Fall back to RESP2 when HELLO is not supported by server/proxy

[yangbodong22011]

Summary

Fixes #4089

redis-py 8.0 defaults to RESP3, which sends a HELLO command during connection handshake. If the server (Redis < 6.0) or proxy doesn't support HELLO, the connection fails with ResponseError: unknown command — there is no fallback.

This PR adds a try/except ResponseError around the HELLO response in both sync and async connection paths. On failure, it gracefully falls back to RESP2 with standalone AUTH, matching the behavior of Lettuce, Jedis, and go-redis.

Changes

• redis/connection.py — on_connect_check_health(): catch ResponseError after HELLO, revert parser to RESP2, issue standalone AUTH
• redis/asyncio/connection.py — same fix for the async path

Both branch 1 (RESP3 + auth) and branch 3 (RESP3 + no auth) are covered.

Testing

Manually verified against a proxy that rejects HELLO with ERR unknown command. Connection now succeeds with automatic RESP2 fallback instead of raising.

---

Note

Medium Risk
Changes connection handshake and authentication for all default-RESP3 clients; behavior is gated on error text and explicit protocol/maint settings, but misclassified errors could still affect connect success.

Overview
When the default RESP3 connect path sends HELLO and the server or proxy rejects it (unknown command / NOPROTO), sync and async connections now downgrade to RESP2 instead of failing outright. Shared helpers _fallback_to_resp2 and _do_resp2_auth centralize parser/protocol downgrade, optional standalone AUTH with fresh credentials (avoiding HELLO’s injected default username), and a warning unless the user set protocol=3 explicitly or maintenance notifications are enabled.

Successful HELLO responses are stored in handshake_metadata on both paths; after fallback it is set to {} so downstream code does not see None. New tests in tests/test_hello_fallback.py cover auth branches, NOPROTO, no-fallback cases, and logging.

^{Reviewed by Cursor Bugbot for commit 9ce4953. Bugbot is set up for automated code reviews on this repo. Configure here.}

[jit-ci]

Hi, I’m Jit, a friendly security platform designed to help developers build secure applications from day zero with an MVS (Minimal viable security) mindset.

In case there are security findings, they will be communicated to you as a comment inside the PR.

Hope you’ll enjoy using Jit.

Questions? Comments? Want to learn more? Get in touch with us.

[petyaslavova]

Hey @yangbodong22011, thank you for the contribution! I’ll review it shortly.

Meanwhile, can you please check Cursor’s comment and the test failures?

There are also a few things we need to be careful about when changing the protocol configuration at this point in the flow: what happens if the parser is HiredisParser, which callbacks would be assigned later for command response post-processing, and how this interacts with maintenance notifications and client-side caching configuration.

Having dedicated unit tests for those cases would be very helpful.

[cursor]

Cursor Bugbot has reviewed your changes and found 2 potential issues.

^{Reviewed by Cursor Bugbot for commit e1a72da. Configure here.}

[cursor]

Fallback doesn't guard against client-side caching configuration

Medium Severity

_fallback_to_resp2 checks for maint_notifications_config (which requires RESP3 push notifications) before allowing the downgrade, but doesn't check for client-side caching configuration. Client-side caching relies on RESP3 push notifications for key invalidation tracking. Silently falling back to RESP2 when caching is configured would cause the cache to never receive invalidation messages, leading to stale data being served indefinitely without any error or warning.

Additional Locations (1)

• redis/asyncio/connection.py#L516-L521

 

^{Reviewed by Cursor Bugbot for commit e1a72da. Configure here.}