diff options
author | Moti Cohen <moti.cohen@redis.com> | 2022-03-13 10:13:47 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-03-13 10:13:47 +0200 |
commit | a6bf509810c4efda607cbe3cc86557449828e7f1 (patch) | |
tree | eb0c7073a46019851f217de70a24ca1a5f5c6f90 /src/sentinel.c | |
parent | b576fbc474e199239a7032a90906304940470605 (diff) | |
download | redis-a6bf509810c4efda607cbe3cc86557449828e7f1.tar.gz |
Sentinel: fix no reconnect after auth-pass is changed (#10400)
When updating SENTINEL with master’s new password (command:
`SENTINEL SET mymaster auth-pass some-new-password`),
sentinel might still keep the old connection and avoid reconnecting
with the new password. This is because of wrong logic that traces
the last ping (pong) time to servers. In fact it worked fine until 8631e64
changed the condition to send ping. To resolve it with minimal risk,
let’s disconnect master and replicas once changing password/user.
Based on earlier work of yz1509.
Diffstat (limited to 'src/sentinel.c')
-rw-r--r-- | src/sentinel.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/sentinel.c b/src/sentinel.c index eb37e5ede..58c8d70f1 100644 --- a/src/sentinel.c +++ b/src/sentinel.c @@ -1134,6 +1134,27 @@ int sentinelTryConnectionSharing(sentinelRedisInstance *ri) { return C_ERR; } +/* Disconnect the relevant master and its replicas. */ +void dropInstanceConnections(sentinelRedisInstance *ri) { + serverAssert(ri->flags & SRI_MASTER); + + /* Disconnect with the master. */ + instanceLinkCloseConnection(ri->link, ri->link->cc); + instanceLinkCloseConnection(ri->link, ri->link->pc); + + /* Disconnect with all replicas. */ + dictIterator *di; + dictEntry *de; + sentinelRedisInstance *repl_ri; + di = dictGetIterator(ri->slaves); + while ((de = dictNext(di)) != NULL) { + repl_ri = dictGetVal(de); + instanceLinkCloseConnection(repl_ri->link, repl_ri->link->cc); + instanceLinkCloseConnection(repl_ri->link, repl_ri->link->pc); + } + dictReleaseIterator(di); +} + /* Drop all connections to other sentinels. Returns the number of connections * dropped.*/ int sentinelDropConnections(void) { @@ -4297,6 +4318,7 @@ void sentinelSetCommand(client *c) { char *value = c->argv[++j]->ptr; sdsfree(ri->auth_pass); ri->auth_pass = strlen(value) ? sdsnew(value) : NULL; + dropInstanceConnections(ri); changes++; redacted = 1; } else if (!strcasecmp(option,"auth-user") && moreargs > 0) { @@ -4304,6 +4326,7 @@ void sentinelSetCommand(client *c) { char *value = c->argv[++j]->ptr; sdsfree(ri->auth_user); ri->auth_user = strlen(value) ? sdsnew(value) : NULL; + dropInstanceConnections(ri); changes++; } else if (!strcasecmp(option,"quorum") && moreargs > 0) { /* quorum <count> */ |