diff options
| author | zhaozhao.zz <zhaozhao.zz@alibaba-inc.com> | 2019-02-12 16:44:50 +0800 |
|---|---|---|
| committer | zhaozhao.zz <zhaozhao.zz@alibaba-inc.com> | 2019-02-12 17:12:37 +0800 |
| commit | ea9d3aefec76f5798510e09c9b2c8046e7eb2b8f (patch) | |
| tree | 098bb6e92acc9be3b4328d7b96759534bd4e9f62 | |
| parent | 85cadafabfa85f596241a64c205979b9287f2542 (diff) | |
| download | redis-ea9d3aefec76f5798510e09c9b2c8046e7eb2b8f.tar.gz | |
ACL: add masteruser configuration for replication
In mostly production environment, normal user's behavior should be
limited.
Now in redis ACL mechanism we can do it like that:
user default on +@all ~* -@dangerous nopass
user admin on +@all ~* >someSeriousPassword
Then the default normal user can not execute dangerous commands like
FLUSHALL/KEYS.
But some admin commands are in dangerous category too like PSYNC,
and the configurations above will forbid replica from sync with master.
Finally I think we could add a new configuration for replication,
it is masteruser option, like this:
masteruser admin
masterauth someSeriousPassword
Then replica will try AUTH admin someSeriousPassword and get privilege
to execute PSYNC. If masteruser is NULL, replica would AUTH with only
masterauth like before.
| -rw-r--r-- | src/config.c | 8 | ||||
| -rw-r--r-- | src/replication.c | 8 | ||||
| -rw-r--r-- | src/server.h | 1 |
3 files changed, 16 insertions, 1 deletions
diff --git a/src/config.c b/src/config.c index fc9160d26..68a2ea227 100644 --- a/src/config.c +++ b/src/config.c @@ -395,6 +395,9 @@ void loadServerConfigFromString(char *config) { err = "repl-backlog-ttl can't be negative "; goto loaderr; } + } else if (!strcasecmp(argv[0],"masteruser") && argc == 2) { + zfree(server.masteruser); + server.masteruser = argv[1][0] ? zstrdup(argv[1]) : NULL; } else if (!strcasecmp(argv[0],"masterauth") && argc == 2) { zfree(server.masterauth); server.masterauth = argv[1][0] ? zstrdup(argv[1]) : NULL; @@ -943,6 +946,9 @@ void configSetCommand(client *c) { sds aclop = sdscatprintf(sdsempty(),">%s",(char*)o->ptr); ACLSetUser(DefaultUser,aclop,sdslen(aclop)); sdsfree(aclop); + } config_set_special_field("masteruser") { + zfree(server.masteruser); + server.masteruser = ((char*)o->ptr)[0] ? zstrdup(o->ptr) : NULL; } config_set_special_field("masterauth") { zfree(server.masterauth); server.masterauth = ((char*)o->ptr)[0] ? zstrdup(o->ptr) : NULL; @@ -1354,6 +1360,7 @@ void configGetCommand(client *c) { /* String values */ config_get_string_field("dbfilename",server.rdb_filename); + config_get_string_field("masteruser",server.masteruser); config_get_string_field("masterauth",server.masterauth); config_get_string_field("cluster-announce-ip",server.cluster_announce_ip); config_get_string_field("unixsocket",server.unixsocket); @@ -2232,6 +2239,7 @@ int rewriteConfig(char *path) { rewriteConfigDirOption(state); rewriteConfigSlaveofOption(state,"replicaof"); rewriteConfigStringOption(state,"replica-announce-ip",server.slave_announce_ip,CONFIG_DEFAULT_SLAVE_ANNOUNCE_IP); + rewriteConfigStringOption(state,"masteruser",server.masteruser,NULL); rewriteConfigStringOption(state,"masterauth",server.masterauth,NULL); rewriteConfigStringOption(state,"cluster-announce-ip",server.cluster_announce_ip,NULL); rewriteConfigYesNoOption(state,"replica-serve-stale-data",server.repl_serve_stale_data,CONFIG_DEFAULT_SLAVE_SERVE_STALE_DATA); diff --git a/src/replication.c b/src/replication.c index 3bc42d62a..9175bb420 100644 --- a/src/replication.c +++ b/src/replication.c @@ -1661,7 +1661,13 @@ void syncWithMaster(aeEventLoop *el, int fd, void *privdata, int mask) { /* AUTH with the master if required. */ if (server.repl_state == REPL_STATE_SEND_AUTH) { - if (server.masterauth) { + if (server.masteruser && server.masterauth) { + err = sendSynchronousCommand(SYNC_CMD_WRITE,fd,"AUTH", + server.masteruser,server.masterauth,NULL); + if (err) goto write_error; + server.repl_state = REPL_STATE_RECEIVE_AUTH; + return; + } else if (server.masterauth) { err = sendSynchronousCommand(SYNC_CMD_WRITE,fd,"AUTH",server.masterauth,NULL); if (err) goto write_error; server.repl_state = REPL_STATE_RECEIVE_AUTH; diff --git a/src/server.h b/src/server.h index 59f7cbe10..a396e1cf7 100644 --- a/src/server.h +++ b/src/server.h @@ -1217,6 +1217,7 @@ struct redisServer { int repl_diskless_sync; /* Send RDB to slaves sockets directly. */ int repl_diskless_sync_delay; /* Delay to start a diskless repl BGSAVE. */ /* Replication (slave) */ + char *masteruser; /* AUTH with this user and masterauth with master */ char *masterauth; /* AUTH with this password with master */ char *masterhost; /* Hostname of master */ int masterport; /* Port of master */ |