GithubBackup/MyGoNavi
1
0
Fork 0
mirror of https://github.com/Syngnat/GoNavi.git synced 2026-05-31 22:59:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
654178c8cd3475aeb445eb8b22a6fabff46867fa
MyGoNavi/internal/redis/ssl_mode.go
Syngnat b707c74203 feat(connection): 支持连接 SSL 证书文件配置 
- 新增 CA 证书、客户端证书和私钥路径配置
- 为 MySQL、PostgreSQL、ClickHouse、MongoDB、Redis 等连接接入 TLS 证书
- 修正 SSL 模式下证书校验、明文回退和 DER 证书兼容问题
- 补充证书路径保存、RPC 传递和 DSN 生成回归测试
Refs #463
2026-05-15 22:04:20 +08:00

74 lines
1.9 KiB
Go
Raw Blame History

package redis
import (
"crypto/tls"
"strings"
"GoNavi-Wails/internal/connection"
"GoNavi-Wails/internal/tlsconfig"
)
func normalizeRedisSSLMode(raw string) string {
mode := strings.ToLower(strings.TrimSpace(raw))
switch mode {
case "", "preferred", "prefer":
return "preferred"
case "required", "require", "on", "true", "mandatory", "strict":
return "required"
case "skip-verify", "insecure", "skipverify", "skip_verify", "insecure-skip-verify":
return "skip-verify"
case "disable", "disabled", "off", "false", "none":
return "disable"
default:
return "preferred"
}
}
func redisSSLMode(config connection.ConnectionConfig) string {
if !config.UseSSL {
return "disable"
}
return normalizeRedisSSLMode(config.SSLMode)
}
func shouldTryRedisSSLPreferredFallback(config connection.ConnectionConfig) bool {
return config.UseSSL && normalizeRedisSSLMode(config.SSLMode) == "preferred"
}
func withRedisSSLDisabled(config connection.ConnectionConfig) connection.ConnectionConfig {
next := config
next.UseSSL = false
next.SSLMode = "disable"
return next
}
func resolveRedisTLSConfig(config connection.ConnectionConfig) (*tls.Config, error) {
switch redisSSLMode(config) {
case "disable":
return nil, nil
case "required":
return tlsconfig.BuildClientConfig(tlsconfig.ClientConfigOptions{
Enabled: true,
CAPath: config.SSLCAPath,
CertPath: config.SSLCertPath,
KeyPath: config.SSLKeyPath,
})
case "skip-verify":
return tlsconfig.BuildClientConfig(tlsconfig.ClientConfigOptions{
Enabled: true,
InsecureSkipVerify: true,
CAPath: config.SSLCAPath,
CertPath: config.SSLCertPath,
KeyPath: config.SSLKeyPath,
})
default:
return tlsconfig.BuildClientConfig(tlsconfig.ClientConfigOptions{
Enabled: true,
InsecureSkipVerify: true,
CAPath: config.SSLCAPath,
CertPath: config.SSLCertPath,
KeyPath: config.SSLKeyPath,
})
}
}
Reference in New Issue View Git Blame Copy Permalink