From 54d95f298bd01369ad4a7930adf4031c80eefd72 Mon Sep 17 00:00:00 2001
From: Gonzalo Luque <gonzalo.luque@dacadoo.com>
Date: Mon, 6 Nov 2023 15:21:19 +0100
Subject: [PATCH] Add TLS support

---
 CHANGELOG     |  4 +++-
 src/redis.lua | 18 +++++++++++++++++-
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 3836620..93c4434 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,4 +1,4 @@
-v2.0.5 (2013-xx-xx)
+v2.0.5 (2023-xx-xx)
   * New commands added: `BITOP`, `BITCOUNT`, `SCAN`, `SSCAN`, `ZSCAN`, `HSCAN`.
 
   * Added the ability to specify a socket timeout in the connection parameters.
@@ -7,6 +7,8 @@ v2.0.5 (2013-xx-xx)
 
   * Fixed command serialization when command arguments contain nil values.
 
+  * Added the possibility to connect to a redis server with TLS enabled.
+
 v2.0.4 (2012-07-15)
   * The library is now fully compatible with Lua 5.2.
 
diff --git a/src/redis.lua b/src/redis.lua
index 98b4710..b117036 100644
--- a/src/redis.lua
+++ b/src/redis.lua
@@ -842,7 +842,23 @@ local function create_connection(parameters)
         perform_connection, socket = connect_tcp, require('socket').tcp
     end
 
-    return perform_connection(socket(), parameters)
+    local conn = perform_connection(socket(), parameters)
+
+    if parameters.tls then
+        local ssl = require("ssl")
+        local params = {
+            mode = parameters.mode or "client",
+            protocol = parameters.protocol or "any",
+            key = parameters.key,
+            certificate = parameters.certificate,
+            cafile = parameters.cafile,
+            verify = parameters.verify or "peer",
+            options = parameters.options or "all",
+        }
+        conn = ssl.wrap(conn, params)
+        conn:dohandshake()
+    end
+    return conn
 end
 
 -- ############################################################################