2012-11-08 12:25:23 -05:00
/* Configuration file parsing and CONFIG GET/SET commands implementation.
*
* Copyright ( c ) 2009 - 2012 , Salvatore Sanfilippo < antirez at gmail dot com >
* All rights reserved .
*
* Redistribution and use in source and binary forms , with or without
* modification , are permitted provided that the following conditions are met :
*
* * Redistributions of source code must retain the above copyright notice ,
* this list of conditions and the following disclaimer .
* * Redistributions in binary form must reproduce the above copyright
* notice , this list of conditions and the following disclaimer in the
* documentation and / or other materials provided with the distribution .
* * Neither the name of Redis nor the names of its contributors may be used
* to endorse or promote products derived from this software without
* specific prior written permission .
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS " AS IS "
* AND ANY EXPRESS OR IMPLIED WARRANTIES , INCLUDING , BUT NOT LIMITED TO , THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED . IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT , INDIRECT , INCIDENTAL , SPECIAL , EXEMPLARY , OR
* CONSEQUENTIAL DAMAGES ( INCLUDING , BUT NOT LIMITED TO , PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES ; LOSS OF USE , DATA , OR PROFITS ; OR BUSINESS
* INTERRUPTION ) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY , WHETHER IN
* CONTRACT , STRICT LIABILITY , OR TORT ( INCLUDING NEGLIGENCE OR OTHERWISE )
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE , EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE .
*/
2015-07-26 09:14:57 -04:00
# include "server.h"
2013-10-09 09:37:20 -04:00
# include "cluster.h"
2010-06-21 18:07:48 -04:00
2013-05-14 06:32:25 -04:00
# include <fcntl.h>
# include <sys/stat.h>
2015-03-11 11:59:56 -04:00
/*-----------------------------------------------------------------------------
* Config file name - value maps .
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
typedef struct configEnum {
const char * name ;
const int val ;
} configEnum ;
configEnum maxmemory_policy_enum [ ] = {
2015-07-27 03:41:48 -04:00
{ " volatile-lru " , MAXMEMORY_VOLATILE_LRU } ,
2016-07-15 06:12:52 -04:00
{ " volatile-lfu " , MAXMEMORY_VOLATILE_LFU } ,
2015-07-27 03:41:48 -04:00
{ " volatile-random " , MAXMEMORY_VOLATILE_RANDOM } ,
{ " volatile-ttl " , MAXMEMORY_VOLATILE_TTL } ,
{ " allkeys-lru " , MAXMEMORY_ALLKEYS_LRU } ,
2016-07-15 06:12:52 -04:00
{ " allkeys-lfu " , MAXMEMORY_ALLKEYS_LFU } ,
2015-07-27 03:41:48 -04:00
{ " allkeys-random " , MAXMEMORY_ALLKEYS_RANDOM } ,
{ " noeviction " , MAXMEMORY_NO_EVICTION } ,
2015-03-11 11:59:56 -04:00
{ NULL , 0 }
} ;
configEnum syslog_facility_enum [ ] = {
2013-05-13 05:11:35 -04:00
{ " user " , LOG_USER } ,
{ " local0 " , LOG_LOCAL0 } ,
{ " local1 " , LOG_LOCAL1 } ,
{ " local2 " , LOG_LOCAL2 } ,
{ " local3 " , LOG_LOCAL3 } ,
{ " local4 " , LOG_LOCAL4 } ,
{ " local5 " , LOG_LOCAL5 } ,
{ " local6 " , LOG_LOCAL6 } ,
{ " local7 " , LOG_LOCAL7 } ,
{ NULL , 0 }
} ;
2015-03-11 18:20:57 -04:00
configEnum loglevel_enum [ ] = {
2015-07-27 03:41:48 -04:00
{ " debug " , LL_DEBUG } ,
{ " verbose " , LL_VERBOSE } ,
{ " notice " , LL_NOTICE } ,
{ " warning " , LL_WARNING } ,
2015-03-11 18:20:57 -04:00
{ NULL , 0 }
} ;
configEnum supervised_mode_enum [ ] = {
2015-07-27 03:41:48 -04:00
{ " upstart " , SUPERVISED_UPSTART } ,
{ " systemd " , SUPERVISED_SYSTEMD } ,
{ " auto " , SUPERVISED_AUTODETECT } ,
{ " no " , SUPERVISED_NONE } ,
2015-03-11 18:20:57 -04:00
{ NULL , 0 }
} ;
configEnum aof_fsync_enum [ ] = {
{ " everysec " , AOF_FSYNC_EVERYSEC } ,
{ " always " , AOF_FSYNC_ALWAYS } ,
{ " no " , AOF_FSYNC_NO } ,
{ NULL , 0 }
} ;
2015-03-11 11:59:56 -04:00
/* Output buffer limits presets. */
2015-07-28 10:58:04 -04:00
clientBufferLimitsConfig clientBufferLimitsDefaults [ CLIENT_TYPE_OBUF_COUNT ] = {
2013-05-13 12:34:18 -04:00
{ 0 , 0 , 0 } , /* normal */
{ 1024 * 1024 * 256 , 1024 * 1024 * 64 , 60 } , /* slave */
{ 1024 * 1024 * 32 , 1024 * 1024 * 8 , 60 } /* pubsub */
} ;
2015-03-11 11:59:56 -04:00
/*-----------------------------------------------------------------------------
* Enum access functions
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
/* Get enum value from name. If there is no match INT_MIN is returned. */
int configEnumGetValue ( configEnum * ce , char * name ) {
while ( ce - > name ! = NULL ) {
if ( ! strcasecmp ( ce - > name , name ) ) return ce - > val ;
ce + + ;
}
return INT_MIN ;
}
/* Get enum name from value. If no match is found NULL is returned. */
const char * configEnumGetName ( configEnum * ce , int val ) {
while ( ce - > name ! = NULL ) {
if ( ce - > val = = val ) return ce - > name ;
ce + + ;
}
return NULL ;
}
/* Wrapper for configEnumGetName() returning "unknown" insetad of NULL if
* there is no match . */
const char * configEnumGetNameOrUnknown ( configEnum * ce , int val ) {
const char * name = configEnumGetName ( ce , val ) ;
return name ? name : " unknown " ;
}
/* Used for INFO generation. */
2016-04-22 11:43:48 -04:00
const char * evictPolicyToString ( void ) {
return configEnumGetNameOrUnknown ( maxmemory_policy_enum , server . maxmemory_policy ) ;
2015-03-11 11:59:56 -04:00
}
2010-06-21 18:07:48 -04:00
/*-----------------------------------------------------------------------------
* Config file parsing
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
int yesnotoi ( char * s ) {
if ( ! strcasecmp ( s , " yes " ) ) return 1 ;
else if ( ! strcasecmp ( s , " no " ) ) return 0 ;
else return - 1 ;
}
void appendServerSaveParams ( time_t seconds , int changes ) {
server . saveparams = zrealloc ( server . saveparams , sizeof ( struct saveparam ) * ( server . saveparamslen + 1 ) ) ;
server . saveparams [ server . saveparamslen ] . seconds = seconds ;
server . saveparams [ server . saveparamslen ] . changes = changes ;
server . saveparamslen + + ;
}
2014-03-15 19:51:54 -04:00
void resetServerSaveParams ( void ) {
2010-06-21 18:07:48 -04:00
zfree ( server . saveparams ) ;
server . saveparams = NULL ;
server . saveparamslen = 0 ;
}
2016-06-13 03:39:44 -04:00
void queueLoadModule ( sds path , sds * argv , int argc ) {
2016-06-05 03:03:34 -04:00
int i ;
2016-06-13 03:51:06 -04:00
struct moduleLoadQueueEntry * loadmod ;
2016-06-05 03:03:34 -04:00
2016-06-13 03:51:06 -04:00
loadmod = zmalloc ( sizeof ( struct moduleLoadQueueEntry ) ) ;
loadmod - > argv = zmalloc ( sizeof ( robj * ) * argc ) ;
2016-06-05 03:03:34 -04:00
loadmod - > path = sdsnew ( path ) ;
loadmod - > argc = argc ;
for ( i = 0 ; i < argc ; i + + ) {
2016-06-13 03:40:28 -04:00
loadmod - > argv [ i ] = createRawStringObject ( argv [ i ] , sdslen ( argv [ i ] ) ) ;
2016-06-05 03:03:34 -04:00
}
listAddNodeTail ( server . loadmodule_queue , loadmod ) ;
}
2011-12-01 07:44:53 -05:00
void loadServerConfigFromString ( char * config ) {
char * err = NULL ;
int linenum = 0 , totlines , i ;
2014-01-20 05:08:14 -05:00
int slaveof_linenum = 0 ;
2011-12-01 07:44:53 -05:00
sds * lines ;
2010-06-21 18:07:48 -04:00
2011-12-01 07:44:53 -05:00
lines = sdssplitlen ( config , strlen ( config ) , " \n " , 1 , & totlines ) ;
2010-06-21 18:07:48 -04:00
2011-12-01 07:44:53 -05:00
for ( i = 0 ; i < totlines ; i + + ) {
2010-06-21 18:07:48 -04:00
sds * argv ;
2011-12-01 07:44:53 -05:00
int argc ;
2010-06-21 18:07:48 -04:00
2011-12-01 07:44:53 -05:00
linenum = i + 1 ;
lines [ i ] = sdstrim ( lines [ i ] , " \t \r \n " ) ;
2010-06-21 18:07:48 -04:00
2013-03-06 06:40:48 -05:00
/* Skip comments and blank lines */
2011-12-01 07:44:53 -05:00
if ( lines [ i ] [ 0 ] = = ' # ' | | lines [ i ] [ 0 ] = = ' \0 ' ) continue ;
2010-06-21 18:07:48 -04:00
/* Split into arguments */
2011-12-01 07:44:53 -05:00
argv = sdssplitargs ( lines [ i ] , & argc ) ;
2013-02-06 00:47:14 -05:00
if ( argv = = NULL ) {
2013-03-06 06:24:12 -05:00
err = " Unbalanced quotes in configuration line " ;
2013-02-06 00:47:14 -05:00
goto loaderr ;
}
2013-03-06 06:40:48 -05:00
/* Skip this line if the resulting command vector is empty. */
if ( argc = = 0 ) {
sdsfreesplitres ( argv , argc ) ;
2013-05-18 10:21:52 -04:00
continue ;
2013-03-06 06:40:48 -05:00
}
2010-06-21 18:07:48 -04:00
sdstolower ( argv [ 0 ] ) ;
/* Execute config directives */
if ( ! strcasecmp ( argv [ 0 ] , " timeout " ) & & argc = = 2 ) {
server . maxidletime = atoi ( argv [ 1 ] ) ;
if ( server . maxidletime < 0 ) {
err = " Invalid timeout value " ; goto loaderr ;
}
2013-02-08 10:40:59 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " tcp-keepalive " ) & & argc = = 2 ) {
server . tcpkeepalive = atoi ( argv [ 1 ] ) ;
if ( server . tcpkeepalive < 0 ) {
err = " Invalid tcp-keepalive value " ; goto loaderr ;
}
New security feature: Redis protected mode.
An exposed Redis instance on the internet can be cause of serious
issues. Since Redis, by default, binds to all the interfaces, it is easy
to forget an instance without any protection layer, for error.
Protected mode try to address this feature in a soft way, providing a
layer of protection, but giving clues to Redis users about why the
server is not accepting connections.
When protected mode is enabeld (the default), and if there are no
minumum hints about the fact the server is properly configured (no
"bind" directive is used in order to restrict the server to certain
interfaces, nor a password is set), clients connecting from external
intefaces are refused with an error explaining what to do in order to
fix the issue.
Clients connecting from the IPv4 and IPv6 lookback interfaces are still
accepted normally, similarly Unix domain socket connections are not
restricted in any way.
2016-01-07 07:00:08 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " protected-mode " ) & & argc = = 2 ) {
if ( ( server . protected_mode = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " port " ) & & argc = = 2 ) {
server . port = atoi ( argv [ 1 ] ) ;
2011-02-22 05:49:17 -05:00
if ( server . port < 0 | | server . port > 65535 ) {
2010-06-21 18:07:48 -04:00
err = " Invalid port " ; goto loaderr ;
}
2014-01-31 08:55:43 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " tcp-backlog " ) & & argc = = 2 ) {
server . tcp_backlog = atoi ( argv [ 1 ] ) ;
if ( server . tcp_backlog < 0 ) {
2013-11-08 14:55:48 -05:00
err = " Invalid backlog value " ; goto loaderr ;
}
2013-07-04 12:50:15 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " bind " ) & & argc > = 2 ) {
int j , addresses = argc - 1 ;
2015-07-27 03:41:48 -04:00
if ( addresses > CONFIG_BINDADDR_MAX ) {
2013-07-04 12:50:15 -04:00
err = " Too many bind addresses specified " ; goto loaderr ;
}
for ( j = 0 ; j < addresses ; j + + )
server . bindaddr [ j ] = zstrdup ( argv [ j + 1 ] ) ;
server . bindaddr_count = addresses ;
2010-10-13 11:17:56 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " unixsocket " ) & & argc = = 2 ) {
server . unixsocket = zstrdup ( argv [ 1 ] ) ;
2011-10-10 14:21:15 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " unixsocketperm " ) & & argc = = 2 ) {
2011-10-20 21:20:58 -04:00
errno = 0 ;
2011-10-10 14:21:15 -04:00
server . unixsocketperm = ( mode_t ) strtol ( argv [ 1 ] , NULL , 8 ) ;
if ( errno | | server . unixsocketperm > 0777 ) {
err = " Invalid socket file permissions " ; goto loaderr ;
}
2012-01-16 10:50:24 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " save " ) ) {
if ( argc = = 3 ) {
int seconds = atoi ( argv [ 1 ] ) ;
int changes = atoi ( argv [ 2 ] ) ;
if ( seconds < 1 | | changes < 0 ) {
err = " Invalid save parameters " ; goto loaderr ;
}
appendServerSaveParams ( seconds , changes ) ;
} else if ( argc = = 2 & & ! strcasecmp ( argv [ 1 ] , " " ) ) {
resetServerSaveParams ( ) ;
2010-06-21 18:07:48 -04:00
}
} else if ( ! strcasecmp ( argv [ 0 ] , " dir " ) & & argc = = 2 ) {
if ( chdir ( argv [ 1 ] ) = = - 1 ) {
2015-07-27 03:41:48 -04:00
serverLog ( LL_WARNING , " Can't chdir to '%s': %s " ,
2010-06-21 18:07:48 -04:00
argv [ 1 ] , strerror ( errno ) ) ;
exit ( 1 ) ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " loglevel " ) & & argc = = 2 ) {
2015-03-11 18:20:57 -04:00
server . verbosity = configEnumGetValue ( loglevel_enum , argv [ 1 ] ) ;
if ( server . verbosity = = INT_MIN ) {
err = " Invalid log level. "
2015-03-12 09:43:07 -04:00
" Must be one of debug, verbose, notice, warning " ;
2010-06-21 18:07:48 -04:00
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " logfile " ) & & argc = = 2 ) {
FILE * logfp ;
2013-05-15 04:12:29 -04:00
zfree ( server . logfile ) ;
2010-06-21 18:07:48 -04:00
server . logfile = zstrdup ( argv [ 1 ] ) ;
2013-05-15 04:12:29 -04:00
if ( server . logfile [ 0 ] ! = ' \0 ' ) {
2010-06-21 18:07:48 -04:00
/* Test if we are able to open the file. The server will not
* be able to abort just for this problem later . . . */
logfp = fopen ( server . logfile , " a " ) ;
if ( logfp = = NULL ) {
err = sdscatprintf ( sdsempty ( ) ,
" Can't open the log file: %s " , strerror ( errno ) ) ;
goto loaderr ;
}
fclose ( logfp ) ;
}
2016-12-19 10:41:47 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " always-show-logo " ) & & argc = = 2 ) {
if ( ( server . always_show_logo = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2010-12-09 11:10:21 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " syslog-enabled " ) & & argc = = 2 ) {
if ( ( server . syslog_enabled = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " syslog-ident " ) & & argc = = 2 ) {
if ( server . syslog_ident ) zfree ( server . syslog_ident ) ;
server . syslog_ident = zstrdup ( argv [ 1 ] ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " syslog-facility " ) & & argc = = 2 ) {
2015-03-11 11:59:56 -04:00
server . syslog_facility =
configEnumGetValue ( syslog_facility_enum , argv [ 1 ] ) ;
if ( server . syslog_facility = = INT_MIN ) {
2010-12-09 11:10:21 -05:00
err = " Invalid log facility. Must be one of USER or between LOCAL0-LOCAL7 " ;
goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " databases " ) & & argc = = 2 ) {
server . dbnum = atoi ( argv [ 1 ] ) ;
if ( server . dbnum < 1 ) {
err = " Invalid number of databases " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " include " ) & & argc = = 2 ) {
2011-12-01 07:44:53 -05:00
loadServerConfig ( argv [ 1 ] , NULL ) ;
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " maxclients " ) & & argc = = 2 ) {
server . maxclients = atoi ( argv [ 1 ] ) ;
2012-04-18 05:31:24 -04:00
if ( server . maxclients < 1 ) {
err = " Invalid max clients limit " ; goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " maxmemory " ) & & argc = = 2 ) {
server . maxmemory = memtoll ( argv [ 1 ] , NULL ) ;
2010-10-14 15:22:21 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " maxmemory-policy " ) & & argc = = 2 ) {
2015-03-11 11:59:56 -04:00
server . maxmemory_policy =
configEnumGetValue ( maxmemory_policy_enum , argv [ 1 ] ) ;
if ( server . maxmemory_policy = = INT_MIN ) {
2010-10-14 15:22:21 -04:00
err = " Invalid maxmemory policy " ;
goto loaderr ;
}
2010-10-15 05:57:38 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " maxmemory-samples " ) & & argc = = 2 ) {
server . maxmemory_samples = atoi ( argv [ 1 ] ) ;
if ( server . maxmemory_samples < = 0 ) {
err = " maxmemory-samples must be 1 or greater " ;
goto loaderr ;
}
2016-07-20 09:00:35 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " lfu-log-factor " ) & & argc = = 2 ) {
server . lfu_log_factor = atoi ( argv [ 1 ] ) ;
if ( server . maxmemory_samples < 0 ) {
err = " lfu-log-factor must be 0 or greater " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " lfu-decay-time " ) & & argc = = 2 ) {
server . lfu_decay_time = atoi ( argv [ 1 ] ) ;
if ( server . maxmemory_samples < 1 ) {
err = " lfu-decay-time must be 0 or greater " ;
goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " slaveof " ) & & argc = = 3 ) {
2014-01-20 05:08:14 -05:00
slaveof_linenum = linenum ;
2010-06-21 18:07:48 -04:00
server . masterhost = sdsnew ( argv [ 1 ] ) ;
server . masterport = atoi ( argv [ 2 ] ) ;
2015-07-27 03:41:48 -04:00
server . repl_state = REPL_STATE_CONNECT ;
2011-10-31 06:13:28 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " repl-ping-slave-period " ) & & argc = = 2 ) {
server . repl_ping_slave_period = atoi ( argv [ 1 ] ) ;
if ( server . repl_ping_slave_period < = 0 ) {
err = " repl-ping-slave-period must be 1 or greater " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " repl-timeout " ) & & argc = = 2 ) {
server . repl_timeout = atoi ( argv [ 1 ] ) ;
if ( server . repl_timeout < = 0 ) {
err = " repl-timeout must be 1 or greater " ;
goto loaderr ;
}
2013-01-31 05:14:15 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " repl-disable-tcp-nodelay " ) & & argc = = 2 ) {
if ( ( server . repl_disable_tcp_nodelay = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
2013-02-12 06:56:32 -05:00
}
2014-10-16 04:22:02 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " repl-diskless-sync " ) & & argc = = 2 ) {
if ( ( server . repl_diskless_sync = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2014-10-27 05:36:30 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " repl-diskless-sync-delay " ) & & argc = = 2 ) {
server . repl_diskless_sync_delay = atoi ( argv [ 1 ] ) ;
if ( server . repl_diskless_sync_delay < 0 ) {
err = " repl-diskless-sync-delay can't be negative " ;
goto loaderr ;
}
2013-01-30 12:33:16 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " repl-backlog-size " ) & & argc = = 2 ) {
2013-05-15 05:55:14 -04:00
long long size = memtoll ( argv [ 1 ] , NULL ) ;
2013-01-30 12:33:16 -05:00
if ( size < = 0 ) {
err = " repl-backlog-size must be 1 or greater. " ;
goto loaderr ;
}
resizeReplicationBacklog ( size ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " repl-backlog-ttl " ) & & argc = = 2 ) {
server . repl_backlog_time_limit = atoi ( argv [ 1 ] ) ;
if ( server . repl_backlog_time_limit < 0 ) {
err = " repl-backlog-ttl can't be negative " ;
goto loaderr ;
2013-01-31 05:14:15 -05:00
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " masterauth " ) & & argc = = 2 ) {
2016-01-19 09:04:17 -05:00
zfree ( server . masterauth ) ;
2014-10-16 04:22:02 -04:00
server . masterauth = zstrdup ( argv [ 1 ] ) ;
2010-11-04 14:59:21 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " slave-serve-stale-data " ) & & argc = = 2 ) {
if ( ( server . repl_serve_stale_data = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2012-03-20 12:32:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " slave-read-only " ) & & argc = = 2 ) {
if ( ( server . repl_slave_ro = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " rdbcompression " ) & & argc = = 2 ) {
2011-12-21 06:22:13 -05:00
if ( ( server . rdb_compression = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
2010-06-21 18:07:48 -04:00
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2012-04-10 09:47:10 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " rdbchecksum " ) & & argc = = 2 ) {
if ( ( server . rdb_checksum = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " activerehashing " ) & & argc = = 2 ) {
if ( ( server . activerehashing = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2015-10-05 06:11:27 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " lazyfree-lazy-eviction " ) & & argc = = 2 ) {
if ( ( server . lazyfree_lazy_eviction = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " lazyfree-lazy-expire " ) & & argc = = 2 ) {
if ( ( server . lazyfree_lazy_expire = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " lazyfree-lazy-server-del " ) & & argc = = 2 ) {
if ( ( server . lazyfree_lazy_server_del = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " slave-lazy-flush " ) & & argc = = 2 ) {
if ( ( server . repl_slave_lazy_flush = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2016-12-29 20:37:52 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " activedefrag " ) & & argc = = 2 ) {
if ( ( server . active_defrag_enabled = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " daemonize " ) & & argc = = 2 ) {
if ( ( server . daemonize = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2012-12-14 11:10:40 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " hz " ) & & argc = = 2 ) {
server . hz = atoi ( argv [ 1 ] ) ;
2015-07-27 03:41:48 -04:00
if ( server . hz < CONFIG_MIN_HZ ) server . hz = CONFIG_MIN_HZ ;
if ( server . hz > CONFIG_MAX_HZ ) server . hz = CONFIG_MAX_HZ ;
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " appendonly " ) & & argc = = 2 ) {
2011-12-21 04:31:34 -05:00
int yes ;
if ( ( yes = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
2010-06-21 18:07:48 -04:00
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2015-07-27 03:41:48 -04:00
server . aof_state = yes ? AOF_ON : AOF_OFF ;
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " appendfilename " ) & & argc = = 2 ) {
2013-07-02 06:14:28 -04:00
if ( ! pathIsBaseName ( argv [ 1 ] ) ) {
err = " appendfilename can't be a path, just a filename " ;
goto loaderr ;
}
2011-12-21 05:58:42 -05:00
zfree ( server . aof_filename ) ;
server . aof_filename = zstrdup ( argv [ 1 ] ) ;
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " no-appendfsync-on-rewrite " )
& & argc = = 2 ) {
2011-12-21 05:58:42 -05:00
if ( ( server . aof_no_fsync_on_rewrite = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
2010-06-21 18:07:48 -04:00
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " appendfsync " ) & & argc = = 2 ) {
2015-03-11 18:20:57 -04:00
server . aof_fsync = configEnumGetValue ( aof_fsync_enum , argv [ 1 ] ) ;
if ( server . aof_fsync = = INT_MIN ) {
2010-06-21 18:07:48 -04:00
err = " argument must be 'no', 'always' or 'everysec' " ;
goto loaderr ;
}
2011-06-10 06:39:23 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " auto-aof-rewrite-percentage " ) & &
argc = = 2 )
{
2011-12-21 05:58:42 -05:00
server . aof_rewrite_perc = atoi ( argv [ 1 ] ) ;
if ( server . aof_rewrite_perc < 0 ) {
2011-06-10 06:39:23 -04:00
err = " Invalid negative percentage for AOF auto rewrite " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " auto-aof-rewrite-min-size " ) & &
argc = = 2 )
{
2011-12-21 05:58:42 -05:00
server . aof_rewrite_min_size = memtoll ( argv [ 1 ] , NULL ) ;
2013-04-24 04:57:07 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " aof-rewrite-incremental-fsync " ) & &
argc = = 2 )
{
2014-09-08 03:23:55 -04:00
if ( ( server . aof_rewrite_incremental_fsync =
yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " aof-load-truncated " ) & & argc = = 2 ) {
if ( ( server . aof_load_truncated = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
2013-04-24 04:57:07 -04:00
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2016-08-09 10:41:40 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " aof-use-rdb-preamble " ) & & argc = = 2 ) {
if ( ( server . aof_use_rdb_preamble = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " requirepass " ) & & argc = = 2 ) {
2015-07-27 03:41:48 -04:00
if ( strlen ( argv [ 1 ] ) > CONFIG_AUTHPASS_MAX_LEN ) {
err = " Password is longer than CONFIG_AUTHPASS_MAX_LEN " ;
2012-06-21 05:50:01 -04:00
goto loaderr ;
}
2010-06-21 18:07:48 -04:00
server . requirepass = zstrdup ( argv [ 1 ] ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " pidfile " ) & & argc = = 2 ) {
zfree ( server . pidfile ) ;
server . pidfile = zstrdup ( argv [ 1 ] ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " dbfilename " ) & & argc = = 2 ) {
2013-07-02 06:14:28 -04:00
if ( ! pathIsBaseName ( argv [ 1 ] ) ) {
err = " dbfilename can't be a path, just a filename " ;
goto loaderr ;
}
2011-12-21 06:22:13 -05:00
zfree ( server . rdb_filename ) ;
server . rdb_filename = zstrdup ( argv [ 1 ] ) ;
2016-12-29 20:37:52 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " active-defrag-threshold-lower " ) & & argc = = 2 ) {
server . active_defrag_threshold_lower = atoi ( argv [ 1 ] ) ;
if ( server . active_defrag_threshold_lower < 0 ) {
err = " active-defrag-threshold-lower must be 0 or greater " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " active-defrag-threshold-upper " ) & & argc = = 2 ) {
server . active_defrag_threshold_upper = atoi ( argv [ 1 ] ) ;
if ( server . active_defrag_threshold_upper < 0 ) {
err = " active-defrag-threshold-upper must be 0 or greater " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " active-defrag-ignore-bytes " ) & & argc = = 2 ) {
server . active_defrag_ignore_bytes = memtoll ( argv [ 1 ] , NULL ) ;
if ( server . active_defrag_ignore_bytes < = 0 ) {
err = " active-defrag-ignore-bytes must above 0 " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " active-defrag-cycle-min " ) & & argc = = 2 ) {
server . active_defrag_cycle_min = atoi ( argv [ 1 ] ) ;
if ( server . active_defrag_cycle_min < 1 | | server . active_defrag_cycle_min > 99 ) {
err = " active-defrag-cycle-min must be between 1 and 99 " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " active-defrag-cycle-max " ) & & argc = = 2 ) {
server . active_defrag_cycle_max = atoi ( argv [ 1 ] ) ;
if ( server . active_defrag_cycle_max < 1 | | server . active_defrag_cycle_max > 99 ) {
err = " active-defrag-cycle-max must be between 1 and 99 " ;
goto loaderr ;
}
2012-01-03 01:14:10 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " hash-max-ziplist-entries " ) & & argc = = 2 ) {
server . hash_max_ziplist_entries = memtoll ( argv [ 1 ] , NULL ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " hash-max-ziplist-value " ) & & argc = = 2 ) {
server . hash_max_ziplist_value = memtoll ( argv [ 1 ] , NULL ) ;
2010-06-21 18:07:48 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " list-max-ziplist-entries " ) & & argc = = 2 ) {
2014-12-16 00:49:14 -05:00
/* DEAD OPTION */
2010-11-03 07:14:36 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " list-max-ziplist-value " ) & & argc = = 2 ) {
2014-12-16 00:49:14 -05:00
/* DEAD OPTION */
} else if ( ! strcasecmp ( argv [ 0 ] , " list-max-ziplist-size " ) & & argc = = 2 ) {
server . list_max_ziplist_size = atoi ( argv [ 1 ] ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " list-compress-depth " ) & & argc = = 2 ) {
server . list_compress_depth = atoi ( argv [ 1 ] ) ;
2010-11-03 07:14:36 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " set-max-intset-entries " ) & & argc = = 2 ) {
2010-07-02 13:57:12 -04:00
server . set_max_intset_entries = memtoll ( argv [ 1 ] , NULL ) ;
2011-03-09 08:01:57 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " zset-max-ziplist-entries " ) & & argc = = 2 ) {
server . zset_max_ziplist_entries = memtoll ( argv [ 1 ] , NULL ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " zset-max-ziplist-value " ) & & argc = = 2 ) {
server . zset_max_ziplist_value = memtoll ( argv [ 1 ] , NULL ) ;
2014-04-15 11:46:51 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " hll-sparse-max-bytes " ) & & argc = = 2 ) {
server . hll_sparse_max_bytes = memtoll ( argv [ 1 ] , NULL ) ;
2010-11-03 07:14:36 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " rename-command " ) & & argc = = 3 ) {
struct redisCommand * cmd = lookupCommand ( argv [ 1 ] ) ;
int retval ;
if ( ! cmd ) {
err = " No such command in rename-command " ;
goto loaderr ;
}
2013-01-16 12:00:20 -05:00
/* If the target command name is the empty string we just
2010-11-03 07:14:36 -04:00
* remove it from the command table . */
retval = dictDelete ( server . commands , argv [ 1 ] ) ;
2015-07-26 09:29:53 -04:00
serverAssert ( retval = = DICT_OK ) ;
2010-11-03 07:14:36 -04:00
/* Otherwise we re-add the command under a different name. */
if ( sdslen ( argv [ 2 ] ) ! = 0 ) {
sds copy = sdsdup ( argv [ 2 ] ) ;
retval = dictAdd ( server . commands , copy , cmd ) ;
if ( retval ! = DICT_OK ) {
sdsfree ( copy ) ;
err = " Target command name already exists " ; goto loaderr ;
}
}
2011-03-29 11:51:15 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-enabled " ) & & argc = = 2 ) {
if ( ( server . cluster_enabled = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2011-04-07 15:34:41 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-config-file " ) & & argc = = 2 ) {
2013-02-14 09:20:02 -05:00
zfree ( server . cluster_configfile ) ;
server . cluster_configfile = zstrdup ( argv [ 1 ] ) ;
2016-01-19 09:05:52 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-announce-ip " ) & & argc = = 2 ) {
zfree ( server . cluster_announce_ip ) ;
server . cluster_announce_ip = zstrdup ( argv [ 1 ] ) ;
2016-01-21 10:57:35 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-announce-port " ) & & argc = = 2 ) {
server . cluster_announce_port = atoi ( argv [ 1 ] ) ;
if ( server . cluster_announce_port < 0 | |
server . cluster_announce_port > 65535 )
{
err = " Invalid port " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-announce-bus-port " ) & &
argc = = 2 )
{
server . cluster_announce_bus_port = atoi ( argv [ 1 ] ) ;
if ( server . cluster_announce_bus_port < 0 | |
server . cluster_announce_bus_port > 65535 )
{
err = " Invalid port " ; goto loaderr ;
}
2014-09-17 05:10:09 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-require-full-coverage " ) & &
argc = = 2 )
{
if ( ( server . cluster_require_full_coverage = yesnotoi ( argv [ 1 ] ) ) = = - 1 )
{
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2013-04-04 06:29:10 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-node-timeout " ) & & argc = = 2 ) {
2013-10-09 10:18:33 -04:00
server . cluster_node_timeout = strtoll ( argv [ 1 ] , NULL , 10 ) ;
2013-04-04 06:29:10 -04:00
if ( server . cluster_node_timeout < = 0 ) {
err = " cluster node timeout must be 1 or greater " ; goto loaderr ;
}
2014-01-31 05:12:34 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-migration-barrier " )
& & argc = = 2 )
{
server . cluster_migration_barrier = atoi ( argv [ 1 ] ) ;
if ( server . cluster_migration_barrier < 0 ) {
2014-05-22 10:57:47 -04:00
err = " cluster migration barrier must zero or positive " ;
goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " cluster-slave-validity-factor " )
& & argc = = 2 )
{
server . cluster_slave_validity_factor = atoi ( argv [ 1 ] ) ;
if ( server . cluster_slave_validity_factor < 0 ) {
err = " cluster slave validity factor must be zero or positive " ;
2014-01-31 05:12:34 -05:00
goto loaderr ;
}
2011-05-06 11:21:27 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " lua-time-limit " ) & & argc = = 2 ) {
server . lua_time_limit = strtoll ( argv [ 1 ] , NULL , 10 ) ;
2011-06-30 09:47:15 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " slowlog-log-slower-than " ) & &
argc = = 2 )
{
server . slowlog_log_slower_than = strtoll ( argv [ 1 ] , NULL , 10 ) ;
2014-07-02 06:27:24 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " latency-monitor-threshold " ) & &
argc = = 2 )
{
server . latency_monitor_threshold = strtoll ( argv [ 1 ] , NULL , 10 ) ;
if ( server . latency_monitor_threshold < 0 ) {
err = " The latency threshold can't be negative " ;
goto loaderr ;
}
2011-06-30 09:47:15 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " slowlog-max-len " ) & & argc = = 2 ) {
server . slowlog_max_len = strtoll ( argv [ 1 ] , NULL , 10 ) ;
2012-01-24 04:43:30 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " client-output-buffer-limit " ) & &
argc = = 5 )
{
2014-06-16 04:43:05 -04:00
int class = getClientTypeByName ( argv [ 1 ] ) ;
2012-01-24 04:43:30 -05:00
unsigned long long hard , soft ;
int soft_seconds ;
Security: CONFIG SET client-output-buffer-limit overflow fixed.
This commit fixes a vunlerability reported by Cory Duplantis
of Cisco Talos, see TALOS-2016-0206 for reference.
CONFIG SET client-output-buffer-limit accepts as client class "master"
which is actually only used to implement CLIENT KILL. The "master" class
has ID 3. What happens is that the global structure:
server.client_obuf_limits[class]
Is accessed with class = 3. However it is a 3 elements array, so writing
the 4th element means to write up to 24 bytes of memory *after* the end
of the array, since the structure is defined as:
typedef struct clientBufferLimitsConfig {
unsigned long long hard_limit_bytes;
unsigned long long soft_limit_bytes;
time_t soft_limit_seconds;
} clientBufferLimitsConfig;
EVALUATION OF IMPACT:
Checking what's past the boundaries of the array in the global
'server' structure, we find AOF state fields:
clientBufferLimitsConfig client_obuf_limits[CLIENT_TYPE_OBUF_COUNT];
/* AOF persistence */
int aof_state; /* AOF_(ON|OFF|WAIT_REWRITE) */
int aof_fsync; /* Kind of fsync() policy */
char *aof_filename; /* Name of the AOF file */
int aof_no_fsync_on_rewrite; /* Don't fsync if a rewrite is in prog. */
int aof_rewrite_perc; /* Rewrite AOF if % growth is > M and... */
off_t aof_rewrite_min_size; /* the AOF file is at least N bytes. */
off_t aof_rewrite_base_size; /* AOF size on latest startup or rewrite. */
off_t aof_current_size; /* AOF current size. */
Writing to most of these fields should be harmless and only cause problems in
Redis persistence that should not escalate to security problems.
However unfortunately writing to "aof_filename" could be potentially a
security issue depending on the access pattern.
Searching for "aof.filename" accesses in the source code returns many different
usages of the field, including using it as input for open(), logging to the
Redis log file or syslog, and calling the rename() syscall.
It looks possible that attacks could lead at least to informations
disclosure of the state and data inside Redis. However note that the
attacker must already have access to the server. But, worse than that,
it looks possible that being able to change the AOF filename can be used
to mount more powerful attacks: like overwriting random files with AOF
data (easily a potential security issue as demostrated here:
http://antirez.com/news/96), or even more subtle attacks where the
AOF filename is changed to a path were a malicious AOF file is loaded
in order to exploit other potential issues when the AOF parser is fed
with untrusted input (no known issue known currently).
The fix checks the places where the 'master' class is specifiedf in
order to access configuration data structures, and return an error in
this cases.
WHO IS AT RISK?
The "master" client class was introduced in Redis in Jul 28 2015.
Every Redis instance released past this date is not vulnerable
while all the releases after this date are. Notably:
Redis 3.0.x is NOT vunlerable.
Redis 3.2.x IS vulnerable.
Redis unstable is vulnerable.
In order for the instance to be at risk, at least one of the following
conditions must be true:
1. The attacker can access Redis remotely and is able to send
the CONFIG SET command (often banned in managed Redis instances).
2. The attacker is able to control the "redis.conf" file and
can wait or trigger a server restart.
The problem was fixed 26th September 2016 in all the releases affected.
2016-09-25 16:48:41 -04:00
if ( class = = - 1 | | class = = CLIENT_TYPE_MASTER ) {
err = " Unrecognized client limit class: the user specified "
" an invalid one, or 'master' which has no buffer limits. " ;
2012-01-24 04:43:30 -05:00
goto loaderr ;
}
hard = memtoll ( argv [ 2 ] , NULL ) ;
soft = memtoll ( argv [ 3 ] , NULL ) ;
soft_seconds = atoi ( argv [ 4 ] ) ;
if ( soft_seconds < 0 ) {
2013-01-16 12:00:20 -05:00
err = " Negative number of seconds in soft limit is invalid " ;
2012-01-24 04:43:30 -05:00
goto loaderr ;
}
server . client_obuf_limits [ class ] . hard_limit_bytes = hard ;
server . client_obuf_limits [ class ] . soft_limit_bytes = soft ;
server . client_obuf_limits [ class ] . soft_limit_seconds = soft_seconds ;
2012-03-07 12:02:26 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " stop-writes-on-bgsave-error " ) & &
argc = = 2 ) {
if ( ( server . stop_writes_on_bgsave_err = yesnotoi ( argv [ 1 ] ) ) = = - 1 ) {
err = " argument must be 'yes' or 'no' " ; goto loaderr ;
}
2012-08-28 11:20:26 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " slave-priority " ) & & argc = = 2 ) {
server . slave_priority = atoi ( argv [ 1 ] ) ;
2016-07-27 10:41:20 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " slave-announce-ip " ) & & argc = = 2 ) {
zfree ( server . slave_announce_ip ) ;
server . slave_announce_ip = zstrdup ( argv [ 1 ] ) ;
} else if ( ! strcasecmp ( argv [ 0 ] , " slave-announce-port " ) & & argc = = 2 ) {
server . slave_announce_port = atoi ( argv [ 1 ] ) ;
if ( server . slave_announce_port < 0 | |
server . slave_announce_port > 65535 )
{
err = " Invalid port " ; goto loaderr ;
}
2013-05-29 05:36:44 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " min-slaves-to-write " ) & & argc = = 2 ) {
server . repl_min_slaves_to_write = atoi ( argv [ 1 ] ) ;
if ( server . repl_min_slaves_to_write < 0 ) {
err = " Invalid value for min-slaves-to-write. " ; goto loaderr ;
}
} else if ( ! strcasecmp ( argv [ 0 ] , " min-slaves-max-lag " ) & & argc = = 2 ) {
server . repl_min_slaves_max_lag = atoi ( argv [ 1 ] ) ;
if ( server . repl_min_slaves_max_lag < 0 ) {
err = " Invalid value for min-slaves-max-lag. " ; goto loaderr ;
}
2013-01-23 10:23:33 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " notify-keyspace-events " ) & & argc = = 2 ) {
2013-01-25 07:19:08 -05:00
int flags = keyspaceEventsStringToFlags ( argv [ 1 ] ) ;
if ( flags = = - 1 ) {
err = " Invalid event class character. Use 'g$lshzxeA'. " ;
goto loaderr ;
2013-01-23 10:23:33 -05:00
}
2013-01-25 07:19:08 -05:00
server . notify_keyspace_events = flags ;
2015-01-08 15:22:33 -05:00
} else if ( ! strcasecmp ( argv [ 0 ] , " supervised " ) & & argc = = 2 ) {
2015-03-11 18:20:57 -04:00
server . supervised_mode =
configEnumGetValue ( supervised_mode_enum , argv [ 1 ] ) ;
2015-01-08 15:22:33 -05:00
2015-03-11 18:20:57 -04:00
if ( server . supervised_mode = = INT_MIN ) {
2015-01-08 15:22:33 -05:00
err = " Invalid option for 'supervised'. "
" Allowed values: 'upstart', 'systemd', 'auto', or 'no' " ;
goto loaderr ;
}
2016-06-05 03:03:34 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " loadmodule " ) & & argc > = 2 ) {
queueLoadModule ( argv [ 1 ] , & argv [ 2 ] , argc - 2 ) ;
2012-07-23 06:54:52 -04:00
} else if ( ! strcasecmp ( argv [ 0 ] , " sentinel " ) ) {
/* argc == 1 is handled by main() as we need to enter the sentinel
* mode ASAP . */
if ( argc ! = 1 ) {
if ( ! server . sentinel_mode ) {
err = " sentinel directive while not in sentinel mode " ;
goto loaderr ;
}
err = sentinelHandleConfiguration ( argv + 1 , argc - 1 ) ;
if ( err ) goto loaderr ;
}
2010-06-21 18:07:48 -04:00
} else {
err = " Bad directive or wrong number of arguments " ; goto loaderr ;
}
2011-12-01 07:44:53 -05:00
sdsfreesplitres ( argv , argc ) ;
2010-06-21 18:07:48 -04:00
}
2013-03-05 06:58:22 -05:00
/* Sanity checks. */
if ( server . cluster_enabled & & server . masterhost ) {
2014-01-20 05:08:14 -05:00
linenum = slaveof_linenum ;
i = linenum - 1 ;
2013-03-05 06:58:22 -05:00
err = " slaveof directive not allowed in cluster mode " ;
goto loaderr ;
}
2014-01-20 05:08:14 -05:00
sdsfreesplitres ( lines , totlines ) ;
2010-06-21 18:07:48 -04:00
return ;
loaderr :
fprintf ( stderr , " \n *** FATAL CONFIG FILE ERROR *** \n " ) ;
fprintf ( stderr , " Reading the configuration file, at line %d \n " , linenum ) ;
2011-12-01 07:44:53 -05:00
fprintf ( stderr , " >>> '%s' \n " , lines [ i ] ) ;
2010-06-21 18:07:48 -04:00
fprintf ( stderr , " %s \n " , err ) ;
exit ( 1 ) ;
}
2011-12-01 07:44:53 -05:00
/* Load the server configuration from the specified filename.
* The function appends the additional configuration directives stored
* in the ' options ' string to the config file before loading .
*
* Both filename and options can be NULL , in such a case are considered
2013-01-16 12:00:20 -05:00
* empty . This way loadServerConfig can be used to just load a file or
2011-12-01 07:44:53 -05:00
* just load a string . */
void loadServerConfig ( char * filename , char * options ) {
sds config = sdsempty ( ) ;
2015-07-27 03:41:48 -04:00
char buf [ CONFIG_MAX_LINE + 1 ] ;
2011-12-01 07:44:53 -05:00
/* Load the file content */
if ( filename ) {
FILE * fp ;
if ( filename [ 0 ] = = ' - ' & & filename [ 1 ] = = ' \0 ' ) {
fp = stdin ;
} else {
if ( ( fp = fopen ( filename , " r " ) ) = = NULL ) {
2015-07-27 03:41:48 -04:00
serverLog ( LL_WARNING ,
2011-12-01 07:44:53 -05:00
" Fatal error, can't open config file '%s' " , filename ) ;
exit ( 1 ) ;
}
}
2015-07-27 03:41:48 -04:00
while ( fgets ( buf , CONFIG_MAX_LINE + 1 , fp ) ! = NULL )
2011-12-01 07:44:53 -05:00
config = sdscat ( config , buf ) ;
if ( fp ! = stdin ) fclose ( fp ) ;
}
/* Append the additional options */
if ( options ) {
config = sdscat ( config , " \n " ) ;
config = sdscat ( config , options ) ;
}
loadServerConfigFromString ( config ) ;
sdsfree ( config ) ;
}
2010-06-21 18:07:48 -04:00
/*-----------------------------------------------------------------------------
2013-05-09 18:15:18 -04:00
* CONFIG SET implementation
2010-06-21 18:07:48 -04:00
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
2015-03-10 07:37:39 -04:00
# define config_set_bool_field(_name,_var) \
} else if ( ! strcasecmp ( c - > argv [ 2 ] - > ptr , _name ) ) { \
int yn = yesnotoi ( o - > ptr ) ; \
if ( yn = = - 1 ) goto badfmt ; \
2015-03-11 04:02:04 -04:00
_var = yn ;
2015-03-10 07:37:39 -04:00
# define config_set_numerical_field(_name,_var,min,max) \
} else if ( ! strcasecmp ( c - > argv [ 2 ] - > ptr , _name ) ) { \
2016-05-22 13:35:14 -04:00
if ( getLongLongFromObject ( o , & ll ) = = C_ERR ) goto badfmt ; \
2015-03-10 07:37:39 -04:00
if ( min ! = LLONG_MIN & & ll < min ) goto badfmt ; \
if ( max ! = LLONG_MAX & & ll > max ) goto badfmt ; \
2015-03-11 04:02:04 -04:00
_var = ll ;
# define config_set_memory_field(_name,_var) \
} else if ( ! strcasecmp ( c - > argv [ 2 ] - > ptr , _name ) ) { \
ll = memtoll ( o - > ptr , & err ) ; \
if ( err | | ll < 0 ) goto badfmt ; \
_var = ll ;
2015-03-11 11:59:56 -04:00
# define config_set_enum_field(_name,_var,_enumvar) \
} else if ( ! strcasecmp ( c - > argv [ 2 ] - > ptr , _name ) ) { \
int enumval = configEnumGetValue ( _enumvar , o - > ptr ) ; \
if ( enumval = = INT_MIN ) goto badfmt ; \
_var = enumval ;
2015-03-11 04:02:04 -04:00
# define config_set_special_field(_name) \
} else if ( ! strcasecmp ( c - > argv [ 2 ] - > ptr , _name ) ) {
2015-03-10 07:37:39 -04:00
2015-03-11 18:20:57 -04:00
# define config_set_else } else
2015-07-26 09:20:46 -04:00
void configSetCommand ( client * c ) {
2010-10-17 12:09:23 -04:00
robj * o ;
2010-06-21 18:07:48 -04:00
long long ll ;
2015-02-12 10:51:20 -05:00
int err ;
2015-07-26 09:29:53 -04:00
serverAssertWithInfo ( c , c - > argv [ 2 ] , sdsEncodedObject ( c - > argv [ 2 ] ) ) ;
serverAssertWithInfo ( c , c - > argv [ 3 ] , sdsEncodedObject ( c - > argv [ 3 ] ) ) ;
2010-10-17 12:09:23 -04:00
o = c - > argv [ 3 ] ;
2010-06-21 18:07:48 -04:00
2015-03-11 04:02:04 -04:00
if ( 0 ) { /* this starts the config_set macros else-if chain. */
/* Special fields that can't be handled with general macros. */
config_set_special_field ( " dbfilename " ) {
2013-07-02 06:14:28 -04:00
if ( ! pathIsBaseName ( o - > ptr ) ) {
addReplyError ( c , " dbfilename can't be a path, just a filename " ) ;
return ;
}
2011-12-21 06:22:13 -05:00
zfree ( server . rdb_filename ) ;
server . rdb_filename = zstrdup ( o - > ptr ) ;
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " requirepass " ) {
2015-07-27 03:41:48 -04:00
if ( sdslen ( o - > ptr ) > CONFIG_AUTHPASS_MAX_LEN ) goto badfmt ;
2010-06-21 18:07:48 -04:00
zfree ( server . requirepass ) ;
2011-10-31 04:57:06 -04:00
server . requirepass = ( ( char * ) o - > ptr ) [ 0 ] ? zstrdup ( o - > ptr ) : NULL ;
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " masterauth " ) {
2010-06-21 18:07:48 -04:00
zfree ( server . masterauth ) ;
2013-05-02 11:20:49 -04:00
server . masterauth = ( ( char * ) o - > ptr ) [ 0 ] ? zstrdup ( o - > ptr ) : NULL ;
2016-01-19 09:05:52 -05:00
} config_set_special_field ( " cluster-announce-ip " ) {
zfree ( server . cluster_announce_ip ) ;
server . cluster_announce_ip = ( ( char * ) o - > ptr ) [ 0 ] ? zstrdup ( o - > ptr ) : NULL ;
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " maxclients " ) {
2013-06-28 11:08:03 -04:00
int orig_value = server . maxclients ;
2015-07-26 17:17:55 -04:00
if ( getLongLongFromObject ( o , & ll ) = = C_ERR | | ll < 1 ) goto badfmt ;
2013-06-28 11:08:03 -04:00
/* Try to check if the OS is capable of supporting so many FDs. */
server . maxclients = ll ;
if ( ll > orig_value ) {
adjustOpenFilesLimit ( ) ;
if ( server . maxclients ! = ll ) {
addReplyErrorFormat ( c , " The operating system is not able to handle the specified number of clients, try with %d " , server . maxclients ) ;
server . maxclients = orig_value ;
return ;
}
2014-08-13 05:44:38 -04:00
if ( ( unsigned int ) aeGetSetSize ( server . el ) <
2015-07-27 03:41:48 -04:00
server . maxclients + CONFIG_FDSET_INCR )
2013-06-28 11:08:03 -04:00
{
if ( aeResizeSetSize ( server . el ,
2015-07-27 03:41:48 -04:00
server . maxclients + CONFIG_FDSET_INCR ) = = AE_ERR )
2013-06-28 11:08:03 -04:00
{
addReplyError ( c , " The event loop API used by Redis is not able to handle the specified number of clients " ) ;
server . maxclients = orig_value ;
return ;
}
}
}
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " appendonly " ) {
2011-12-21 04:31:34 -05:00
int enable = yesnotoi ( o - > ptr ) ;
if ( enable = = - 1 ) goto badfmt ;
2015-07-27 03:41:48 -04:00
if ( enable = = 0 & & server . aof_state ! = AOF_OFF ) {
2011-12-21 04:31:34 -05:00
stopAppendOnly ( ) ;
2015-07-27 03:41:48 -04:00
} else if ( enable & & server . aof_state = = AOF_OFF ) {
2015-07-26 17:17:55 -04:00
if ( startAppendOnly ( ) = = C_ERR ) {
2011-12-21 04:31:34 -05:00
addReplyError ( c ,
" Unable to turn on AOF. Check server logs. " ) ;
return ;
2010-06-21 18:07:48 -04:00
}
}
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " save " ) {
2010-06-21 18:07:48 -04:00
int vlen , j ;
sds * v = sdssplitlen ( o - > ptr , sdslen ( o - > ptr ) , " " , 1 , & vlen ) ;
/* Perform sanity check before setting the new config:
* - Even number of args
* - Seconds > = 1 , changes > = 0 */
if ( vlen & 1 ) {
sdsfreesplitres ( v , vlen ) ;
goto badfmt ;
}
for ( j = 0 ; j < vlen ; j + + ) {
char * eptr ;
long val ;
val = strtoll ( v [ j ] , & eptr , 10 ) ;
if ( eptr [ 0 ] ! = ' \0 ' | |
( ( j & 1 ) = = 0 & & val < 1 ) | |
( ( j & 1 ) = = 1 & & val < 0 ) ) {
sdsfreesplitres ( v , vlen ) ;
goto badfmt ;
}
}
/* Finally set the new config */
resetServerSaveParams ( ) ;
for ( j = 0 ; j < vlen ; j + = 2 ) {
time_t seconds ;
int changes ;
seconds = strtoll ( v [ j ] , NULL , 10 ) ;
changes = strtoll ( v [ j + 1 ] , NULL , 10 ) ;
appendServerSaveParams ( seconds , changes ) ;
}
sdsfreesplitres ( v , vlen ) ;
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " dir " ) {
2011-02-13 20:51:27 -05:00
if ( chdir ( ( char * ) o - > ptr ) = = - 1 ) {
addReplyErrorFormat ( c , " Changing directory: %s " , strerror ( errno ) ) ;
return ;
}
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " client-output-buffer-limit " ) {
2012-01-24 04:43:30 -05:00
int vlen , j ;
sds * v = sdssplitlen ( o - > ptr , sdslen ( o - > ptr ) , " " , 1 , & vlen ) ;
/* We need a multiple of 4: <class> <hard> <soft> <soft_seconds> */
if ( vlen % 4 ) {
sdsfreesplitres ( v , vlen ) ;
goto badfmt ;
}
/* Sanity check of single arguments, so that we either refuse the
* whole configuration string or accept it all , even if a single
* error in a single client class is present . */
for ( j = 0 ; j < vlen ; j + + ) {
long val ;
if ( ( j % 4 ) = = 0 ) {
Security: CONFIG SET client-output-buffer-limit overflow fixed.
This commit fixes a vunlerability reported by Cory Duplantis
of Cisco Talos, see TALOS-2016-0206 for reference.
CONFIG SET client-output-buffer-limit accepts as client class "master"
which is actually only used to implement CLIENT KILL. The "master" class
has ID 3. What happens is that the global structure:
server.client_obuf_limits[class]
Is accessed with class = 3. However it is a 3 elements array, so writing
the 4th element means to write up to 24 bytes of memory *after* the end
of the array, since the structure is defined as:
typedef struct clientBufferLimitsConfig {
unsigned long long hard_limit_bytes;
unsigned long long soft_limit_bytes;
time_t soft_limit_seconds;
} clientBufferLimitsConfig;
EVALUATION OF IMPACT:
Checking what's past the boundaries of the array in the global
'server' structure, we find AOF state fields:
clientBufferLimitsConfig client_obuf_limits[CLIENT_TYPE_OBUF_COUNT];
/* AOF persistence */
int aof_state; /* AOF_(ON|OFF|WAIT_REWRITE) */
int aof_fsync; /* Kind of fsync() policy */
char *aof_filename; /* Name of the AOF file */
int aof_no_fsync_on_rewrite; /* Don't fsync if a rewrite is in prog. */
int aof_rewrite_perc; /* Rewrite AOF if % growth is > M and... */
off_t aof_rewrite_min_size; /* the AOF file is at least N bytes. */
off_t aof_rewrite_base_size; /* AOF size on latest startup or rewrite. */
off_t aof_current_size; /* AOF current size. */
Writing to most of these fields should be harmless and only cause problems in
Redis persistence that should not escalate to security problems.
However unfortunately writing to "aof_filename" could be potentially a
security issue depending on the access pattern.
Searching for "aof.filename" accesses in the source code returns many different
usages of the field, including using it as input for open(), logging to the
Redis log file or syslog, and calling the rename() syscall.
It looks possible that attacks could lead at least to informations
disclosure of the state and data inside Redis. However note that the
attacker must already have access to the server. But, worse than that,
it looks possible that being able to change the AOF filename can be used
to mount more powerful attacks: like overwriting random files with AOF
data (easily a potential security issue as demostrated here:
http://antirez.com/news/96), or even more subtle attacks where the
AOF filename is changed to a path were a malicious AOF file is loaded
in order to exploit other potential issues when the AOF parser is fed
with untrusted input (no known issue known currently).
The fix checks the places where the 'master' class is specifiedf in
order to access configuration data structures, and return an error in
this cases.
WHO IS AT RISK?
The "master" client class was introduced in Redis in Jul 28 2015.
Every Redis instance released past this date is not vulnerable
while all the releases after this date are. Notably:
Redis 3.0.x is NOT vunlerable.
Redis 3.2.x IS vulnerable.
Redis unstable is vulnerable.
In order for the instance to be at risk, at least one of the following
conditions must be true:
1. The attacker can access Redis remotely and is able to send
the CONFIG SET command (often banned in managed Redis instances).
2. The attacker is able to control the "redis.conf" file and
can wait or trigger a server restart.
The problem was fixed 26th September 2016 in all the releases affected.
2016-09-25 16:48:41 -04:00
int class = getClientTypeByName ( v [ j ] ) ;
if ( class = = - 1 | | class = = CLIENT_TYPE_MASTER ) {
2012-01-24 04:43:30 -05:00
sdsfreesplitres ( v , vlen ) ;
goto badfmt ;
}
} else {
2015-02-12 10:51:20 -05:00
val = memtoll ( v [ j ] , & err ) ;
if ( err | | val < 0 ) {
2012-01-24 04:43:30 -05:00
sdsfreesplitres ( v , vlen ) ;
goto badfmt ;
}
}
}
/* Finally set the new config */
for ( j = 0 ; j < vlen ; j + = 4 ) {
int class ;
unsigned long long hard , soft ;
int soft_seconds ;
2014-06-16 04:43:05 -04:00
class = getClientTypeByName ( v [ j ] ) ;
2012-01-24 04:43:30 -05:00
hard = strtoll ( v [ j + 1 ] , NULL , 10 ) ;
soft = strtoll ( v [ j + 2 ] , NULL , 10 ) ;
soft_seconds = strtoll ( v [ j + 3 ] , NULL , 10 ) ;
server . client_obuf_limits [ class ] . hard_limit_bytes = hard ;
server . client_obuf_limits [ class ] . soft_limit_bytes = soft ;
server . client_obuf_limits [ class ] . soft_limit_seconds = soft_seconds ;
}
sdsfreesplitres ( v , vlen ) ;
2015-03-11 04:02:04 -04:00
} config_set_special_field ( " notify-keyspace-events " ) {
2013-01-25 07:19:08 -05:00
int flags = keyspaceEventsStringToFlags ( o - > ptr ) ;
2012-04-10 09:47:10 -04:00
2013-01-25 07:19:08 -05:00
if ( flags = = - 1 ) goto badfmt ;
server . notify_keyspace_events = flags ;
2016-07-27 10:41:20 -04:00
} config_set_special_field ( " slave-announce-ip " ) {
zfree ( server . slave_announce_ip ) ;
server . slave_announce_ip = ( ( char * ) o - > ptr ) [ 0 ] ? zstrdup ( o - > ptr ) : NULL ;
2015-03-10 07:37:39 -04:00
/* Boolean fields.
* config_set_bool_field ( name , var ) . */
2015-03-11 04:02:04 -04:00
} config_set_bool_field (
2015-03-10 07:37:39 -04:00
" rdbcompression " , server . rdb_compression ) {
} config_set_bool_field (
" repl-disable-tcp-nodelay " , server . repl_disable_tcp_nodelay ) {
} config_set_bool_field (
" repl-diskless-sync " , server . repl_diskless_sync ) {
} config_set_bool_field (
" cluster-require-full-coverage " , server . cluster_require_full_coverage ) {
} config_set_bool_field (
" aof-rewrite-incremental-fsync " , server . aof_rewrite_incremental_fsync ) {
} config_set_bool_field (
" aof-load-truncated " , server . aof_load_truncated ) {
2016-08-09 10:41:40 -04:00
} config_set_bool_field (
" aof-use-rdb-preamble " , server . aof_use_rdb_preamble ) {
2015-03-10 07:37:39 -04:00
} config_set_bool_field (
" slave-serve-stale-data " , server . repl_serve_stale_data ) {
} config_set_bool_field (
" slave-read-only " , server . repl_slave_ro ) {
} config_set_bool_field (
" activerehashing " , server . activerehashing ) {
2016-12-29 20:37:52 -05:00
} config_set_bool_field (
" activedefrag " , server . active_defrag_enabled ) {
New security feature: Redis protected mode.
An exposed Redis instance on the internet can be cause of serious
issues. Since Redis, by default, binds to all the interfaces, it is easy
to forget an instance without any protection layer, for error.
Protected mode try to address this feature in a soft way, providing a
layer of protection, but giving clues to Redis users about why the
server is not accepting connections.
When protected mode is enabeld (the default), and if there are no
minumum hints about the fact the server is properly configured (no
"bind" directive is used in order to restrict the server to certain
interfaces, nor a password is set), clients connecting from external
intefaces are refused with an error explaining what to do in order to
fix the issue.
Clients connecting from the IPv4 and IPv6 lookback interfaces are still
accepted normally, similarly Unix domain socket connections are not
restricted in any way.
2016-01-07 07:00:08 -05:00
} config_set_bool_field (
" protected-mode " , server . protected_mode ) {
2015-03-10 07:37:39 -04:00
} config_set_bool_field (
" stop-writes-on-bgsave-error " , server . stop_writes_on_bgsave_err ) {
2015-10-05 06:11:27 -04:00
} config_set_bool_field (
" lazyfree-lazy-eviction " , server . lazyfree_lazy_eviction ) {
} config_set_bool_field (
" lazyfree-lazy-expire " , server . lazyfree_lazy_expire ) {
} config_set_bool_field (
" lazyfree-lazy-server-del " , server . lazyfree_lazy_server_del ) {
} config_set_bool_field (
" slave-lazy-flush " , server . repl_slave_lazy_flush ) {
2016-04-25 07:19:28 -04:00
} config_set_bool_field (
2016-12-16 05:05:10 -05:00
" no-appendfsync-on-rewrite " , server . aof_no_fsync_on_rewrite ) {
2015-03-10 07:37:39 -04:00
/* Numerical fields.
* config_set_numerical_field ( name , var , min , max ) */
2015-07-14 10:32:53 -04:00
} config_set_numerical_field (
" tcp-keepalive " , server . tcpkeepalive , 0 , LLONG_MAX ) {
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" maxmemory-samples " , server . maxmemory_samples , 1 , LLONG_MAX ) {
2016-07-20 09:00:35 -04:00
} config_set_numerical_field (
" lfu-log-factor " , server . lfu_log_factor , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" lfu-decay-time " , server . lfu_decay_time , 0 , LLONG_MAX ) {
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" timeout " , server . maxidletime , 0 , LONG_MAX ) {
2016-12-29 20:37:52 -05:00
} config_set_numerical_field (
" active-defrag-threshold-lower " , server . active_defrag_threshold_lower , 0 , 1000 ) {
} config_set_numerical_field (
" active-defrag-threshold-upper " , server . active_defrag_threshold_upper , 0 , 1000 ) {
} config_set_memory_field (
" active-defrag-ignore-bytes " , server . active_defrag_ignore_bytes ) {
} config_set_numerical_field (
" active-defrag-cycle-min " , server . active_defrag_cycle_min , 1 , 99 ) {
} config_set_numerical_field (
" active-defrag-cycle-max " , server . active_defrag_cycle_max , 1 , 99 ) {
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" auto-aof-rewrite-percentage " , server . aof_rewrite_perc , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" auto-aof-rewrite-min-size " , server . aof_rewrite_min_size , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" hash-max-ziplist-entries " , server . hash_max_ziplist_entries , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" hash-max-ziplist-value " , server . hash_max_ziplist_value , 0 , LLONG_MAX ) {
} config_set_numerical_field (
2016-05-22 13:35:14 -04:00
" list-max-ziplist-size " , server . list_max_ziplist_size , INT_MIN , INT_MAX ) {
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
2016-05-22 13:35:14 -04:00
" list-compress-depth " , server . list_compress_depth , 0 , INT_MAX ) {
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" set-max-intset-entries " , server . set_max_intset_entries , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" zset-max-ziplist-entries " , server . zset_max_ziplist_entries , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" zset-max-ziplist-value " , server . zset_max_ziplist_value , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" hll-sparse-max-bytes " , server . hll_sparse_max_bytes , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" lua-time-limit " , server . lua_time_limit , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" slowlog-log-slower-than " , server . slowlog_log_slower_than , 0 , LLONG_MAX ) {
2015-03-10 08:00:33 -04:00
} config_set_numerical_field (
" slowlog-max-len " , ll , 0 , LLONG_MAX ) {
/* Cast to unsigned. */
server . slowlog_max_len = ( unsigned ) ll ;
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" latency-monitor-threshold " , server . latency_monitor_threshold , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" repl-ping-slave-period " , server . repl_ping_slave_period , 1 , LLONG_MAX ) {
} config_set_numerical_field (
" repl-timeout " , server . repl_timeout , 1 , LLONG_MAX ) {
} config_set_numerical_field (
" repl-backlog-ttl " , server . repl_backlog_time_limit , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" repl-diskless-sync-delay " , server . repl_diskless_sync_delay , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" slave-priority " , server . slave_priority , 0 , LLONG_MAX ) {
2016-07-27 10:41:20 -04:00
} config_set_numerical_field (
" slave-announce-port " , server . slave_announce_port , 0 , 65535 ) {
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" min-slaves-to-write " , server . repl_min_slaves_to_write , 0 , LLONG_MAX ) {
2013-05-30 06:23:28 -04:00
refreshGoodSlavesCount ( ) ;
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" min-slaves-max-lag " , server . repl_min_slaves_max_lag , 0 , LLONG_MAX ) {
2013-05-30 06:23:28 -04:00
refreshGoodSlavesCount ( ) ;
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" cluster-node-timeout " , server . cluster_node_timeout , 0 , LLONG_MAX ) {
2016-01-21 10:57:35 -05:00
} config_set_numerical_field (
" cluster-announce-port " , server . cluster_announce_port , 0 , 65535 ) {
} config_set_numerical_field (
" cluster-announce-bus-port " , server . cluster_announce_bus_port , 0 , 65535 ) {
2015-03-10 07:37:39 -04:00
} config_set_numerical_field (
" cluster-migration-barrier " , server . cluster_migration_barrier , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" cluster-slave-validity-factor " , server . cluster_slave_validity_factor , 0 , LLONG_MAX ) {
} config_set_numerical_field (
" hz " , server . hz , 0 , LLONG_MAX ) {
/* Hz is more an hint from the user, so we accept values out of range
* but cap them to reasonable values . */
2015-07-27 03:41:48 -04:00
if ( server . hz < CONFIG_MIN_HZ ) server . hz = CONFIG_MIN_HZ ;
if ( server . hz > CONFIG_MAX_HZ ) server . hz = CONFIG_MAX_HZ ;
2015-03-10 08:00:33 -04:00
} config_set_numerical_field (
" watchdog-period " , ll , 0 , LLONG_MAX ) {
if ( ll )
enableWatchdog ( ll ) ;
else
disableWatchdog ( ) ;
2015-03-11 04:02:04 -04:00
/* Memory fields.
* config_set_memory_field ( name , var ) */
} config_set_memory_field ( " maxmemory " , server . maxmemory ) {
if ( server . maxmemory ) {
if ( server . maxmemory < zmalloc_used_memory ( ) ) {
2015-07-27 03:41:48 -04:00
serverLog ( LL_WARNING , " WARNING: the new maxmemory value set via CONFIG SET is smaller than the current memory usage. This will result in keys eviction and/or inability to accept new write commands depending on the maxmemory-policy. " ) ;
2015-03-11 04:02:04 -04:00
}
freeMemoryIfNeeded ( ) ;
}
} config_set_memory_field ( " repl-backlog-size " , ll ) {
resizeReplicationBacklog ( ll ) ;
2015-03-11 18:20:57 -04:00
/* Enumeration fields.
* config_set_enum_field ( name , var , enum_var ) */
} config_set_enum_field (
" loglevel " , server . verbosity , loglevel_enum ) {
} config_set_enum_field (
" maxmemory-policy " , server . maxmemory_policy , maxmemory_policy_enum ) {
} config_set_enum_field (
" appendfsync " , server . aof_fsync , aof_fsync_enum ) {
2015-03-10 07:37:39 -04:00
/* Everyhing else is an error... */
2015-03-11 18:20:57 -04:00
} config_set_else {
2010-09-02 13:52:24 -04:00
addReplyErrorFormat ( c , " Unsupported CONFIG parameter: %s " ,
( char * ) c - > argv [ 2 ] - > ptr ) ;
2010-06-21 18:07:48 -04:00
return ;
}
2015-03-11 18:20:57 -04:00
/* On success we just return a generic OK for all the options. */
2010-06-21 18:07:48 -04:00
addReply ( c , shared . ok ) ;
return ;
badfmt : /* Bad format errors */
2010-09-02 13:52:24 -04:00
addReplyErrorFormat ( c , " Invalid argument '%s' for CONFIG SET '%s' " ,
2010-06-21 18:07:48 -04:00
( char * ) o - > ptr ,
2010-09-02 13:52:24 -04:00
( char * ) c - > argv [ 2 ] - > ptr ) ;
2010-06-21 18:07:48 -04:00
}
2013-05-09 18:15:18 -04:00
/*-----------------------------------------------------------------------------
* CONFIG GET implementation
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
2012-03-08 06:14:23 -05:00
# define config_get_string_field(_name,_var) do { \
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , _name , 1 ) ) { \
2012-03-08 06:14:23 -05:00
addReplyBulkCString ( c , _name ) ; \
addReplyBulkCString ( c , _var ? _var : " " ) ; \
matches + + ; \
} \
} while ( 0 ) ;
# define config_get_bool_field(_name,_var) do { \
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , _name , 1 ) ) { \
2012-03-08 06:14:23 -05:00
addReplyBulkCString ( c , _name ) ; \
addReplyBulkCString ( c , _var ? " yes " : " no " ) ; \
matches + + ; \
} \
} while ( 0 ) ;
# define config_get_numerical_field(_name,_var) do { \
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , _name , 1 ) ) { \
2012-03-08 06:14:23 -05:00
ll2string ( buf , sizeof ( buf ) , _var ) ; \
addReplyBulkCString ( c , _name ) ; \
addReplyBulkCString ( c , buf ) ; \
matches + + ; \
} \
} while ( 0 ) ;
2015-03-11 11:59:56 -04:00
# define config_get_enum_field(_name,_var,_enumvar) do { \
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , _name , 1 ) ) { \
2015-03-11 11:59:56 -04:00
addReplyBulkCString ( c , _name ) ; \
addReplyBulkCString ( c , configEnumGetNameOrUnknown ( _enumvar , _var ) ) ; \
matches + + ; \
} \
} while ( 0 ) ;
2014-06-17 10:42:19 -04:00
2015-07-26 09:20:46 -04:00
void configGetCommand ( client * c ) {
2010-10-17 12:09:23 -04:00
robj * o = c - > argv [ 2 ] ;
2010-08-30 10:02:06 -04:00
void * replylen = addDeferredMultiBulkLength ( c ) ;
2010-06-21 18:07:48 -04:00
char * pattern = o - > ptr ;
2010-10-15 05:57:38 -04:00
char buf [ 128 ] ;
2010-06-21 18:07:48 -04:00
int matches = 0 ;
2015-07-26 09:29:53 -04:00
serverAssertWithInfo ( c , o , sdsEncodedObject ( o ) ) ;
2010-06-21 18:07:48 -04:00
2012-03-08 06:14:23 -05:00
/* String values */
config_get_string_field ( " dbfilename " , server . rdb_filename ) ;
config_get_string_field ( " requirepass " , server . requirepass ) ;
2013-03-14 01:52:43 -04:00
config_get_string_field ( " masterauth " , server . masterauth ) ;
2016-01-19 09:05:52 -05:00
config_get_string_field ( " cluster-announce-ip " , server . cluster_announce_ip ) ;
2012-03-08 06:14:23 -05:00
config_get_string_field ( " unixsocket " , server . unixsocket ) ;
config_get_string_field ( " logfile " , server . logfile ) ;
config_get_string_field ( " pidfile " , server . pidfile ) ;
2016-07-27 10:41:20 -04:00
config_get_string_field ( " slave-announce-ip " , server . slave_announce_ip ) ;
2012-03-08 06:14:23 -05:00
/* Numerical values */
config_get_numerical_field ( " maxmemory " , server . maxmemory ) ;
config_get_numerical_field ( " maxmemory-samples " , server . maxmemory_samples ) ;
config_get_numerical_field ( " timeout " , server . maxidletime ) ;
2016-12-29 20:37:52 -05:00
config_get_numerical_field ( " active-defrag-threshold-lower " , server . active_defrag_threshold_lower ) ;
config_get_numerical_field ( " active-defrag-threshold-upper " , server . active_defrag_threshold_upper ) ;
config_get_numerical_field ( " active-defrag-ignore-bytes " , server . active_defrag_ignore_bytes ) ;
config_get_numerical_field ( " active-defrag-cycle-min " , server . active_defrag_cycle_min ) ;
config_get_numerical_field ( " active-defrag-cycle-max " , server . active_defrag_cycle_max ) ;
2012-03-08 06:14:23 -05:00
config_get_numerical_field ( " auto-aof-rewrite-percentage " ,
server . aof_rewrite_perc ) ;
config_get_numerical_field ( " auto-aof-rewrite-min-size " ,
server . aof_rewrite_min_size ) ;
2012-03-09 16:07:45 -05:00
config_get_numerical_field ( " hash-max-ziplist-entries " ,
server . hash_max_ziplist_entries ) ;
config_get_numerical_field ( " hash-max-ziplist-value " ,
server . hash_max_ziplist_value ) ;
2014-12-16 00:49:14 -05:00
config_get_numerical_field ( " list-max-ziplist-size " ,
server . list_max_ziplist_size ) ;
config_get_numerical_field ( " list-compress-depth " ,
server . list_compress_depth ) ;
2012-03-08 06:14:23 -05:00
config_get_numerical_field ( " set-max-intset-entries " ,
server . set_max_intset_entries ) ;
config_get_numerical_field ( " zset-max-ziplist-entries " ,
server . zset_max_ziplist_entries ) ;
config_get_numerical_field ( " zset-max-ziplist-value " ,
server . zset_max_ziplist_value ) ;
2014-04-15 11:46:51 -04:00
config_get_numerical_field ( " hll-sparse-max-bytes " ,
server . hll_sparse_max_bytes ) ;
2012-03-08 06:14:23 -05:00
config_get_numerical_field ( " lua-time-limit " , server . lua_time_limit ) ;
config_get_numerical_field ( " slowlog-log-slower-than " ,
server . slowlog_log_slower_than ) ;
2014-07-02 06:27:24 -04:00
config_get_numerical_field ( " latency-monitor-threshold " ,
server . latency_monitor_threshold ) ;
2012-03-08 06:14:23 -05:00
config_get_numerical_field ( " slowlog-max-len " ,
server . slowlog_max_len ) ;
config_get_numerical_field ( " port " , server . port ) ;
2016-01-21 10:57:35 -05:00
config_get_numerical_field ( " cluster-announce-port " , server . cluster_announce_port ) ;
config_get_numerical_field ( " cluster-announce-bus-port " , server . cluster_announce_bus_port ) ;
2014-01-31 08:55:43 -05:00
config_get_numerical_field ( " tcp-backlog " , server . tcp_backlog ) ;
2012-03-08 06:14:23 -05:00
config_get_numerical_field ( " databases " , server . dbnum ) ;
config_get_numerical_field ( " repl-ping-slave-period " , server . repl_ping_slave_period ) ;
config_get_numerical_field ( " repl-timeout " , server . repl_timeout ) ;
2013-01-30 12:33:16 -05:00
config_get_numerical_field ( " repl-backlog-size " , server . repl_backlog_size ) ;
config_get_numerical_field ( " repl-backlog-ttl " , server . repl_backlog_time_limit ) ;
2012-03-08 06:14:23 -05:00
config_get_numerical_field ( " maxclients " , server . maxclients ) ;
2012-03-27 05:47:51 -04:00
config_get_numerical_field ( " watchdog-period " , server . watchdog_period ) ;
2012-08-28 11:20:26 -04:00
config_get_numerical_field ( " slave-priority " , server . slave_priority ) ;
2016-07-27 10:41:20 -04:00
config_get_numerical_field ( " slave-announce-port " , server . slave_announce_port ) ;
2013-05-29 05:36:44 -04:00
config_get_numerical_field ( " min-slaves-to-write " , server . repl_min_slaves_to_write ) ;
config_get_numerical_field ( " min-slaves-max-lag " , server . repl_min_slaves_max_lag ) ;
2012-12-14 11:10:40 -05:00
config_get_numerical_field ( " hz " , server . hz ) ;
2013-04-04 08:21:01 -04:00
config_get_numerical_field ( " cluster-node-timeout " , server . cluster_node_timeout ) ;
2014-01-31 05:12:34 -05:00
config_get_numerical_field ( " cluster-migration-barrier " , server . cluster_migration_barrier ) ;
2014-05-22 10:57:47 -04:00
config_get_numerical_field ( " cluster-slave-validity-factor " , server . cluster_slave_validity_factor ) ;
2014-10-27 05:36:30 -04:00
config_get_numerical_field ( " repl-diskless-sync-delay " , server . repl_diskless_sync_delay ) ;
2015-07-14 10:32:53 -04:00
config_get_numerical_field ( " tcp-keepalive " , server . tcpkeepalive ) ;
2012-03-08 06:14:23 -05:00
/* Bool (yes/no) values */
2014-09-17 05:10:09 -04:00
config_get_bool_field ( " cluster-require-full-coverage " ,
server . cluster_require_full_coverage ) ;
2012-03-08 06:14:23 -05:00
config_get_bool_field ( " no-appendfsync-on-rewrite " ,
server . aof_no_fsync_on_rewrite ) ;
config_get_bool_field ( " slave-serve-stale-data " ,
server . repl_serve_stale_data ) ;
2012-03-20 12:32:48 -04:00
config_get_bool_field ( " slave-read-only " ,
server . repl_slave_ro ) ;
2012-03-08 06:14:23 -05:00
config_get_bool_field ( " stop-writes-on-bgsave-error " ,
server . stop_writes_on_bgsave_err ) ;
config_get_bool_field ( " daemonize " , server . daemonize ) ;
config_get_bool_field ( " rdbcompression " , server . rdb_compression ) ;
2012-04-10 09:47:10 -04:00
config_get_bool_field ( " rdbchecksum " , server . rdb_checksum ) ;
2012-03-08 06:14:23 -05:00
config_get_bool_field ( " activerehashing " , server . activerehashing ) ;
2016-12-29 20:37:52 -05:00
config_get_bool_field ( " activedefrag " , server . active_defrag_enabled ) ;
New security feature: Redis protected mode.
An exposed Redis instance on the internet can be cause of serious
issues. Since Redis, by default, binds to all the interfaces, it is easy
to forget an instance without any protection layer, for error.
Protected mode try to address this feature in a soft way, providing a
layer of protection, but giving clues to Redis users about why the
server is not accepting connections.
When protected mode is enabeld (the default), and if there are no
minumum hints about the fact the server is properly configured (no
"bind" directive is used in order to restrict the server to certain
interfaces, nor a password is set), clients connecting from external
intefaces are refused with an error explaining what to do in order to
fix the issue.
Clients connecting from the IPv4 and IPv6 lookback interfaces are still
accepted normally, similarly Unix domain socket connections are not
restricted in any way.
2016-01-07 07:00:08 -05:00
config_get_bool_field ( " protected-mode " , server . protected_mode ) ;
2013-01-31 05:14:15 -05:00
config_get_bool_field ( " repl-disable-tcp-nodelay " ,
server . repl_disable_tcp_nodelay ) ;
2014-10-16 04:22:02 -04:00
config_get_bool_field ( " repl-diskless-sync " ,
server . repl_diskless_sync ) ;
2013-04-24 04:57:07 -04:00
config_get_bool_field ( " aof-rewrite-incremental-fsync " ,
server . aof_rewrite_incremental_fsync ) ;
2014-09-08 03:23:55 -04:00
config_get_bool_field ( " aof-load-truncated " ,
server . aof_load_truncated ) ;
2016-08-09 10:41:40 -04:00
config_get_bool_field ( " aof-use-rdb-preamble " ,
server . aof_use_rdb_preamble ) ;
2015-10-05 06:11:27 -04:00
config_get_bool_field ( " lazyfree-lazy-eviction " ,
server . lazyfree_lazy_eviction ) ;
config_get_bool_field ( " lazyfree-lazy-expire " ,
server . lazyfree_lazy_expire ) ;
config_get_bool_field ( " lazyfree-lazy-server-del " ,
server . lazyfree_lazy_server_del ) ;
config_get_bool_field ( " slave-lazy-flush " ,
server . repl_slave_lazy_flush ) ;
2012-03-08 06:14:23 -05:00
2015-03-11 11:59:56 -04:00
/* Enum values */
config_get_enum_field ( " maxmemory-policy " ,
server . maxmemory_policy , maxmemory_policy_enum ) ;
2015-03-11 18:20:57 -04:00
config_get_enum_field ( " loglevel " ,
server . verbosity , loglevel_enum ) ;
config_get_enum_field ( " supervised " ,
server . supervised_mode , supervised_mode_enum ) ;
config_get_enum_field ( " appendfsync " ,
server . aof_fsync , aof_fsync_enum ) ;
2015-03-12 04:59:10 -04:00
config_get_enum_field ( " syslog-facility " ,
server . syslog_facility , syslog_facility_enum ) ;
2015-03-11 11:59:56 -04:00
2012-03-08 06:14:23 -05:00
/* Everything we can't handle with macros follows. */
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " appendonly " , 1 ) ) {
2012-03-08 06:14:23 -05:00
addReplyBulkCString ( c , " appendonly " ) ;
2015-07-27 03:41:48 -04:00
addReplyBulkCString ( c , server . aof_state = = AOF_OFF ? " no " : " yes " ) ;
2012-03-08 06:14:23 -05:00
matches + + ;
}
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " dir " , 1 ) ) {
2011-02-13 20:51:27 -05:00
char buf [ 1024 ] ;
2011-07-27 09:03:48 -04:00
if ( getcwd ( buf , sizeof ( buf ) ) = = NULL )
2011-02-21 11:41:25 -05:00
buf [ 0 ] = ' \0 ' ;
2011-07-27 09:03:48 -04:00
addReplyBulkCString ( c , " dir " ) ;
addReplyBulkCString ( c , buf ) ;
2011-02-13 20:51:27 -05:00
matches + + ;
}
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " save " , 1 ) ) {
2010-06-21 18:07:48 -04:00
sds buf = sdsempty ( ) ;
int j ;
for ( j = 0 ; j < server . saveparamslen ; j + + ) {
2012-10-28 00:33:04 -04:00
buf = sdscatprintf ( buf , " %jd %d " ,
( intmax_t ) server . saveparams [ j ] . seconds ,
2010-06-21 18:07:48 -04:00
server . saveparams [ j ] . changes ) ;
if ( j ! = server . saveparamslen - 1 )
buf = sdscatlen ( buf , " " , 1 ) ;
}
addReplyBulkCString ( c , " save " ) ;
addReplyBulkCString ( c , buf ) ;
sdsfree ( buf ) ;
matches + + ;
}
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " client-output-buffer-limit " , 1 ) ) {
2012-01-24 04:43:30 -05:00
sds buf = sdsempty ( ) ;
int j ;
2015-07-28 10:58:04 -04:00
for ( j = 0 ; j < CLIENT_TYPE_OBUF_COUNT ; j + + ) {
2012-01-24 04:43:30 -05:00
buf = sdscatprintf ( buf , " %s %llu %llu %ld " ,
2014-06-16 04:43:05 -04:00
getClientTypeName ( j ) ,
2012-01-24 04:43:30 -05:00
server . client_obuf_limits [ j ] . hard_limit_bytes ,
server . client_obuf_limits [ j ] . soft_limit_bytes ,
( long ) server . client_obuf_limits [ j ] . soft_limit_seconds ) ;
2015-07-28 10:58:04 -04:00
if ( j ! = CLIENT_TYPE_OBUF_COUNT - 1 )
2012-01-24 04:43:30 -05:00
buf = sdscatlen ( buf , " " , 1 ) ;
}
addReplyBulkCString ( c , " client-output-buffer-limit " ) ;
addReplyBulkCString ( c , buf ) ;
sdsfree ( buf ) ;
matches + + ;
}
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " unixsocketperm " , 1 ) ) {
2012-03-08 06:14:23 -05:00
char buf [ 32 ] ;
snprintf ( buf , sizeof ( buf ) , " %o " , server . unixsocketperm ) ;
addReplyBulkCString ( c , " unixsocketperm " ) ;
addReplyBulkCString ( c , buf ) ;
matches + + ;
}
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " slaveof " , 1 ) ) {
2012-03-08 06:14:23 -05:00
char buf [ 256 ] ;
addReplyBulkCString ( c , " slaveof " ) ;
if ( server . masterhost )
snprintf ( buf , sizeof ( buf ) , " %s %d " ,
server . masterhost , server . masterport ) ;
else
buf [ 0 ] = ' \0 ' ;
addReplyBulkCString ( c , buf ) ;
2012-03-07 12:02:26 -05:00
matches + + ;
}
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " notify-keyspace-events " , 1 ) ) {
2015-07-26 09:28:00 -04:00
robj * flagsobj = createObject ( OBJ_STRING ,
2013-01-25 07:19:08 -05:00
keyspaceEventsFlagsToString ( server . notify_keyspace_events ) ) ;
addReplyBulkCString ( c , " notify-keyspace-events " ) ;
addReplyBulk ( c , flagsobj ) ;
decrRefCount ( flagsobj ) ;
matches + + ;
}
2016-07-04 10:09:07 -04:00
if ( stringmatch ( pattern , " bind " , 1 ) ) {
2013-07-04 12:50:15 -04:00
sds aux = sdsjoin ( server . bindaddr , server . bindaddr_count , " " ) ;
addReplyBulkCString ( c , " bind " ) ;
addReplyBulkCString ( c , aux ) ;
sdsfree ( aux ) ;
matches + + ;
}
2010-08-30 10:02:06 -04:00
setDeferredMultiBulkLength ( c , replylen , matches * 2 ) ;
2010-06-21 18:07:48 -04:00
}
2013-05-09 18:15:18 -04:00
/*-----------------------------------------------------------------------------
* CONFIG REWRITE implementation
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
2013-11-19 11:58:11 -05:00
# define REDIS_CONFIG_REWRITE_SIGNATURE "# Generated by CONFIG REWRITE"
2013-05-09 18:15:18 -04:00
/* We use the following dictionary type to store where a configuration
* option is mentioned in the old configuration file , so it ' s
* like " maxmemory " - > list of line numbers ( first line is zero ) . */
2013-12-19 09:30:06 -05:00
unsigned int dictSdsCaseHash ( const void * key ) ;
int dictSdsKeyCaseCompare ( void * privdata , const void * key1 , const void * key2 ) ;
2013-05-09 18:15:18 -04:00
void dictSdsDestructor ( void * privdata , void * val ) ;
void dictListDestructor ( void * privdata , void * val ) ;
2013-11-19 03:48:12 -05:00
/* Sentinel config rewriting is implemented inside sentinel.c by
* rewriteConfigSentinelOption ( ) . */
void rewriteConfigSentinelOption ( struct rewriteConfigState * state ) ;
2013-05-09 18:15:18 -04:00
dictType optionToLineDictType = {
2013-12-19 09:25:45 -05:00
dictSdsCaseHash , /* hash function */
2013-05-09 18:15:18 -04:00
NULL , /* key dup */
NULL , /* val dup */
2013-12-19 09:25:45 -05:00
dictSdsKeyCaseCompare , /* key compare */
2013-05-09 18:15:18 -04:00
dictSdsDestructor , /* key destructor */
dictListDestructor /* val destructor */
} ;
2013-12-19 09:25:45 -05:00
dictType optionSetDictType = {
dictSdsCaseHash , /* hash function */
NULL , /* key dup */
NULL , /* val dup */
dictSdsKeyCaseCompare , /* key compare */
dictSdsDestructor , /* key destructor */
NULL /* val destructor */
} ;
2013-05-09 18:15:18 -04:00
/* The config rewrite state. */
struct rewriteConfigState {
dict * option_to_line ; /* Option -> list of config file lines map */
2013-12-19 09:25:45 -05:00
dict * rewritten ; /* Dictionary of already processed options */
2013-05-09 18:15:18 -04:00
int numlines ; /* Number of lines in current config */
sds * lines ; /* Current lines as an array of sds strings */
int has_tail ; /* True if we already added directives that were
not present in the original config file . */
} ;
/* Append the new line to the current configuration state. */
void rewriteConfigAppendLine ( struct rewriteConfigState * state , sds line ) {
state - > lines = zrealloc ( state - > lines , sizeof ( char * ) * ( state - > numlines + 1 ) ) ;
state - > lines [ state - > numlines + + ] = line ;
}
/* Populate the option -> list of line numbers map. */
void rewriteConfigAddLineNumberToOption ( struct rewriteConfigState * state , sds option , int linenum ) {
list * l = dictFetchValue ( state - > option_to_line , option ) ;
if ( l = = NULL ) {
l = listCreate ( ) ;
dictAdd ( state - > option_to_line , sdsdup ( option ) , l ) ;
}
listAddNodeTail ( l , ( void * ) ( long ) linenum ) ;
}
2013-12-19 09:25:45 -05:00
/* Add the specified option to the set of processed options.
* This is useful as only unused lines of processed options will be blanked
* in the config file , while options the rewrite process does not understand
* remain untouched . */
2015-03-11 11:59:56 -04:00
void rewriteConfigMarkAsProcessed ( struct rewriteConfigState * state , const char * option ) {
2013-12-19 09:25:45 -05:00
sds opt = sdsnew ( option ) ;
2013-12-19 09:30:06 -05:00
if ( dictAdd ( state - > rewritten , opt , NULL ) ! = DICT_OK ) sdsfree ( opt ) ;
2013-12-19 09:25:45 -05:00
}
2013-05-09 18:15:18 -04:00
/* Read the old file, split it into lines to populate a newly created
* config rewrite state , and return it to the caller .
*
* If it is impossible to read the old file , NULL is returned .
* If the old file does not exist at all , an empty state is returned . */
struct rewriteConfigState * rewriteConfigReadOldFile ( char * path ) {
FILE * fp = fopen ( path , " r " ) ;
struct rewriteConfigState * state = zmalloc ( sizeof ( * state ) ) ;
2015-07-27 03:41:48 -04:00
char buf [ CONFIG_MAX_LINE + 1 ] ;
2013-05-09 18:15:18 -04:00
int linenum = - 1 ;
if ( fp = = NULL & & errno ! = ENOENT ) return NULL ;
state - > option_to_line = dictCreate ( & optionToLineDictType , NULL ) ;
2013-12-19 09:25:45 -05:00
state - > rewritten = dictCreate ( & optionSetDictType , NULL ) ;
2013-05-09 18:15:18 -04:00
state - > numlines = 0 ;
state - > lines = NULL ;
state - > has_tail = 0 ;
if ( fp = = NULL ) return state ;
/* Read the old file line by line, populate the state. */
2015-07-27 03:41:48 -04:00
while ( fgets ( buf , CONFIG_MAX_LINE + 1 , fp ) ! = NULL ) {
2013-05-09 18:15:18 -04:00
int argc ;
sds * argv ;
sds line = sdstrim ( sdsnew ( buf ) , " \r \n \t " ) ;
linenum + + ; /* Zero based, so we init at -1 */
/* Handle comments and empty lines. */
if ( line [ 0 ] = = ' # ' | | line [ 0 ] = = ' \0 ' ) {
2013-11-19 11:58:11 -05:00
if ( ! state - > has_tail & & ! strcmp ( line , REDIS_CONFIG_REWRITE_SIGNATURE ) )
state - > has_tail = 1 ;
2013-05-09 18:15:18 -04:00
rewriteConfigAppendLine ( state , line ) ;
continue ;
}
/* Not a comment, split into arguments. */
argv = sdssplitargs ( line , & argc ) ;
if ( argv = = NULL ) {
/* Apparently the line is unparsable for some reason, for
* instance it may have unbalanced quotes . Load it as a
* comment . */
sds aux = sdsnew ( " # ??? " ) ;
aux = sdscatsds ( aux , line ) ;
sdsfree ( line ) ;
rewriteConfigAppendLine ( state , aux ) ;
continue ;
}
sdstolower ( argv [ 0 ] ) ; /* We only want lowercase config directives. */
/* Now we populate the state according to the content of this line.
* Append the line and populate the option - > line numbers map . */
rewriteConfigAppendLine ( state , line ) ;
rewriteConfigAddLineNumberToOption ( state , argv [ 0 ] , linenum ) ;
sdsfreesplitres ( argv , argc ) ;
}
fclose ( fp ) ;
return state ;
}
/* Rewrite the specified configuration option with the new "line".
* It progressively uses lines of the file that were already used for the same
2013-11-18 12:18:04 -05:00
* configuration option in the old version of the file , removing that line from
2013-05-09 18:15:18 -04:00
* the map of options - > line numbers .
*
* If there are lines associated with a given configuration option and
* " force " is non - zero , the line is appended to the configuration file .
* Usually " force " is true when an option has not its default value , so it
* must be rewritten even if not present previously .
2014-06-26 12:48:40 -04:00
*
2013-05-09 18:15:18 -04:00
* The first time a line is appended into a configuration file , a comment
* is added to show that starting from that point the config file was generated
* by CONFIG REWRITE .
*
* " line " is either used , or freed , so the caller does not need to free it
* in any way . */
2015-03-11 11:59:56 -04:00
void rewriteConfigRewriteLine ( struct rewriteConfigState * state , const char * option , sds line , int force ) {
2013-05-09 18:15:18 -04:00
sds o = sdsnew ( option ) ;
list * l = dictFetchValue ( state - > option_to_line , o ) ;
2013-12-19 09:25:45 -05:00
rewriteConfigMarkAsProcessed ( state , option ) ;
2013-05-09 18:15:18 -04:00
if ( ! l & & ! force ) {
/* Option not used previously, and we are not forced to use it. */
sdsfree ( line ) ;
sdsfree ( o ) ;
return ;
}
if ( l ) {
listNode * ln = listFirst ( l ) ;
int linenum = ( long ) ln - > value ;
/* There are still lines in the old configuration file we can reuse
* for this option . Replace the line with the new one . */
listDelNode ( l , ln ) ;
if ( listLength ( l ) = = 0 ) dictDelete ( state - > option_to_line , o ) ;
sdsfree ( state - > lines [ linenum ] ) ;
state - > lines [ linenum ] = line ;
} else {
/* Append a new line. */
if ( ! state - > has_tail ) {
rewriteConfigAppendLine ( state ,
2013-11-19 11:58:11 -05:00
sdsnew ( REDIS_CONFIG_REWRITE_SIGNATURE ) ) ;
2013-05-09 18:15:18 -04:00
state - > has_tail = 1 ;
}
rewriteConfigAppendLine ( state , line ) ;
}
sdsfree ( o ) ;
}
2013-05-15 05:33:02 -04:00
/* Write the long long 'bytes' value as a string in a way that is parsable
* inside redis . conf . If possible uses the GB , MB , KB notation . */
int rewriteConfigFormatMemory ( char * buf , size_t len , long long bytes ) {
int gb = 1024 * 1024 * 1024 ;
int mb = 1024 * 1024 ;
int kb = 1024 ;
if ( bytes & & ( bytes % gb ) = = 0 ) {
return snprintf ( buf , len , " %lldgb " , bytes / gb ) ;
} else if ( bytes & & ( bytes % mb ) = = 0 ) {
return snprintf ( buf , len , " %lldmb " , bytes / mb ) ;
} else if ( bytes & & ( bytes % kb ) = = 0 ) {
return snprintf ( buf , len , " %lldkb " , bytes / kb ) ;
} else {
return snprintf ( buf , len , " %lld " , bytes ) ;
}
}
2013-05-09 18:15:18 -04:00
/* Rewrite a simple "option-name <bytes>" configuration option. */
void rewriteConfigBytesOption ( struct rewriteConfigState * state , char * option , long long value , long long defvalue ) {
2013-05-15 05:33:02 -04:00
char buf [ 64 ] ;
2013-05-09 18:15:18 -04:00
int force = value ! = defvalue ;
2013-05-15 05:33:02 -04:00
sds line ;
2013-05-09 18:15:18 -04:00
2013-05-15 05:33:02 -04:00
rewriteConfigFormatMemory ( buf , sizeof ( buf ) , value ) ;
line = sdscatprintf ( sdsempty ( ) , " %s %s " , option , buf ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2013-05-14 05:17:18 -04:00
/* Rewrite a yes/no option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigYesNoOption ( struct rewriteConfigState * state , char * option , int value , int defvalue ) {
int force = value ! = defvalue ;
sds line = sdscatprintf ( sdsempty ( ) , " %s %s " , option ,
value ? " yes " : " no " ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2013-05-14 05:17:18 -04:00
/* Rewrite a string option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigStringOption ( struct rewriteConfigState * state , char * option , char * value , char * defvalue ) {
int force = 1 ;
sds line ;
/* String options set to NULL need to be not present at all in the
* configuration file to be set to NULL again at the next reboot . */
2013-12-19 09:25:45 -05:00
if ( value = = NULL ) {
rewriteConfigMarkAsProcessed ( state , option ) ;
return ;
}
2013-05-09 18:15:18 -04:00
2014-09-04 05:23:19 -04:00
/* Set force to zero if the value is set to its default. */
2013-05-09 18:15:18 -04:00
if ( defvalue & & strcmp ( value , defvalue ) = = 0 ) force = 0 ;
line = sdsnew ( option ) ;
line = sdscatlen ( line , " " , 1 ) ;
line = sdscatrepr ( line , value , strlen ( value ) ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2013-05-14 05:17:18 -04:00
/* Rewrite a numerical (long long range) option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigNumericalOption ( struct rewriteConfigState * state , char * option , long long value , long long defvalue ) {
int force = value ! = defvalue ;
sds line = sdscatprintf ( sdsempty ( ) , " %s %lld " , option , value ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2013-05-14 05:17:18 -04:00
/* Rewrite a octal option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigOctalOption ( struct rewriteConfigState * state , char * option , int value , int defvalue ) {
int force = value ! = defvalue ;
sds line = sdscatprintf ( sdsempty ( ) , " %s %o " , option , value ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2015-03-11 18:20:57 -04:00
/* Rewrite an enumeration option. It takes as usually state and option name,
* and in addition the enumeration array and the default value for the
* option . */
void rewriteConfigEnumOption ( struct rewriteConfigState * state , char * option , int value , configEnum * ce , int defval ) {
2013-05-09 18:15:18 -04:00
sds line ;
2015-03-11 18:20:57 -04:00
const char * name = configEnumGetNameOrUnknown ( ce , value ) ;
int force = value ! = defval ;
2014-06-26 12:48:40 -04:00
2015-03-11 18:20:57 -04:00
line = sdscatprintf ( sdsempty ( ) , " %s %s " , option , name ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2014-09-25 16:40:11 -04:00
/* Rewrite the syslog-facility option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigSyslogfacilityOption ( struct rewriteConfigState * state ) {
2015-03-11 11:59:56 -04:00
int value = server . syslog_facility ;
2013-05-13 05:11:35 -04:00
int force = value ! = LOG_LOCAL0 ;
2015-03-11 11:59:56 -04:00
const char * name = NULL , * option = " syslog-facility " ;
2013-05-13 05:11:35 -04:00
sds line ;
2015-03-11 11:59:56 -04:00
name = configEnumGetNameOrUnknown ( syslog_facility_enum , value ) ;
2013-05-13 05:11:35 -04:00
line = sdscatprintf ( sdsempty ( ) , " %s %s " , option , name ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
2013-05-09 18:15:18 -04:00
}
2013-05-14 05:17:18 -04:00
/* Rewrite the save option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigSaveOption ( struct rewriteConfigState * state ) {
2013-05-13 05:11:35 -04:00
int j ;
sds line ;
/* Note that if there are no save parameters at all, all the current
* config line with " save " will be detected as orphaned and deleted ,
* resulting into no RDB persistence as expected . */
for ( j = 0 ; j < server . saveparamslen ; j + + ) {
line = sdscatprintf ( sdsempty ( ) , " save %ld %d " ,
2014-03-05 05:26:14 -05:00
( long ) server . saveparams [ j ] . seconds , server . saveparams [ j ] . changes ) ;
2013-05-13 05:11:35 -04:00
rewriteConfigRewriteLine ( state , " save " , line , 1 ) ;
}
2013-12-23 06:48:39 -05:00
/* Mark "save" as processed in case server.saveparamslen is zero. */
rewriteConfigMarkAsProcessed ( state , " save " ) ;
2013-05-09 18:15:18 -04:00
}
2013-05-14 05:17:18 -04:00
/* Rewrite the dir option, always using absolute paths.*/
2013-05-09 18:15:18 -04:00
void rewriteConfigDirOption ( struct rewriteConfigState * state ) {
2013-05-13 05:26:43 -04:00
char cwd [ 1024 ] ;
2013-12-19 09:25:45 -05:00
if ( getcwd ( cwd , sizeof ( cwd ) ) = = NULL ) {
rewriteConfigMarkAsProcessed ( state , " dir " ) ;
return ; /* no rewrite on error. */
}
2013-05-13 05:26:43 -04:00
rewriteConfigStringOption ( state , " dir " , cwd , NULL ) ;
2013-05-09 18:15:18 -04:00
}
2013-05-14 05:17:18 -04:00
/* Rewrite the slaveof option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigSlaveofOption ( struct rewriteConfigState * state ) {
2013-05-13 12:34:18 -04:00
char * option = " slaveof " ;
2013-05-13 05:26:43 -04:00
sds line ;
/* If this is a master, we want all the slaveof config options
2014-01-20 05:10:42 -05:00
* in the file to be removed . Note that if this is a cluster instance
* we don ' t want a slaveof directive inside redis . conf . */
if ( server . cluster_enabled | | server . masterhost = = NULL ) {
2013-12-19 09:25:45 -05:00
rewriteConfigMarkAsProcessed ( state , " slaveof " ) ;
return ;
}
2013-05-13 12:34:18 -04:00
line = sdscatprintf ( sdsempty ( ) , " %s %s %d " , option ,
2013-05-13 05:26:43 -04:00
server . masterhost , server . masterport ) ;
2013-05-13 12:34:18 -04:00
rewriteConfigRewriteLine ( state , option , line , 1 ) ;
2013-05-09 18:15:18 -04:00
}
2013-05-14 05:17:18 -04:00
/* Rewrite the notify-keyspace-events option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigNotifykeyspaceeventsOption ( struct rewriteConfigState * state ) {
2013-05-13 12:34:18 -04:00
int force = server . notify_keyspace_events ! = 0 ;
char * option = " notify-keyspace-events " ;
sds line , flags ;
flags = keyspaceEventsFlagsToString ( server . notify_keyspace_events ) ;
2013-05-15 05:15:18 -04:00
line = sdsnew ( option ) ;
line = sdscatlen ( line , " " , 1 ) ;
line = sdscatrepr ( line , flags , sdslen ( flags ) ) ;
2013-05-13 12:34:18 -04:00
sdsfree ( flags ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
2013-05-09 18:15:18 -04:00
}
2013-05-14 05:17:18 -04:00
/* Rewrite the client-output-buffer-limit option. */
2013-05-09 18:15:18 -04:00
void rewriteConfigClientoutputbufferlimitOption ( struct rewriteConfigState * state ) {
2013-05-13 12:34:18 -04:00
int j ;
char * option = " client-output-buffer-limit " ;
2015-07-28 10:58:04 -04:00
for ( j = 0 ; j < CLIENT_TYPE_OBUF_COUNT ; j + + ) {
2013-05-13 12:34:18 -04:00
int force = ( server . client_obuf_limits [ j ] . hard_limit_bytes ! =
clientBufferLimitsDefaults [ j ] . hard_limit_bytes ) | |
( server . client_obuf_limits [ j ] . soft_limit_bytes ! =
clientBufferLimitsDefaults [ j ] . soft_limit_bytes ) | |
( server . client_obuf_limits [ j ] . soft_limit_seconds ! =
clientBufferLimitsDefaults [ j ] . soft_limit_seconds ) ;
sds line ;
2013-05-15 05:33:02 -04:00
char hard [ 64 ] , soft [ 64 ] ;
rewriteConfigFormatMemory ( hard , sizeof ( hard ) ,
server . client_obuf_limits [ j ] . hard_limit_bytes ) ;
rewriteConfigFormatMemory ( soft , sizeof ( soft ) ,
server . client_obuf_limits [ j ] . soft_limit_bytes ) ;
2013-05-13 12:34:18 -04:00
2013-05-15 05:33:02 -04:00
line = sdscatprintf ( sdsempty ( ) , " %s %s %s %s %ld " ,
2014-06-16 04:43:05 -04:00
option , getClientTypeName ( j ) , hard , soft ,
2013-05-13 12:34:18 -04:00
( long ) server . client_obuf_limits [ j ] . soft_limit_seconds ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2013-05-09 18:15:18 -04:00
}
2013-07-04 12:50:15 -04:00
/* Rewrite the bind option. */
void rewriteConfigBindOption ( struct rewriteConfigState * state ) {
int force = 1 ;
sds line , addresses ;
char * option = " bind " ;
/* Nothing to rewrite if we don't have bind addresses. */
2013-12-19 09:25:45 -05:00
if ( server . bindaddr_count = = 0 ) {
rewriteConfigMarkAsProcessed ( state , option ) ;
return ;
}
2013-07-04 12:50:15 -04:00
/* Rewrite as bind <addr1> <addr2> ... <addrN> */
addresses = sdsjoin ( server . bindaddr , server . bindaddr_count , " " ) ;
line = sdsnew ( option ) ;
line = sdscatlen ( line , " " , 1 ) ;
line = sdscatsds ( line , addresses ) ;
sdsfree ( addresses ) ;
rewriteConfigRewriteLine ( state , option , line , force ) ;
}
2013-05-14 04:22:55 -04:00
/* Glue together the configuration lines in the current configuration
* rewrite state into a single string , stripping multiple empty lines . */
2013-05-09 18:15:18 -04:00
sds rewriteConfigGetContentFromState ( struct rewriteConfigState * state ) {
sds content = sdsempty ( ) ;
2013-05-14 04:22:55 -04:00
int j , was_empty = 0 ;
2013-05-09 18:15:18 -04:00
for ( j = 0 ; j < state - > numlines ; j + + ) {
2013-05-14 04:22:55 -04:00
/* Every cluster of empty lines is turned into a single empty line. */
if ( sdslen ( state - > lines [ j ] ) = = 0 ) {
if ( was_empty ) continue ;
was_empty = 1 ;
} else {
was_empty = 0 ;
}
2013-05-09 18:15:18 -04:00
content = sdscatsds ( content , state - > lines [ j ] ) ;
content = sdscatlen ( content , " \n " , 1 ) ;
}
return content ;
}
2013-05-14 05:17:18 -04:00
/* Free the configuration rewrite state. */
2013-05-09 18:15:18 -04:00
void rewriteConfigReleaseState ( struct rewriteConfigState * state ) {
sdsfreesplitres ( state - > lines , state - > numlines ) ;
dictRelease ( state - > option_to_line ) ;
2013-12-19 09:25:45 -05:00
dictRelease ( state - > rewritten ) ;
2013-05-09 18:15:18 -04:00
zfree ( state ) ;
}
2013-05-14 05:17:18 -04:00
/* At the end of the rewrite process the state contains the remaining
* map between " option name " = > " lines in the original config file " .
* Lines used by the rewrite process were removed by the function
* rewriteConfigRewriteLine ( ) , all the other lines are " orphaned " and
* should be replaced by empty lines .
*
* This function does just this , iterating all the option names and
2013-12-19 09:55:25 -05:00
* blanking all the lines still associated . */
2013-05-14 05:17:18 -04:00
void rewriteConfigRemoveOrphaned ( struct rewriteConfigState * state ) {
dictIterator * di = dictGetIterator ( state - > option_to_line ) ;
dictEntry * de ;
while ( ( de = dictNext ( di ) ) ! = NULL ) {
list * l = dictGetVal ( de ) ;
2013-12-19 09:25:45 -05:00
sds option = dictGetKey ( de ) ;
/* Don't blank lines about options the rewrite process
* don ' t understand . */
2013-12-23 06:48:39 -05:00
if ( dictFind ( state - > rewritten , option ) = = NULL ) {
2015-07-27 03:41:48 -04:00
serverLog ( LL_DEBUG , " Not rewritten option: %s " , option ) ;
2013-12-19 09:25:45 -05:00
continue ;
}
2013-05-14 05:17:18 -04:00
while ( listLength ( l ) ) {
listNode * ln = listFirst ( l ) ;
int linenum = ( long ) ln - > value ;
sdsfree ( state - > lines [ linenum ] ) ;
state - > lines [ linenum ] = sdsempty ( ) ;
listDelNode ( l , ln ) ;
}
}
dictReleaseIterator ( di ) ;
}
2013-05-14 06:32:25 -04:00
/* This function overwrites the old configuration file with the new content.
*
* 1 ) The old file length is obtained .
* 2 ) If the new content is smaller , padding is added .
* 3 ) A single write ( 2 ) call is used to replace the content of the file .
* 4 ) Later the file is truncated to the length of the new content .
*
* This way we are sure the file is left in a consistent state even if the
* process is stopped between any of the four operations .
*
* The function returns 0 on success , otherwise - 1 is returned and errno
* set accordingly . */
int rewriteConfigOverwriteFile ( char * configfile , sds content ) {
int retval = 0 ;
2013-05-14 06:45:04 -04:00
int fd = open ( configfile , O_RDWR | O_CREAT , 0644 ) ;
2013-05-14 06:32:25 -04:00
int content_size = sdslen ( content ) , padding = 0 ;
struct stat sb ;
sds content_padded ;
/* 1) Open the old file (or create a new one if it does not
* exist ) , get the size . */
if ( fd = = - 1 ) return - 1 ; /* errno set by open(). */
if ( fstat ( fd , & sb ) = = - 1 ) {
close ( fd ) ;
return - 1 ; /* errno set by fstat(). */
}
/* 2) Pad the content at least match the old file size. */
content_padded = sdsdup ( content ) ;
if ( content_size < sb . st_size ) {
/* If the old file was bigger, pad the content with
* a newline plus as many " # " chars as required . */
padding = sb . st_size - content_size ;
content_padded = sdsgrowzero ( content_padded , sb . st_size ) ;
content_padded [ content_size ] = ' \n ' ;
memset ( content_padded + content_size + 1 , ' # ' , padding - 1 ) ;
}
/* 3) Write the new content using a single write(2). */
if ( write ( fd , content_padded , strlen ( content_padded ) ) = = - 1 ) {
retval = - 1 ;
goto cleanup ;
}
/* 4) Truncate the file to the right length if we used padding. */
if ( padding ) {
if ( ftruncate ( fd , content_size ) = = - 1 ) {
/* Non critical error... */
}
}
cleanup :
sdsfree ( content_padded ) ;
close ( fd ) ;
return retval ;
}
2013-05-09 18:15:18 -04:00
/* Rewrite the configuration file at "path".
* If the configuration file already exists , we try at best to retain comments
* and overall structure .
*
* Configuration parameters that are at their default value , unless already
* explicitly included in the old configuration file , are not rewritten .
*
* On error - 1 is returned and errno is set accordingly , otherwise 0. */
int rewriteConfig ( char * path ) {
struct rewriteConfigState * state ;
sds newcontent ;
2013-05-14 06:32:25 -04:00
int retval ;
2013-05-09 18:15:18 -04:00
/* Step 1: read the old config into our rewrite state. */
if ( ( state = rewriteConfigReadOldFile ( path ) ) = = NULL ) return - 1 ;
/* Step 2: rewrite every single option, replacing or appending it inside
* the rewrite state . */
rewriteConfigYesNoOption ( state , " daemonize " , server . daemonize , 0 ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigStringOption ( state , " pidfile " , server . pidfile , CONFIG_DEFAULT_PID_FILE ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigNumericalOption ( state , " port " , server . port , CONFIG_DEFAULT_SERVER_PORT ) ;
2016-01-21 10:57:35 -05:00
rewriteConfigNumericalOption ( state , " cluster-announce-port " , server . cluster_announce_port , CONFIG_DEFAULT_CLUSTER_ANNOUNCE_PORT ) ;
rewriteConfigNumericalOption ( state , " cluster-announce-bus-port " , server . cluster_announce_bus_port , CONFIG_DEFAULT_CLUSTER_ANNOUNCE_BUS_PORT ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigNumericalOption ( state , " tcp-backlog " , server . tcp_backlog , CONFIG_DEFAULT_TCP_BACKLOG ) ;
2013-07-04 12:50:15 -04:00
rewriteConfigBindOption ( state ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigStringOption ( state , " unixsocket " , server . unixsocket , NULL ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigOctalOption ( state , " unixsocketperm " , server . unixsocketperm , CONFIG_DEFAULT_UNIX_SOCKET_PERM ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigNumericalOption ( state , " timeout " , server . maxidletime , CONFIG_DEFAULT_CLIENT_TIMEOUT ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigNumericalOption ( state , " tcp-keepalive " , server . tcpkeepalive , CONFIG_DEFAULT_TCP_KEEPALIVE ) ;
2016-07-27 10:41:20 -04:00
rewriteConfigNumericalOption ( state , " slave-announce-port " , server . slave_announce_port , CONFIG_DEFAULT_SLAVE_ANNOUNCE_PORT ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigEnumOption ( state , " loglevel " , server . verbosity , loglevel_enum , CONFIG_DEFAULT_VERBOSITY ) ;
rewriteConfigStringOption ( state , " logfile " , server . logfile , CONFIG_DEFAULT_LOGFILE ) ;
rewriteConfigYesNoOption ( state , " syslog-enabled " , server . syslog_enabled , CONFIG_DEFAULT_SYSLOG_ENABLED ) ;
rewriteConfigStringOption ( state , " syslog-ident " , server . syslog_ident , CONFIG_DEFAULT_SYSLOG_IDENT ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigSyslogfacilityOption ( state ) ;
rewriteConfigSaveOption ( state ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigNumericalOption ( state , " databases " , server . dbnum , CONFIG_DEFAULT_DBNUM ) ;
rewriteConfigYesNoOption ( state , " stop-writes-on-bgsave-error " , server . stop_writes_on_bgsave_err , CONFIG_DEFAULT_STOP_WRITES_ON_BGSAVE_ERROR ) ;
rewriteConfigYesNoOption ( state , " rdbcompression " , server . rdb_compression , CONFIG_DEFAULT_RDB_COMPRESSION ) ;
rewriteConfigYesNoOption ( state , " rdbchecksum " , server . rdb_checksum , CONFIG_DEFAULT_RDB_CHECKSUM ) ;
rewriteConfigStringOption ( state , " dbfilename " , server . rdb_filename , CONFIG_DEFAULT_RDB_FILENAME ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigDirOption ( state ) ;
rewriteConfigSlaveofOption ( state ) ;
2016-07-27 10:41:20 -04:00
rewriteConfigStringOption ( state , " slave-announce-ip " , server . slave_announce_ip , CONFIG_DEFAULT_SLAVE_ANNOUNCE_IP ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigStringOption ( state , " masterauth " , server . masterauth , NULL ) ;
2016-01-19 09:05:52 -05:00
rewriteConfigStringOption ( state , " cluster-announce-ip " , server . cluster_announce_ip , NULL ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigYesNoOption ( state , " slave-serve-stale-data " , server . repl_serve_stale_data , CONFIG_DEFAULT_SLAVE_SERVE_STALE_DATA ) ;
rewriteConfigYesNoOption ( state , " slave-read-only " , server . repl_slave_ro , CONFIG_DEFAULT_SLAVE_READ_ONLY ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigNumericalOption ( state , " repl-ping-slave-period " , server . repl_ping_slave_period , CONFIG_DEFAULT_REPL_PING_SLAVE_PERIOD ) ;
rewriteConfigNumericalOption ( state , " repl-timeout " , server . repl_timeout , CONFIG_DEFAULT_REPL_TIMEOUT ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigBytesOption ( state , " repl-backlog-size " , server . repl_backlog_size , CONFIG_DEFAULT_REPL_BACKLOG_SIZE ) ;
rewriteConfigBytesOption ( state , " repl-backlog-ttl " , server . repl_backlog_time_limit , CONFIG_DEFAULT_REPL_BACKLOG_TIME_LIMIT ) ;
rewriteConfigYesNoOption ( state , " repl-disable-tcp-nodelay " , server . repl_disable_tcp_nodelay , CONFIG_DEFAULT_REPL_DISABLE_TCP_NODELAY ) ;
rewriteConfigYesNoOption ( state , " repl-diskless-sync " , server . repl_diskless_sync , CONFIG_DEFAULT_REPL_DISKLESS_SYNC ) ;
rewriteConfigNumericalOption ( state , " repl-diskless-sync-delay " , server . repl_diskless_sync_delay , CONFIG_DEFAULT_REPL_DISKLESS_SYNC_DELAY ) ;
rewriteConfigNumericalOption ( state , " slave-priority " , server . slave_priority , CONFIG_DEFAULT_SLAVE_PRIORITY ) ;
rewriteConfigNumericalOption ( state , " min-slaves-to-write " , server . repl_min_slaves_to_write , CONFIG_DEFAULT_MIN_SLAVES_TO_WRITE ) ;
rewriteConfigNumericalOption ( state , " min-slaves-max-lag " , server . repl_min_slaves_max_lag , CONFIG_DEFAULT_MIN_SLAVES_MAX_LAG ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigStringOption ( state , " requirepass " , server . requirepass , NULL ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigNumericalOption ( state , " maxclients " , server . maxclients , CONFIG_DEFAULT_MAX_CLIENTS ) ;
rewriteConfigBytesOption ( state , " maxmemory " , server . maxmemory , CONFIG_DEFAULT_MAXMEMORY ) ;
rewriteConfigEnumOption ( state , " maxmemory-policy " , server . maxmemory_policy , maxmemory_policy_enum , CONFIG_DEFAULT_MAXMEMORY_POLICY ) ;
rewriteConfigNumericalOption ( state , " maxmemory-samples " , server . maxmemory_samples , CONFIG_DEFAULT_MAXMEMORY_SAMPLES ) ;
2016-12-29 20:37:52 -05:00
rewriteConfigNumericalOption ( state , " active-defrag-threshold-lower " , server . active_defrag_threshold_lower , CONFIG_DEFAULT_DEFRAG_THRESHOLD_LOWER ) ;
rewriteConfigNumericalOption ( state , " active-defrag-threshold-upper " , server . active_defrag_threshold_upper , CONFIG_DEFAULT_DEFRAG_THRESHOLD_UPPER ) ;
rewriteConfigBytesOption ( state , " active-defrag-ignore-bytes " , server . active_defrag_ignore_bytes , CONFIG_DEFAULT_DEFRAG_IGNORE_BYTES ) ;
rewriteConfigNumericalOption ( state , " active-defrag-cycle-min " , server . active_defrag_cycle_min , CONFIG_DEFAULT_DEFRAG_CYCLE_MIN ) ;
rewriteConfigNumericalOption ( state , " active-defrag-cycle-max " , server . active_defrag_cycle_max , CONFIG_DEFAULT_DEFRAG_CYCLE_MAX ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigYesNoOption ( state , " appendonly " , server . aof_state ! = AOF_OFF , 0 ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigStringOption ( state , " appendfilename " , server . aof_filename , CONFIG_DEFAULT_AOF_FILENAME ) ;
rewriteConfigEnumOption ( state , " appendfsync " , server . aof_fsync , aof_fsync_enum , CONFIG_DEFAULT_AOF_FSYNC ) ;
rewriteConfigYesNoOption ( state , " no-appendfsync-on-rewrite " , server . aof_no_fsync_on_rewrite , CONFIG_DEFAULT_AOF_NO_FSYNC_ON_REWRITE ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigNumericalOption ( state , " auto-aof-rewrite-percentage " , server . aof_rewrite_perc , AOF_REWRITE_PERC ) ;
rewriteConfigBytesOption ( state , " auto-aof-rewrite-min-size " , server . aof_rewrite_min_size , AOF_REWRITE_MIN_SIZE ) ;
rewriteConfigNumericalOption ( state , " lua-time-limit " , server . lua_time_limit , LUA_SCRIPT_TIME_LIMIT ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigYesNoOption ( state , " cluster-enabled " , server . cluster_enabled , 0 ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigStringOption ( state , " cluster-config-file " , server . cluster_configfile , CONFIG_DEFAULT_CLUSTER_CONFIG_FILE ) ;
2015-07-27 08:55:45 -04:00
rewriteConfigYesNoOption ( state , " cluster-require-full-coverage " , server . cluster_require_full_coverage , CLUSTER_DEFAULT_REQUIRE_FULL_COVERAGE ) ;
rewriteConfigNumericalOption ( state , " cluster-node-timeout " , server . cluster_node_timeout , CLUSTER_DEFAULT_NODE_TIMEOUT ) ;
rewriteConfigNumericalOption ( state , " cluster-migration-barrier " , server . cluster_migration_barrier , CLUSTER_DEFAULT_MIGRATION_BARRIER ) ;
rewriteConfigNumericalOption ( state , " cluster-slave-validity-factor " , server . cluster_slave_validity_factor , CLUSTER_DEFAULT_SLAVE_VALIDITY ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigNumericalOption ( state , " slowlog-log-slower-than " , server . slowlog_log_slower_than , CONFIG_DEFAULT_SLOWLOG_LOG_SLOWER_THAN ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigNumericalOption ( state , " latency-monitor-threshold " , server . latency_monitor_threshold , CONFIG_DEFAULT_LATENCY_MONITOR_THRESHOLD ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigNumericalOption ( state , " slowlog-max-len " , server . slowlog_max_len , CONFIG_DEFAULT_SLOWLOG_MAX_LEN ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigNotifykeyspaceeventsOption ( state ) ;
2015-07-26 09:28:00 -04:00
rewriteConfigNumericalOption ( state , " hash-max-ziplist-entries " , server . hash_max_ziplist_entries , OBJ_HASH_MAX_ZIPLIST_ENTRIES ) ;
rewriteConfigNumericalOption ( state , " hash-max-ziplist-value " , server . hash_max_ziplist_value , OBJ_HASH_MAX_ZIPLIST_VALUE ) ;
rewriteConfigNumericalOption ( state , " list-max-ziplist-size " , server . list_max_ziplist_size , OBJ_LIST_MAX_ZIPLIST_SIZE ) ;
rewriteConfigNumericalOption ( state , " list-compress-depth " , server . list_compress_depth , OBJ_LIST_COMPRESS_DEPTH ) ;
rewriteConfigNumericalOption ( state , " set-max-intset-entries " , server . set_max_intset_entries , OBJ_SET_MAX_INTSET_ENTRIES ) ;
rewriteConfigNumericalOption ( state , " zset-max-ziplist-entries " , server . zset_max_ziplist_entries , OBJ_ZSET_MAX_ZIPLIST_ENTRIES ) ;
rewriteConfigNumericalOption ( state , " zset-max-ziplist-value " , server . zset_max_ziplist_value , OBJ_ZSET_MAX_ZIPLIST_VALUE ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigNumericalOption ( state , " hll-sparse-max-bytes " , server . hll_sparse_max_bytes , CONFIG_DEFAULT_HLL_SPARSE_MAX_BYTES ) ;
rewriteConfigYesNoOption ( state , " activerehashing " , server . activerehashing , CONFIG_DEFAULT_ACTIVE_REHASHING ) ;
2016-12-29 20:37:52 -05:00
rewriteConfigYesNoOption ( state , " activedefrag " , server . active_defrag_enabled , CONFIG_DEFAULT_ACTIVE_DEFRAG ) ;
New security feature: Redis protected mode.
An exposed Redis instance on the internet can be cause of serious
issues. Since Redis, by default, binds to all the interfaces, it is easy
to forget an instance without any protection layer, for error.
Protected mode try to address this feature in a soft way, providing a
layer of protection, but giving clues to Redis users about why the
server is not accepting connections.
When protected mode is enabeld (the default), and if there are no
minumum hints about the fact the server is properly configured (no
"bind" directive is used in order to restrict the server to certain
interfaces, nor a password is set), clients connecting from external
intefaces are refused with an error explaining what to do in order to
fix the issue.
Clients connecting from the IPv4 and IPv6 lookback interfaces are still
accepted normally, similarly Unix domain socket connections are not
restricted in any way.
2016-01-07 07:00:08 -05:00
rewriteConfigYesNoOption ( state , " protected-mode " , server . protected_mode , CONFIG_DEFAULT_PROTECTED_MODE ) ;
2013-05-09 18:15:18 -04:00
rewriteConfigClientoutputbufferlimitOption ( state ) ;
2015-07-26 09:14:57 -04:00
rewriteConfigNumericalOption ( state , " hz " , server . hz , CONFIG_DEFAULT_HZ ) ;
rewriteConfigYesNoOption ( state , " aof-rewrite-incremental-fsync " , server . aof_rewrite_incremental_fsync , CONFIG_DEFAULT_AOF_REWRITE_INCREMENTAL_FSYNC ) ;
rewriteConfigYesNoOption ( state , " aof-load-truncated " , server . aof_load_truncated , CONFIG_DEFAULT_AOF_LOAD_TRUNCATED ) ;
2016-08-09 10:41:40 -04:00
rewriteConfigYesNoOption ( state , " aof-use-rdb-preamble " , server . aof_use_rdb_preamble , CONFIG_DEFAULT_AOF_USE_RDB_PREAMBLE ) ;
2015-07-27 03:41:48 -04:00
rewriteConfigEnumOption ( state , " supervised " , server . supervised_mode , supervised_mode_enum , SUPERVISED_NONE ) ;
2015-10-05 06:11:27 -04:00
rewriteConfigYesNoOption ( state , " lazyfree-lazy-eviction " , server . lazyfree_lazy_eviction , CONFIG_DEFAULT_LAZYFREE_LAZY_EVICTION ) ;
rewriteConfigYesNoOption ( state , " lazyfree-lazy-expire " , server . lazyfree_lazy_expire , CONFIG_DEFAULT_LAZYFREE_LAZY_EXPIRE ) ;
rewriteConfigYesNoOption ( state , " lazyfree-lazy-server-del " , server . lazyfree_lazy_server_del , CONFIG_DEFAULT_LAZYFREE_LAZY_SERVER_DEL ) ;
rewriteConfigYesNoOption ( state , " slave-lazy-flush " , server . repl_slave_lazy_flush , CONFIG_DEFAULT_SLAVE_LAZY_FLUSH ) ;
2015-03-11 18:20:57 -04:00
/* Rewrite Sentinel config if in Sentinel mode. */
2013-11-19 03:48:12 -05:00
if ( server . sentinel_mode ) rewriteConfigSentinelOption ( state ) ;
2013-05-09 18:15:18 -04:00
/* Step 3: remove all the orphaned lines in the old file, that is, lines
* that were used by a config option and are no longer used , like in case
* of multiple " save " options or duplicated options . */
2013-05-14 05:17:18 -04:00
rewriteConfigRemoveOrphaned ( state ) ;
2013-05-09 18:15:18 -04:00
/* Step 4: generate a new configuration file from the modified state
* and write it into the original file . */
newcontent = rewriteConfigGetContentFromState ( state ) ;
2013-05-14 06:32:25 -04:00
retval = rewriteConfigOverwriteFile ( server . configfile , newcontent ) ;
2013-05-09 18:15:18 -04:00
sdsfree ( newcontent ) ;
rewriteConfigReleaseState ( state ) ;
2013-05-14 06:32:25 -04:00
return retval ;
2013-05-09 18:15:18 -04:00
}
/*-----------------------------------------------------------------------------
* CONFIG command entry point
* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */
2015-07-26 09:20:46 -04:00
void configCommand ( client * c ) {
2016-05-04 09:45:38 -04:00
/* Only allow CONFIG GET while loading. */
if ( server . loading & & strcasecmp ( c - > argv [ 1 ] - > ptr , " get " ) ) {
addReplyError ( c , " Only CONFIG GET is allowed during loading " ) ;
return ;
}
2010-06-21 18:07:48 -04:00
if ( ! strcasecmp ( c - > argv [ 1 ] - > ptr , " set " ) ) {
if ( c - > argc ! = 4 ) goto badarity ;
configSetCommand ( c ) ;
} else if ( ! strcasecmp ( c - > argv [ 1 ] - > ptr , " get " ) ) {
if ( c - > argc ! = 3 ) goto badarity ;
configGetCommand ( c ) ;
} else if ( ! strcasecmp ( c - > argv [ 1 ] - > ptr , " resetstat " ) ) {
if ( c - > argc ! = 2 ) goto badarity ;
2014-03-19 07:55:49 -04:00
resetServerStats ( ) ;
2011-01-24 04:56:06 -05:00
resetCommandTableStats ( ) ;
2010-06-21 18:07:48 -04:00
addReply ( c , shared . ok ) ;
2013-05-09 18:15:18 -04:00
} else if ( ! strcasecmp ( c - > argv [ 1 ] - > ptr , " rewrite " ) ) {
if ( c - > argc ! = 2 ) goto badarity ;
if ( server . configfile = = NULL ) {
addReplyError ( c , " The server is running without a config file " ) ;
return ;
}
if ( rewriteConfig ( server . configfile ) = = - 1 ) {
2015-07-27 03:41:48 -04:00
serverLog ( LL_WARNING , " CONFIG REWRITE failed: %s " , strerror ( errno ) ) ;
2013-05-09 18:15:18 -04:00
addReplyErrorFormat ( c , " Rewriting config file: %s " , strerror ( errno ) ) ;
} else {
2015-07-27 03:41:48 -04:00
serverLog ( LL_WARNING , " CONFIG REWRITE executed with success. " ) ;
2013-05-09 18:15:18 -04:00
addReply ( c , shared . ok ) ;
}
2010-06-21 18:07:48 -04:00
} else {
2010-09-02 13:52:24 -04:00
addReplyError ( c ,
2013-09-30 05:53:18 -04:00
" CONFIG subcommand must be one of GET, SET, RESETSTAT, REWRITE " ) ;
2010-06-21 18:07:48 -04:00
}
return ;
badarity :
2010-09-02 13:52:24 -04:00
addReplyErrorFormat ( c , " Wrong number of arguments for CONFIG %s " ,
( char * ) c - > argv [ 1 ] - > ptr ) ;
2010-06-21 18:07:48 -04:00
}
