio-rustls/logging", "tokio-rustls/tls12",
+    "tokio-rustls/ring"
+]
 enable-native-tls = ["native-tls", "tokio-native-tls"]
 vendored-openssl = ["enable-native-tls", "native-tls/vendored"]
 full-tracing = ["partial-tracing"]

diff --git a/README.md b/README.md
@@ -68,7 +68,8 @@ See the [examples](https://github.com/aembke/fred.rs/tree/main/examples) for mor
 |---------------------------|---------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------|
 | `transactions`            | x       | Enable a [Transaction](https://redis.io/docs/interact/transactions/) interface.                                                                                     |
 | `enable-native-tls`       |         | Enable TLS support via [native-tls](https://crates.io/crates/native-tls).                                                                                           |
-| `enable-rustls`           |         | Enable TLS support via [rustls](https://crates.io/crates/rustls).                                                                                                   |
+| `enable-rustls`           |         | Enable TLS support via [rustls](https://crates.io/crates/rustls) with the default crypto backend features.                                                          |
+| `enable-rustls-ring`      |         | Enable TLS support via [rustls](https://crates.io/crates/rustls) and the ring crypto backend.                                                                       |
 | `vendored-openssl`        |         | Enable the `native-tls/vendored` feature.                                                                                                                           |
 | `metrics`                 |         | Enable the metrics interface to track overall latency, network latency, and request/response sizes.                                                                 |
 | `full-tracing`            |         | Enable full [tracing](./src/trace/README.md) support. This can emit a lot of data.                                                                                  |

diff --git a/bin/benchmark/src/_fred.rs b/bin/benchmark/src/_fred.rs
@@ -8,7 +8,11 @@ use std::{
 };
 use tokio::task::JoinHandle;
 
-#[cfg(any(feature = "enable-rustls", feature = "enable-native-tls"))]
+#[cfg(any(
+  feature = "enable-rustls",
+  feature = "enable-native-tls",
+  feature = "enabled-rustls-ring"
+))]
 use fred::types::{TlsConfig, TlsConnector, TlsHostMapping};
 use futures::TryStreamExt;
 
@@ -45,7 +49,11 @@ pub async fn init(argv: &Arc<Argv>) -> Result<RedisPool, RedisError> {
     },
     username,
     password: argv.auth.clone().or(password),
-    #[cfg(any(feature = "enable-native-tls", feature = "enable-rustls"))]
+    #[cfg(any(
+      feature = "enable-native-tls",
+      feature = "enable-rustls",
+      feature = "enable-rustls-ring"
+    ))]
     tls: default_tls_config(),
     #[cfg(any(feature = "stdout-tracing", feature = "partial-tracing", feature = "full-tracing"))]
     tracing: TracingConfig::new(argv.tracing),
@@ -114,7 +122,7 @@ pub async fn run(argv: Arc<Argv>, counter: Arc<AtomicUsize>, bar: Option<Progres
 
   info!("Starting commands...");
   let started = SystemTime::now();
-  for _ in 0 .. argv.tasks {
+  for _ in 0..argv.tasks {
     tasks.push(spawn_client_task(&bar, pool.next(), &counter, &argv));
   }
   if let Err(e) = futures::future::try_join_all(tasks).await {

diff --git a/bin/benchmark/src/main.rs b/bin/benchmark/src/main.rs
@@ -47,7 +47,11 @@ static DEFAULT_PORT: u16 = 6379;
 
 mod utils;
 
-#[cfg(all(feature = "enable-rustls", feature = "enable-native-tls"))]
+#[cfg(all(
+  feature = "enable-rustls",
+  feature = "enable-native-tls",
+  feature = "enable-rustls-ring"
+))]
 compile_error!("Cannot use both TLS feature flags.");
 
 #[cfg(not(feature = "redis-rs"))]
@@ -62,18 +66,18 @@ use _redis::run as run_benchmark;
 // TODO update clap
 #[derive(Debug)]
 struct Argv {
-  pub cluster:  bool,
+  pub cluster: bool,
   pub replicas: bool,
-  pub tracing:  bool,
-  pub count:    usize,
-  pub tasks:    usize,
-  pub unix:     Option<String>,
-  pub host:     String,
-  pub port:     u16,
+  pub tracing: bool,
+  pub count: usize,
+  pub tasks: usize,
+  pub unix: Option<String>,
+  pub host: String,
+  pub port: u16,
   pub pipeline: bool,
-  pub pool:     usize,
-  pub quiet:    bool,
-  pub auth:     Option<String>,
+  pub pool: usize,
+  pub quiet: bool,
+  pub auth: Option<String>,
 }
 
 fn parse_argv() -> Arc<Argv> {

diff --git a/examples/tls.rs b/examples/tls.rs
@@ -3,7 +3,11 @@
 
 use fred::prelude::*;
 
-#[cfg(any(feature = "enable-native-tls", feature = "enable-rustls"))]
+#[cfg(any(
+  feature = "enable-native-tls",
+  feature = "enable-rustls",
+  feature = "enable-rustls-ring"
+))]
 use fred::types::TlsConnector;
 
 #[cfg(feature = "enable-native-tls")]
@@ -20,7 +24,10 @@ fn create_tls_config() -> TlsConnector {
     .into()
 }
 
-#[cfg(all(feature = "enable-rustls", not(feature = "enable-native-tls")))]
+#[cfg(all(
+  any(feature = "enable-rustls", feature = "enable-rustls-ring"),
+  not(feature = "enable-native-tls")
+))]
 fn create_tls_config() -> TlsConnector {
   use fred::rustls::{ClientConfig, RootCertStore};
 
@@ -34,7 +41,11 @@ fn create_tls_config() -> TlsConnector {
 #[tokio::main]
 async fn main() -> Result<(), RedisError> {
   let config = RedisConfig {
-    #[cfg(any(feature = "enable-rustls", feature = "enable-native-tls"))]
+    #[cfg(any(
+      feature = "enable-rustls",
+      feature = "enable-native-tls",
+      feature = "enable-rustls-ring"
+    ))]
     tls: Some(create_tls_config().into()),
     ..RedisConfig::default()
   };

diff --git a/src/error.rs b/src/error.rs
@@ -38,8 +38,19 @@ pub enum RedisErrorKind {
   /// A protocol error such as an invalid or unexpected frame from the server.
   Protocol,
   /// A TLS error.
-  #[cfg(any(feature = "enable-native-tls", feature = "enable-rustls"))]
-  #[cfg_attr(docsrs, doc(cfg(any(feature = "enable-native-tls", feature = "enable-rustls"))))]
+  #[cfg(any(
+    feature = "enable-native-tls",
+    feature = "enable-rustls",
+    feature = "enable-rustls-ring"
+  ))]
+  #[cfg_attr(
+    docsrs,
+    doc(cfg(any(
+      feature = "enable-native-tls",
+      feature = "enable-rustls",
+      feature = "enable-rustls-ring"
+    )))
+  )]
   Tls,
   /// An error indicating the request was canceled.
   Canceled,
@@ -78,7 +89,11 @@ impl RedisErrorKind {
       RedisErrorKind::Canceled => "Canceled",
       RedisErrorKind::Cluster => "Cluster Error",
       RedisErrorKind::Timeout => "Timeout Error",
-      #[cfg(any(feature = "enable-native-tls", feature = "enable-rustls"))]
+      #[cfg(any(
+        feature = "enable-native-tls",
+        feature = "enable-rustls",
+        feature = "enable-rustls-ring"
+      ))]
       RedisErrorKind::Tls => "TLS Error",
       RedisErrorKind::Config => "Config Error",
       RedisErrorKind::Parse => "Parse Error",
@@ -275,17 +290,17 @@ impl From<native_tls::Error> for RedisError {
 }
 
 #[doc(hidden)]
-#[cfg(feature = "enable-rustls")]
-#[cfg_attr(docsrs, doc(cfg(feature = "enable-rustls")))]
+#[cfg(any(feature = "enable-rustls", feature = "enable-rustls-ring"))]
+#[cfg_attr(docsrs, doc(cfg(any(feature = "enable-rustls", feature = "enable-rustls-ring"))))]
 impl From<rustls::pki_types::InvalidDnsNameError> for RedisError {
   fn from(e: rustls::pki_types::InvalidDnsNameError) -> Self {
     RedisError::new(RedisErrorKind::Tls, format!("{:?}", e))
   }
 }
 
 #[doc(hidden)]
-#[cfg(feature = "enable-rustls")]
-#[cfg_attr(docsrs, doc(cfg(feature = "enable-rustls")))]
+#[cfg(any(feature = "enable-rustls", feature = "enable-rustls-ring"))]
+#[cfg_attr(docsrs, doc(cfg(any(feature = "enable-rustls", feature = "enable-rustls-ring"))))]
 impl From<rustls::Error> for RedisError {
   fn from(e: rustls::Error) -> Self {
     RedisError::new(RedisErrorKind::Tls, format!("{:?}", e))

diff --git a/src/lib.rs b/src/lib.rs
@@ -160,7 +160,18 @@ pub mod prelude {
     },
   };
 
-  #[cfg(any(feature = "enable-native-tls", feature = "enable-rustls"))]
-  #[cfg_attr(docsrs, doc(cfg(any(feature = "enable-rustls", feature = "enable-native-tls"))))]
+  #[cfg(any(
+    feature = "enable-native-tls",
+    feature = "enable-rustls",
+    feature = "enable-rustls-ring"
+  ))]
+  #[cfg_attr(
+    docsrs,
+    doc(cfg(any(
+      feature = "enable-rustls",
+      feature = "enable-native-tls",
+      feature = "enable-rustls-ring"
+    )))
+  )]
   pub use crate::types::{TlsConfig, TlsConnector};
 }