From aaa018b753a9fc302661aac52cd578efc22e8b89 Mon Sep 17 00:00:00 2001
From: Rene Klacan <rene@klacan.sk>
Date: Wed, 11 Dec 2024 12:39:37 +0100
Subject: [PATCH] Add rustls support when using Redis

Via `redis_storage_rustls` feature.

This doesn't affect default usage.
---
 Cargo.lock           | 101 +++++++++++++++++++++++++++++++++++++++++++
 limitador/Cargo.toml |  51 +++++++++++++++++-----
 2 files changed, 140 insertions(+), 12 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 3b5909bf..464512c1 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2974,12 +2974,17 @@ dependencies = [
  "num-bigint",
  "percent-encoding",
  "pin-project-lite",
+ "rustls",
+ "rustls-native-certs",
+ "rustls-pemfile",
+ "rustls-pki-types",
  "ryu",
  "sha1_smol",
  "socket2",
  "tokio",
  "tokio-native-tls",
  "tokio-retry2",
+ "tokio-rustls",
  "tokio-util",
  "url",
 ]
@@ -3053,6 +3058,21 @@ version = "0.8.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c"
 
+[[package]]
+name = "ring"
+version = "0.17.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d"
+dependencies = [
+ "cc",
+ "cfg-if",
+ "getrandom",
+ "libc",
+ "spin",
+ "untrusted",
+ "windows-sys 0.52.0",
+]
+
 [[package]]
 name = "rocksdb"
 version = "0.22.0"
@@ -3097,6 +3117,59 @@ dependencies = [
  "windows-sys 0.52.0",
 ]
 
+[[package]]
+name = "rustls"
+version = "0.23.19"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "934b404430bb06b3fae2cba809eb45a1ab1aecd64491213d7c3301b88393f8d1"
+dependencies = [
+ "once_cell",
+ "ring",
+ "rustls-pki-types",
+ "rustls-webpki",
+ "subtle",
+ "zeroize",
+]
+
+[[package]]
+name = "rustls-native-certs"
+version = "0.7.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e5bfb394eeed242e909609f56089eecfe5fda225042e8b171791b9c95f5931e5"
+dependencies = [
+ "openssl-probe",
+ "rustls-pemfile",
+ "rustls-pki-types",
+ "schannel",
+ "security-framework",
+]
+
+[[package]]
+name = "rustls-pemfile"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dce314e5fee3f39953d46bb63bb8a46d40c2f8fb7cc5a3b6cab2bde9721d6e50"
+dependencies = [
+ "rustls-pki-types",
+]
+
+[[package]]
+name = "rustls-pki-types"
+version = "1.10.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "16f1201b3c9a7ee8039bcadc17b7e605e2945b27eee7631788c1bd2b0643674b"
+
+[[package]]
+name = "rustls-webpki"
+version = "0.102.8"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "64ca1bc8749bd4cf37b5ce386cc146580777b4e8572c7b97baf22c83f444bee9"
+dependencies = [
+ "ring",
+ "rustls-pki-types",
+ "untrusted",
+]
+
 [[package]]
 name = "rustversion"
 version = "1.0.18"
@@ -3409,6 +3482,12 @@ dependencies = [
  "syn 1.0.109",
 ]
 
+[[package]]
+name = "subtle"
+version = "2.6.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
+
 [[package]]
 name = "syn"
 version = "1.0.109"
@@ -3658,6 +3737,16 @@ dependencies = [
  "tokio",
 ]
 
+[[package]]
+name = "tokio-rustls"
+version = "0.26.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5f6d0975eaace0cf0fcadee4e4aaa5da15b5c079146f2cffb67c113be122bf37"
+dependencies = [
+ "rustls",
+ "tokio",
+]
+
 [[package]]
 name = "tokio-stream"
 version = "0.1.16"
@@ -3934,6 +4023,12 @@ version = "0.2.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861"
 
+[[package]]
+name = "untrusted"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
+
 [[package]]
 name = "url"
 version = "2.5.4"
@@ -4341,6 +4436,12 @@ dependencies = [
  "synstructure",
 ]
 
+[[package]]
+name = "zeroize"
+version = "1.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ced3678a2879b30306d323f4542626697a464a97c0a07c9aebf7ebca65cd4dde"
+
 [[package]]
 name = "zerovec"
 version = "0.10.4"
diff --git a/limitador/Cargo.toml b/limitador/Cargo.toml
index ed822b1d..bcf7ec0f 100644
--- a/limitador/Cargo.toml
+++ b/limitador/Cargo.toml
@@ -1,7 +1,11 @@
 [package]
 name = "limitador"
 version = "0.8.0-dev"
-authors = ["David Ortiz <z.david.ortiz@gmail.com>", "Eguzki Astiz Lezaun <eguzki@redhat.com>", "Alex Snaps <asnaps@redhat.com>"]
+authors = [
+    "David Ortiz <z.david.ortiz@gmail.com>",
+    "Eguzki Astiz Lezaun <eguzki@redhat.com>",
+    "Alex Snaps <asnaps@redhat.com>",
+]
 license = "Apache-2.0"
 keywords = ["rate-limiting", "rate", "limiter"]
 categories = ["web-programming"]
@@ -15,8 +19,31 @@ edition = "2021"
 [features]
 default = ["disk_storage", "redis_storage"]
 disk_storage = ["rocksdb"]
-distributed_storage = ["tokio", "tokio-stream", "h2", "base64", "uuid", "tonic", "tonic-reflection", "prost", "prost-types"]
-redis_storage = ["redis", "r2d2", "tokio"]
+distributed_storage = [
+    "tokio",
+    "tokio-stream",
+    "h2",
+    "base64",
+    "uuid",
+    "tonic",
+    "tonic-reflection",
+    "prost",
+    "prost-types",
+]
+redis_storage = [
+    "r2d2",
+    "tokio",
+    "redis",
+    "redis/tls-native-tls",
+    "redis/tokio-native-tls-comp",
+]
+redis_storage_rustls = [
+    "r2d2",
+    "tokio",
+    "redis",
+    "redis/tls-rustls",
+    "redis/tokio-rustls-comp",
+]
 
 [dependencies]
 moka = { version = "0.12", features = ["sync"] }
@@ -30,12 +57,12 @@ tracing = "0.1.40"
 metrics = "0.24"
 
 # Optional dependencies
-rocksdb = { version = "0.22", optional = true, features = ["multi-threaded-cf"] }
+rocksdb = { version = "0.22", optional = true, features = [
+    "multi-threaded-cf",
+] }
 redis = { version = "0.27", optional = true, features = [
     "connection-manager",
     "tokio-comp",
-    "tls-native-tls",
-    "tokio-native-tls-comp",
     "script",
 ] }
 r2d2 = { version = "0.8", optional = true }
@@ -53,7 +80,11 @@ tonic = { version = "0.12.3", optional = true }
 tonic-reflection = { version = "0.12.3", optional = true }
 prost = { version = "0.13.3", optional = true }
 prost-types = { version = "0.13.3", optional = true }
-cel-interpreter = { git = "https://github.com/clarkmcc/cel-rust", rev = "5b02b08", features = ["json", "regex", "chrono"] }
+cel-interpreter = { git = "https://github.com/clarkmcc/cel-rust", rev = "5b02b08", features = [
+    "json",
+    "regex",
+    "chrono",
+] }
 cel-parser = { git = "https://github.com/clarkmcc/cel-rust", rev = "5b02b08" }
 
 [dev-dependencies]
@@ -69,11 +100,7 @@ redis = { version = "0.27", features = [
 paste = "1"
 rand = "0.8"
 tempfile = "3.5.0"
-tokio = { version = "1", features = [
-    "rt-multi-thread",
-    "macros",
-    "time",
-] }
+tokio = { version = "1", features = ["rt-multi-thread", "macros", "time"] }
 
 [build-dependencies]
 tonic-build = "0.12"