diff options
author | antirez <antirez@gmail.com> | 2019-09-25 17:45:05 +0200 |
---|---|---|
committer | antirez <antirez@gmail.com> | 2019-09-25 17:45:05 +0200 |
commit | 8a531cedb01215e367d88b600bb9178ebb9eb4b2 (patch) | |
tree | cd1eb56bd8efd57f88e79eab936b48f5d5f2ac9f | |
parent | eda703ab284f1ce491fb2c376fd08fe8aa956c62 (diff) | |
download | redis-8a531cedb01215e367d88b600bb9178ebb9eb4b2.tar.gz |
ACL: fix ##6408, default user state affecting all the connections.
-rw-r--r-- | src/server.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/server.c b/src/server.c index 7882b0d99..2bdfd1640 100644 --- a/src/server.c +++ b/src/server.c @@ -3341,9 +3341,10 @@ int processCommand(client *c) { /* Check if the user is authenticated. This check is skipped in case * the default user is flagged as "nopass" and is active. */ - int auth_required = !(DefaultUser->flags & USER_FLAG_NOPASS) && + int auth_required = (!(DefaultUser->flags & USER_FLAG_NOPASS) || + DefaultUser->flags & USER_FLAG_DISABLED) && !c->authenticated; - if (auth_required || DefaultUser->flags & USER_FLAG_DISABLED) { + if (auth_required) { /* AUTH and HELLO are valid even in non authenticated state. */ if (c->cmd->proc != authCommand || c->cmd->proc == helloCommand) { flagTransaction(c); |