diff options
author | zhaozhao.zz <zhaozhao.zz@alibaba-inc.com> | 2019-02-12 16:44:50 +0800 |
---|---|---|
committer | zhaozhao.zz <zhaozhao.zz@alibaba-inc.com> | 2019-02-12 17:12:37 +0800 |
commit | ea9d3aefec76f5798510e09c9b2c8046e7eb2b8f (patch) | |
tree | 098bb6e92acc9be3b4328d7b96759534bd4e9f62 /src | |
parent | 85cadafabfa85f596241a64c205979b9287f2542 (diff) | |
download | redis-ea9d3aefec76f5798510e09c9b2c8046e7eb2b8f.tar.gz |
ACL: add masteruser configuration for replication
In mostly production environment, normal user's behavior should be
limited.
Now in redis ACL mechanism we can do it like that:
user default on +@all ~* -@dangerous nopass
user admin on +@all ~* >someSeriousPassword
Then the default normal user can not execute dangerous commands like
FLUSHALL/KEYS.
But some admin commands are in dangerous category too like PSYNC,
and the configurations above will forbid replica from sync with master.
Finally I think we could add a new configuration for replication,
it is masteruser option, like this:
masteruser admin
masterauth someSeriousPassword
Then replica will try AUTH admin someSeriousPassword and get privilege
to execute PSYNC. If masteruser is NULL, replica would AUTH with only
masterauth like before.
Diffstat (limited to 'src')
-rw-r--r-- | src/config.c | 8 | ||||
-rw-r--r-- | src/replication.c | 8 | ||||
-rw-r--r-- | src/server.h | 1 |
3 files changed, 16 insertions, 1 deletions
diff --git a/src/config.c b/src/config.c index fc9160d26..68a2ea227 100644 --- a/src/config.c +++ b/src/config.c @@ -395,6 +395,9 @@ void loadServerConfigFromString(char *config) { err = "repl-backlog-ttl can't be negative "; goto loaderr; } + } else if (!strcasecmp(argv[0],"masteruser") && argc == 2) { + zfree(server.masteruser); + server.masteruser = argv[1][0] ? zstrdup(argv[1]) : NULL; } else if (!strcasecmp(argv[0],"masterauth") && argc == 2) { zfree(server.masterauth); server.masterauth = argv[1][0] ? zstrdup(argv[1]) : NULL; @@ -943,6 +946,9 @@ void configSetCommand(client *c) { sds aclop = sdscatprintf(sdsempty(),">%s",(char*)o->ptr); ACLSetUser(DefaultUser,aclop,sdslen(aclop)); sdsfree(aclop); + } config_set_special_field("masteruser") { + zfree(server.masteruser); + server.masteruser = ((char*)o->ptr)[0] ? zstrdup(o->ptr) : NULL; } config_set_special_field("masterauth") { zfree(server.masterauth); server.masterauth = ((char*)o->ptr)[0] ? zstrdup(o->ptr) : NULL; @@ -1354,6 +1360,7 @@ void configGetCommand(client *c) { /* String values */ config_get_string_field("dbfilename",server.rdb_filename); + config_get_string_field("masteruser",server.masteruser); config_get_string_field("masterauth",server.masterauth); config_get_string_field("cluster-announce-ip",server.cluster_announce_ip); config_get_string_field("unixsocket",server.unixsocket); @@ -2232,6 +2239,7 @@ int rewriteConfig(char *path) { rewriteConfigDirOption(state); rewriteConfigSlaveofOption(state,"replicaof"); rewriteConfigStringOption(state,"replica-announce-ip",server.slave_announce_ip,CONFIG_DEFAULT_SLAVE_ANNOUNCE_IP); + rewriteConfigStringOption(state,"masteruser",server.masteruser,NULL); rewriteConfigStringOption(state,"masterauth",server.masterauth,NULL); rewriteConfigStringOption(state,"cluster-announce-ip",server.cluster_announce_ip,NULL); rewriteConfigYesNoOption(state,"replica-serve-stale-data",server.repl_serve_stale_data,CONFIG_DEFAULT_SLAVE_SERVE_STALE_DATA); diff --git a/src/replication.c b/src/replication.c index 3bc42d62a..9175bb420 100644 --- a/src/replication.c +++ b/src/replication.c @@ -1661,7 +1661,13 @@ void syncWithMaster(aeEventLoop *el, int fd, void *privdata, int mask) { /* AUTH with the master if required. */ if (server.repl_state == REPL_STATE_SEND_AUTH) { - if (server.masterauth) { + if (server.masteruser && server.masterauth) { + err = sendSynchronousCommand(SYNC_CMD_WRITE,fd,"AUTH", + server.masteruser,server.masterauth,NULL); + if (err) goto write_error; + server.repl_state = REPL_STATE_RECEIVE_AUTH; + return; + } else if (server.masterauth) { err = sendSynchronousCommand(SYNC_CMD_WRITE,fd,"AUTH",server.masterauth,NULL); if (err) goto write_error; server.repl_state = REPL_STATE_RECEIVE_AUTH; diff --git a/src/server.h b/src/server.h index 59f7cbe10..a396e1cf7 100644 --- a/src/server.h +++ b/src/server.h @@ -1217,6 +1217,7 @@ struct redisServer { int repl_diskless_sync; /* Send RDB to slaves sockets directly. */ int repl_diskless_sync_delay; /* Delay to start a diskless repl BGSAVE. */ /* Replication (slave) */ + char *masteruser; /* AUTH with this user and masterauth with master */ char *masterauth; /* AUTH with this password with master */ char *masterhost; /* Hostname of master */ int masterport; /* Port of master */ |