Add comprehensive TLS URL parameter support across all Redis client types:
- Cluster Client (ParseClusterURL): Full TLS parameter support
- Sentinel Client (ParseFailoverURL): Full TLS parameter support
- Universal Client: Inherits support from underlying clients
Supported parameters for all client types:
- tls_cert_file and tls_key_file: Client certificate authentication
- tls_min_version and tls_max_version: TLS version constraints
- tls_server_name: Server name override for certificate validation
- skip_verify: Skip certificate verification (existing parameter)
Features:
- Consistent API across all client types
- Comprehensive test coverage for cluster client
- Enhanced documentation for all client configurations
- Proper error handling and validation
This ensures users have the same TLS configuration capabilities
regardless of which Redis client type they use, providing a
consistent and complete TLS configuration experience.
* Fix hard code of failing timeout
1. if not set failing time limit, default is 15 seconds.
* feat: Complete configurable FailingTimeoutSeconds implementation
---------
Co-authored-by: Shino Wu <shino_wu@trendmicro.com>
- replace two similar functions `appendUniqueNode` and `appendIfNotExists` with a generic function.
- simplify the implementation of the `get` method in `clusterNodes`
- keep the member name `_generation` of `clusterNodes` consistent with other types.
- rename a data member `_masterAddr` to `masterAddr`.
Signed-off-by: Xiaolong Chen <fukua95@gmail.com>
* fix(txpipeline): keyless commands should take the slot of the keyed commands
* fix(txpipeline): extract only keyed cmds from all cmds
* chore(test): Add tests for keyless cmds and txpipeline
* fix(cmdSlot): Add preferred random slot
* fix(cmdSlot): Add shortlist of keyless cmds
* chore(test): Fix ring test
* fix(keylessCommands): Add list of keyless commands
Add list of keyless Commands based on the Commands output
for redis 8
* chore(txPipeline): refactor slottedCommands impl
* fix(osscluster): typo
* fix(txpipeline): should return error on multi/exec on multiple slots
* fix(txpipeline): test normal tx pipeline behaviour
* chore(err): Extract crossslot err and add test
* fix(txpipeline): short curcuit the tx if there are no commands
* chore(tests): validate keys are in different slots
* wip
* update documentation
* add streamingcredentialsprovider in options
* fix: put back option in pool creation
* add package level comment
* Initial re authentication implementation
Introduces the StreamingCredentialsProvider as the CredentialsProvider
with the highest priority.
TODO: needs to be tested
* Change function type name
Change CancelProviderFunc to UnsubscribeFunc
* add tests
* fix race in tests
* fix example tests
* wip, hooks refactor
* fix build
* update README.md
* update wordlist
* update README.md
* refactor(auth): early returns in cred listener
* fix(doctest): simulate some delay
* feat(conn): add close hook on conn
* fix(tests): simulate start/stop in mock credentials provider
* fix(auth): don't double close the conn
* docs(README): mark streaming credentials provider as experimental
* fix(auth): streamline auth err proccess
* fix(auth): check err on close conn
* chore(entraid): use the repo under redis org
* migrate golangci-lint config to v2 format
* chore: skip CI on migration [skip ci]
* Bump golangci version
* Address several golangci-lint/staticcheck warnings
* change staticchecks settings
* fix: handle network error on SETINFO
This fix addresses potential out of order responses as described in `CVE-2025-29923`
* fix: deprecate DisableIndentity and introduce DisableIdentity
Both options will work before V10. In v10 DisableIndentity will be dropped. The preferred flag to use is `DisableIdentity`.
* fix: add unstableresp3 to cluster client
* propagate unstableresp3
* proper test that will ignore error, but fail if client panics
* add separate test for clusterclient constructor
Resolve a race condition in the clusterNodes.Addrs() method.
Previously, the method returned a reference to a string slice, creating
the potential for concurrent reads by the caller while the slice was
being modified by the garbage collection process.
Co-authored-by: Nedyalko Dyakov <nedyalko.dyakov@gmail.com>
* Only check latencies once every 10 seconds with `routeByLatency`
`routeByLatency` currently checks latencies any time a server returns
a MOVED or READONLY reply. When a shard is down, the ClusterClient
chooses to issue the request to a random server, which returns a MOVED
reply. This causes a state refresh and a latency update on all servers.
This can lead to significant ping load to clusters with a large number
of clients.
This introduces logic to ping only once every 10 seconds, only
performing a latency update on a node during the `GC` function if the
latency was set later than 10 seconds ago.
Fixes https://github.com/redis/go-redis/issues/2782
* use UnixNano instead of Unix for better precision
---------
Co-authored-by: ofekshenawa <104765379+ofekshenawa@users.noreply.github.com>
