如何使用密码和ssl连接到redis数据库?

0sgqnhkj  于 2023-08-02  发布在  Redis
关注(0)|答案(1)|浏览(125)

我正在尝试使用R和RcppRedis连接到需要SSL和密码的redis数据库。我在一个Docker容器中构建了Renv,在这个容器中我编译了启用了SSL的hiredis,但是虽然我可以连接到我的生产数据库,但我不能与它交互。
为了确认它在没有密码或ssl的情况下工作,我可以使用以下命令连接到同一Docker网络上的redis本地示例并与之交互:

library(RcppRedis)
r <- new(Redis, "172.18.0.4")
r$exec("keys *")

## <lots of keys print here>

字符串
类似地,我可以连接生产数据库,但实际上无法与之交互。我怀疑是因为我只需要设置ssl=1,但我不知道在哪里,也不知道如何发送我的密码。
下面是我尝试过的:

redis <- new(Redis, "<my-redis-host>", port=6369, password="<my-password>", ssl="1")
## Error: Recieved NULL reply; potential connection loss with Redis

redis <- new(Redis, "<my-redis-host>", port=6369, auth="<my-password>", ssl="1")
## Error: Recieved NULL reply; potential connection loss with Redis

redis <- new(Redis, "<my-redis-host>", port=6369, ssl="1")
## Error: Recieved NULL reply; potential connection loss with Redis

redis <- new(Redis, "<my-redis-host>", port=6369)
redis$exec("auth <my-password>")
## Error: Recieved NULL reply; potential connection loss with Redis


我几乎没什么主意了。我错过了什么?这种方式是否比我想象的更复杂,并且我需要实际传递证书文件?
编辑:我可以使用python演示连接需要一个ssl标志:

from redis import Redis
redis = Redis(
  host="<my-redis-host>", 
  port=6369, 
  password="<my-password>", 
  ssl=True
)
redis.ping()
## True


从构建日志中,我可以看到RcppRedis找到了hiredis dll文件,并成功加载了自己的库。相关文件如下。
我的文件夹:

FROM rocker/r-ubuntu:latest

RUN echo "Set disable_coredump false" >> /etc/sudo.conf

RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -yq -f \
    apt-utils \
    curl \
    wget \
    nano \
    libssl-dev \
    git

RUN R -e "install.packages('Rcpp', repos='http://cran.rstudio.com/')"
RUN R -e "install.packages('RApiSerialize', repos='http://cran.rstudio.com/')"
RUN R -e "install.packages('openssl', repos='http://cran.rstudio.com/')"
RUN R -e "install.packages('RcppMsgPack', repos='http://cran.rstudio.com/')"

RUN git clone --branch v1.0.2 https://github.com/redis/hiredis.git &&\
  cd hiredis && \
  make USE_SSL=1 && \
  make install && \
  ldconfig

RUN R -e "install.packages('RcppRedis', repos='http://cran.rstudio.com/', INSTALL_opts=c('--no-lock'))"

CMD ["R", "-e", "Sys.sleep(1200)"]


这是构建日志的相关块:

#11 [8/9] RUN git clone --branch v1.0.2 https://github.com/redis/hiredis.git &&  cd hiredis &&   make USE_SSL=1 &&   make install &&   ldconfig
#11 sha256:74cb19dc98580450d5de1e6eb18d64f812254a6857dc4d45084e545eb58a9311
#11 0.755 Cloning into 'hiredis'...
#11 2.254 Note: switching to 'b731283245f3183af527237166261ad0768ba7d4'.
#11 2.254
#11 2.254 You are in 'detached HEAD' state. You can look around, make experimental
#11 2.254 changes and commit them, and you can discard any commits you make in this
#11 2.254 state without impacting any branches by switching back to a branch.
#11 2.254
#11 2.254 If you want to create a new branch to retain commits you create, you may
#11 2.254 do so (now or later) by using -c with the switch command. Example:
#11 2.254
#11 2.254   git switch -c <new-branch-name>
#11 2.254
#11 2.254 Or undo this operation with:
#11 2.254
#11 2.254   git switch -
#11 2.254
#11 2.254 Turn off this advice by setting config variable advice.detachedHead to false
#11 2.254
#11 2.318 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb alloc.c
#11 2.462 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb net.c
#11 3.536 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb hiredis.c
#11 4.981 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb sds.c
#11 6.000 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb async.c
#11 6.737 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb read.c
#11 7.121 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb sockcompat.c
#11 7.151 cc -shared -Wl,-soname,libhiredis.so.1.0.0 -o libhiredis.so alloc.o net.o hiredis.o sds.o async.o read.o sockcompat.o
#11 7.185 ar rcs libhiredis.a alloc.o net.o hiredis.o sds.o async.o read.o sockcompat.o
#11 7.193 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb test.c
#11 8.525 cc -std=c99 -pedantic -c -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb ssl.c
#11 8.991 ar rcs libhiredis_ssl.a ssl.o
#11 8.999 cc -o hiredis-test -O3 -fPIC  -DHIREDIS_TEST_SSL -Wall -W -Wstrict-prototypes -Wwrite-strings -Wno-missing-field-initializers -g -ggdb -I. test.o libhiredis.a libhiredis_ssl.a  -lssl -lcrypto -lssl -lcrypto -lpthread
#11 9.380 Generating hiredis.pc for pkgconfig...
#11 9.431 cc -shared -Wl,-soname,libhiredis_ssl.so.1.0.0  -o libhiredis_ssl.so ssl.o   -lssl -lcrypto
#11 9.732 Generating hiredis_ssl.pc for pkgconfig...
#11 9.794 mkdir -p /usr/local/include/hiredis /usr/local/include/hiredis/adapters /usr/local/lib
#11 9.801 cp -pPR hiredis.h async.h read.h sds.h alloc.h /usr/local/include/hiredis
#11 9.807 cp -pPR adapters/*.h /usr/local/include/hiredis/adapters
#11 9.816 cp -pPR libhiredis.so /usr/local/lib/libhiredis.so.1.0.0
#11 9.824 cd /usr/local/lib && ln -sf libhiredis.so.1.0.0 libhiredis.so
#11 9.830 cp -pPR libhiredis.a /usr/local/lib
#11 9.837 mkdir -p /usr/local/lib/pkgconfig
#11 9.841 cp -pPR hiredis.pc /usr/local/lib/pkgconfig
#11 DONE 10.0s

#12 [9/9] RUN R -e "install.packages('RcppRedis', repos='http://cran.rstudio.com/', INSTALL_opts=c('--no-lock'))"
#12 sha256:2bcf3d61aaa393f7aed955d1ebda22a5198fe6fca9e62c03d4ec0835c7ec6a2d
#12 0.968
#12 0.968 R version 4.2.1 (2022-06-23) -- "Funny-Looking Kid"
#12 0.968 Copyright (C) 2022 The R Foundation for Statistical Computing
#12 0.968 Platform: x86_64-pc-linux-gnu (64-bit)
#12 0.968
#12 0.968 R is free software and comes with ABSOLUTELY NO WARRANTY.
#12 0.968 You are welcome to redistribute it under certain conditions.
#12 0.968 Type 'license()' or 'licence()' for distribution details.
#12 0.968
#12 0.969   Natural language support but running in an English locale
#12 0.969
#12 0.969 R is a collaborative project with many contributors.
#12 0.969 Type 'contributors()' for more information and
#12 0.969 'citation()' on how to cite R or R packages in publications.
#12 0.969
#12 0.969 Type 'demo()' for some demos, 'help()' for on-line help, or
#12 0.969 'help.start()' for an HTML browser interface to help.
#12 0.969 Type 'q()' to quit R.
#12 0.969
#12 1.120 > install.packages('RcppRedis', repos='http://cran.rstudio.com/', INSTALL_opts=c('--no-lock'))
#12 1.125 Installing package into ‘/usr/local/lib/R/site-library’
#12 1.125 (as ‘lib’ is unspecified)
#12 3.952 trying URL 'http://cran.rstudio.com/src/contrib/RcppRedis_0.2.3.tar.gz'
#12 4.208 Content type 'application/x-gzip' length 1066907 bytes (1.0 MB)
#12 4.208 ==================================================
#12 4.703 downloaded 1.0 MB
#12 4.703
#12 5.706 * installing *source* package ‘RcppRedis’ ...
#12 5.720 ** package ‘RcppRedis’ successfully unpacked and MD5 sums checked
#12 5.721 staged installation is only possible with locking
#12 5.721 ** using non-staged installation
#12 6.339 checking whether the C++ compiler works... yes
#12 6.562 checking for C++ compiler default output file name... a.out
#12 6.564 checking for suffix of executables...
#12 6.823 checking whether we are cross compiling... no
#12 7.101 checking for suffix of object files... o
#12 7.156 checking whether the compiler supports GNU C++... yes
#12 7.206 checking whether g++ -std=gnu++14 accepts -g... yes
#12 7.252 checking for g++ -std=gnu++14 option to enable C++11 features... none needed
#12 7.727 checking how to run the C++ preprocessor... g++ -std=gnu++14 -E
#12 8.109 checking whether the compiler supports GNU C++... (cached) yes
#12 8.111 checking whether g++ -std=gnu++14 accepts -g... (cached) yes
#12 8.114 checking for g++ -std=gnu++14 option to enable C++11 features... (cached) none needed
#12 8.118 checking for pkg-config... yes
#12 8.156 checking for stdio.h... yes
#12 8.275 checking for stdlib.h... yes
#12 8.419 checking for string.h... yes
#12 8.544 checking for inttypes.h... yes
#12 8.705 checking for stdint.h... yes
#12 8.819 checking for strings.h... yes
#12 8.909 checking for sys/stat.h... yes
#12 8.997 checking for sys/types.h... yes
#12 9.096 checking for unistd.h... yes
#12 9.265 checking for hiredis/hiredis.h... yes
#12 9.469 checking for RcppMsgPack... yes
#12 10.45 configure: Found RcppMsgPack, using '-I/usr/local/lib/R/site-library/RcppMsgPack/include -DHAVE_MSGPACK'
#12 10.48 configure: creating ./config.status
#12 10.62 config.status: creating src/Makevars
#12 10.65
#12 10.65 RcppRedis 0.2.3
#12 10.65 ================
#12 10.65
#12 10.65 compiler flags:  -D_FILE_OFFSET_BITS=64 -I/usr/local/include/hiredis -I/usr/local/lib/R/site-library/RcppMsgPack/include -DHAVE_MSGPACK
#12 10.65 link argument:   -L/usr/local/lib -lhiredis
#12 10.65 library target:
#12 10.65
#12 10.71 ** libs
#12 10.71 g++ -std=gnu++14 -I"/usr/share/R/include" -DNDEBUG  -I'/usr/local/lib/R/site-library/Rcpp/include' -I'/usr/local/lib/R/site-library/RApiSerialize/include'   -D_FILE_OFFSET_BITS=64 -I/usr/local/include/hiredis -I/usr/local/lib/R/site-library/RcppMsgPack/include -DHAVE_MSGPACK -fpic  -g -O2 -ffile-prefix-map=/build/r-base-a1ov7y/r-base-4.2.1=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2  -c Redis.cpp -o Redis.o
#12 36.58 gcc -I"/usr/share/R/include" -DNDEBUG  -I'/usr/local/lib/R/site-library/Rcpp/include' -I'/usr/local/lib/R/site-library/RApiSerialize/include'    -fpic  -g -O2 -ffile-prefix-map=/build/r-base-a1ov7y/r-base-4.2.1=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -Wdate-time -D_FORTIFY_SOURCE=2  -c init.c -o init.o
#12 36.70 g++ -std=gnu++14 -shared -L/usr/lib/R/lib -Wl,-Bsymbolic-functions -flto=auto -ffat-lto-objects -flto=auto -Wl,-z,relro -o RcppRedis.so Redis.o init.o -L/usr/local/lib -lhiredis -L/usr/lib/R/lib -lR
#12 45.49 installing to /usr/local/lib/R/site-library/RcppRedis/libs
#12 45.50 ** R
#12 45.51 ** demo
#12 45.51 ** inst
#12 45.52 ** byte-compile and prepare package for lazy loading
#12 46.14 ** help
#12 46.16 *** installing help indices
#12 46.19 ** building package indices
#12 46.47 ** installing vignettes
#12 46.48 ** testing if installed package can be loaded
#12 47.97 * DONE (RcppRedis)
#12 48.02
#12 48.02 The downloaded source packages are in
#12 48.02       ‘/tmp/RtmpAGjyAc/downloaded_packages’
#12 48.02 >
#12 48.02 >

gudnpqoy

gudnpqoy1#

RcppRedis使用hiredis,这是Redis访问的标准C库。
如果您转到documentation of the hiredis API,您会发现一个名为“使用SSL和hiredis”的部分,其中说明
hiredis本机不支持SSL连接。为了增加安全措施,您可以使用stunnel来保护连接。
这就解释了为什么你没那么走运。

相关问题