mirrors
/
redis
mirror of https://mirror.osredm.com/root/redis.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,535 Commits 92 Branches 328 Tags 468 MiB
Commit Graph

123 Commits

Author SHA1 Message Date
antirez 09041b9359 ACLs: change hashed passwords opcode to also remove them. 
Related to PR #6405
 2019-09-30 18:28:45 +02:00
Madelyn Olson ea7c3fe7fd Allowed passing in of password hash and fixed config rewrite 2019-09-30 17:57:49 +02:00
antirez b170a01fa7 ACL: store hashed passwords in memory. 
Note that this breaks API compatibility with Redis < 6:

    CONFIG GET requirepass

Will no longer return a cleartext password as well, but the SHA256 hash
of the password set.
 2019-09-12 12:54:57 +02:00
antirez ae5054b476 ACL: SHA256 based password hashing function implemented. 2019-09-12 12:33:22 +02:00
Madelyn Olson dd5f437871 Fixed some spelling issues in ACL codepath including user facing error 2019-06-07 13:25:22 -07:00
antirez c24e32041b ACL: Fix memory leak in ACLResetSubcommandsForCommand(). 
This commit fixes bug reported at #5998. Thanks to @tomcat1102.
 2019-04-08 18:08:37 +02:00
antirez c33cb4938a ACL: GENPASS subcommand. 2019-03-05 15:51:37 +01:00
antirez f311a529be Make PR #5872 more compatible with Redis coding style. 2019-02-27 09:34:50 +01:00
Salvatore Sanfilippo 0dcb003887
Merge pull request #5872 from madolson/dev-unstable-acl-setuser-fix 
Updated acl setuser to be all or nothing
 2019-02-27 09:31:57 +01:00
Madelyn Olson 075a3b8893 Updated acl setuser to be all or nothing 2019-02-26 02:04:29 +00:00
antirez 36d1588215 ACL: authCommand() refactored into ACLAuthenticateUser(). 2019-02-25 16:39:44 +01:00
antirez 87594a7470 ACL: move AUTH implementation in acl.c. 2019-02-25 16:33:38 +01:00
antirez 07473feaeb ACL: fix ACLSaveToFile() return value. 2019-02-22 12:45:13 +01:00
antirez 2bea3929d0 ACL: less error prone error handling in ACLSaveToFile(). 2019-02-22 12:43:08 +01:00
Salvatore Sanfilippo 21b8560e95
Merge pull request #5858 from madolson/dev-unstable-acl-deluser 
Making deleting users better defined and update documentation
 2019-02-22 10:27:37 +01:00
Madelyn Olson fdc4003d23 Making deleting users better defined and update documentation 2019-02-21 21:34:14 +00:00
antirez 291e6bccf3 ACL: remove leak in ACLLoadFromFile(). 2019-02-21 17:03:06 +01:00
antirez 91aecf0138 ACL: implement ACL SAVE. 2019-02-21 17:01:08 +01:00
antirez 484af7aa7a ACL: ACLSaveToFile() implemented. 2019-02-21 16:50:28 +01:00
antirez e4f3a2eecd ACL: add LOAD subcommand to ACL HELP. 2019-02-21 16:31:33 +01:00
zhaozhao.zz 14507457a0 ACL: show categories in COMMAND reply 
Adding another new filed categories at the end of
command reply, it's easy to read and distinguish
flags and categories, also compatible with old format.
 2019-02-14 00:13:01 +08:00
zhaozhao.zz a65094dae8 ACL: fix cat type format warning 2019-02-13 11:47:10 +08:00
antirez b9c97c0b2e ACL: CAT subcommand implemented. 2019-02-12 17:02:45 +01:00
antirez f0c7cfa459 ACL: return error when removing a non existing password. 
Otherwise it's very simple for an human mistake to think a password is
removed because of a typo in the ACL SETUSER myuser <somepass command
line.
 2019-02-11 17:01:58 +01:00
antirez df346bca39 ACL: ACLFreeUserAndKillClients(): free user later. 
Soon or later we may have code in freeClient() that may have to deal
with ACLs. Imagine for instance the command proposed multiple times (not
sure if this will ever be accepted but still...):

    ONCLOSE DEL mykey

Accumulating commands to run when a client is disconnected. Now the
function is compatible with such use cases.

Related to #5829.
 2019-02-11 16:28:31 +01:00
zhaozhao.zz 2ce96c0fa7 ACL: kill the old users clients after load aclfile 2019-02-11 16:26:00 +01:00
antirez 3df1eb85ca ACL: add command fingerprint for CAT subcommand. 2019-02-08 12:40:42 +01:00
antirez d453936b52 ACL: add arity check in ACL command where missing. 2019-02-08 12:38:41 +01:00
antirez d4890c20c1 ACL: ignore modules commands when adding categories. 
We can't trust modules commands flagging, so module commands must be
always explicitly added, with the exception of +@all that will include
everything. However something like +@readonly should not include command
from modules that may be potentially dangerous: our categories must be
safe and reliable and modules may not be like that.
 2019-02-08 11:50:39 +01:00
antirez 80f987726d ACL: load ACL file at startup. Prevent silly configurations. 2019-02-07 17:20:03 +01:00
antirez db30727547 ACL: ACLLoadFromFile(): several errors fixed to make it work. 2019-02-07 17:07:51 +01:00
antirez d26c9b5307 ACL: ACLLoadFromFile(), restore DefaultUser global. 2019-02-07 17:00:35 +01:00
antirez 6a7545e4d4 ACL: fix fgets wrong buffer size. 2019-02-07 16:53:41 +01:00
antirez cbed35efd3 ACL: add assertion and fix comment typo. 2019-02-07 16:47:14 +01:00
antirez 7a86ba22e0 ACL: fix a few ACLLoadFromFile() errors and finish ACLFreeUsersSet(). 2019-02-07 16:20:49 +01:00
antirez 1790be1496 ACL: WIP: preserve the old config on loading errors. 2019-02-07 12:57:21 +01:00
antirez 0f0240b526 ACL: implement LOAD subcommand plus some minor rafactoring. 2019-02-07 12:20:30 +01:00
antirez 72e8a080c2 ACL: fix and complete ACLLoadFromFile() loading step. 2019-02-07 12:04:25 +01:00
antirez bbdf02338d ACL: now ACLLoadFromFile() validates against fake user. 2019-02-06 16:44:55 +01:00
antirez 0d3fb9f7f1 ACL: refactoring creation of unlinked users. 2019-02-06 16:19:17 +01:00
antirez e1e0f993d8 ACL: initial design for ACLLoadFromFile() function. 2019-02-06 12:39:11 +01:00
antirez 416c640156 ACL: change behavior of redefined user. Last line counts. 2019-02-05 10:52:05 +01:00
antirez 2262dd184d ACL: fix user/rule inverted error message. 2019-02-04 16:58:35 +01:00
antirez 500b3e128f ACL: implement ACLLoadConfiguredUsers(). 2019-02-04 16:35:15 +01:00
antirez b166c41edd ACL: make ACLAppendUserForLoading() able to report bad argument. 2019-02-04 13:00:58 +01:00
antirez 21e84cdae2 ACL: initial appending of users in user loading list. 2019-02-04 12:55:48 +01:00
antirez 8f16e1ea91 ACL: implement ACLAppendUserForLoading(). 2019-02-01 13:02:59 +01:00
antirez b8323d98e9 ACL: skeleton and first ideas for postponed user loading. 2019-02-01 12:20:09 +01:00
antirez ec1aee031c ACL: implement DELUSER. 2019-01-31 18:33:14 +01:00
antirez 74b7afdf71 ACL: check arity of LIST / USERS subcommand. 2019-01-31 18:32:49 +01:00