mirrors
/
redis
mirror of https://mirror.osredm.com/root/redis.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Disconnect pub-sub subscribers when revoking `allchannels` permission (#11992) 

The existing logic for killing pub-sub clients did not handle the `allchannels`
permission correctly. For example, if you:

    ACL SETUSER foo allchannels

Have a client authenticate as the user `foo` and subscribe to a channel, and then:

    ACL SETUSER foo resetchannels

The subscribed client would not be disconnected, though new clients under that user
would be blocked from subscribing to any channels.

This was caused by an incomplete optimization in `ACLKillPubsubClientsIfNeeded`
checking whether the new channel permissions were a strict superset of the old ones.

(cherry picked from commit f38aa6bfb7)
(cherry picked from commit 9caeadb866)
This commit is contained in:
Slava Koyfman 2023-04-02 16:18:28 +03:00 committed by Oran Agra
parent e030e351fd
commit 126348536a
2 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/acl.c
View File

@ -1284,7 +1284,14 @@ void ACLKillPubsubClientsIfNeeded(user *u, list *upcoming) {
listNode *ln, *lpn;
robj *o;
int kill = 0;
/* If any of the original rule has the all-channels permission, but the new
* one doesn't (verifed by the caller), then the new list is not a strict
* superset of the original, and the next loop can be skipped. */
if (u->flags & USER_FLAG_ALLCHANNELS) {
kill = 1;
}
/* Nothing to kill when the upcoming are a literal super set of the original
* permissions. */
listRewind(u->channels,&li);

14
tests/unit/acl.tcl
View File

@ -207,6 +207,20 @@ start_server {tags {"acl"}} {
$rd close
} {0}
test {Subscribers are killed when revoked of allchannels permission} {
set rd [redis_deferring_client]
r ACL setuser psuser allchannels
$rd AUTH psuser pspass
$rd read
$rd CLIENT SETNAME deathrow
$rd read
$rd PSUBSCRIBE foo
$rd read
r ACL setuser psuser resetchannels
assert_no_match {*deathrow*} [r CLIENT LIST]
$rd close
} {0}
test {Subscribers are pardoned if literal permissions are retained and/or gaining allchannels} {
set rd [redis_deferring_client]
r ACL setuser psuser resetchannels &foo:1 &bar:*