diff options
Diffstat (limited to 'src/server.h')
| -rw-r--r-- | src/server.h | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/src/server.h b/src/server.h index 3b267cf2e..be9905677 100644 --- a/src/server.h +++ b/src/server.h @@ -392,6 +392,8 @@ extern int configOOMScoreAdjValuesDefaults[CONFIG_OOM_COUNT]; scripts even when in OOM */ #define CLIENT_NO_TOUCH (1ULL<<45) /* This client will not touch LFU/LRU stats. */ #define CLIENT_PUSHING (1ULL<<46) /* This client is pushing notifications. */ +#define CLIENT_MODULE_AUTH_HAS_RESULT (1ULL<<47) /* Indicates a client in the middle of module based + auth had been authenticated from the Module. */ /* Client block type (btype field in client structure) * if CLIENT_BLOCKED flag is set. */ @@ -740,6 +742,7 @@ typedef void (*moduleTypeFreeFunc2)(struct RedisModuleKeyOptCtx *ctx, void *valu typedef size_t (*moduleTypeFreeEffortFunc2)(struct RedisModuleKeyOptCtx *ctx, const void *value); typedef void (*moduleTypeUnlinkFunc2)(struct RedisModuleKeyOptCtx *ctx, void *value); typedef void *(*moduleTypeCopyFunc2)(struct RedisModuleKeyOptCtx *ctx, const void *value); +typedef int (*moduleTypeAuthCallback)(struct RedisModuleCtx *ctx, void *username, void *password, const char **err); /* The module type, which is referenced in each value of a given type, defines @@ -856,6 +859,9 @@ struct RedisModuleDigest { memset(mdvar.x,0,sizeof(mdvar.x)); \ } while(0) +/* Macro to check if the client is in the middle of module based authentication. */ +#define clientHasModuleAuthInProgress(c) ((c)->module_auth_ctx != NULL) + /* Objects encoding. Some kind of objects like Strings and Hashes can be * internally represented in multiple ways. The 'encoding' field of the object * is set to one of this fields for this object. */ @@ -1200,6 +1206,12 @@ typedef struct client { listNode *client_list_node; /* list node in client list */ listNode *postponed_list_node; /* list node within the postponed list */ listNode *pending_read_list_node; /* list node in clients pending read list */ + void *module_blocked_client; /* Pointer to the RedisModuleBlockedClient associated with this + * client. This is set in case of module authentication before the + * unblocked client is reprocessed to handle reply callbacks. */ + void *module_auth_ctx; /* Ongoing / attempted module based auth callback's ctx. + * This is only tracked within the context of the command attempting + * authentication. If not NULL, it means module auth is in progress. */ RedisModuleUserChangedFunc auth_callback; /* Module callback to execute * when the authenticated user * changes. */ @@ -2467,7 +2479,7 @@ void moduleInitModulesSystem(void); void moduleInitModulesSystemLast(void); void modulesCron(void); int moduleLoad(const char *path, void **argv, int argc, int is_loadex); -int moduleUnload(sds name); +int moduleUnload(sds name, const char **errmsg); void moduleLoadFromQueue(void); int moduleGetCommandKeysViaAPI(struct redisCommand *cmd, robj **argv, int argc, getKeysResult *result); int moduleGetCommandChannelsViaAPI(struct redisCommand *cmd, robj **argv, int argc, getKeysResult *result); @@ -2598,7 +2610,7 @@ char *getClientPeerId(client *client); char *getClientSockName(client *client); sds catClientInfoString(sds s, client *client); sds getAllClientsInfoString(int type); -int clientSetName(client *c, robj *name); +int clientSetName(client *c, robj *name, const char **err); void rewriteClientCommandVector(client *c, int argc, ...); void rewriteClientCommandArgument(client *c, int i, robj *newval); void replaceClientCommandVector(client *c, int argc, robj **argv); @@ -2895,8 +2907,18 @@ void ACLInit(void); #define ACL_WRITE_PERMISSION (1<<1) #define ACL_ALL_PERMISSION (ACL_READ_PERMISSION|ACL_WRITE_PERMISSION) +/* Return codes for Authentication functions to indicate the result. */ +typedef enum { + AUTH_OK = 0, + AUTH_ERR, + AUTH_NOT_HANDLED, + AUTH_BLOCKED +} AuthResult; + int ACLCheckUserCredentials(robj *username, robj *password); -int ACLAuthenticateUser(client *c, robj *username, robj *password); +int ACLAuthenticateUser(client *c, robj *username, robj *password, robj **err); +int checkModuleAuthentication(client *c, robj *username, robj *password, robj **err); +void addAuthErrReply(client *c, robj *err); unsigned long ACLGetCommandID(sds cmdname); void ACLClearCommandID(void); user *ACLGetUserByName(const char *name, size_t namelen); |