Commit Graph

24 Commits

Author SHA1 Message Date
Harkrishn Patro
7a3d1487e4
ACL channels permission handling for save/load scenario. (#8794)
In the initial release of Redis 6.2 setting a user to only allow pubsub access to
a specific channel, and doing ACL SAVE, resulted in an assertion when
ACL LOAD was used. This was later changed by #8723 (not yet released),
but still not properly resolved (now it errors instead of crash).

The problem is that the server that generates an ACL file, doesn't know what
would be the setting of the acl-pubsub-default config in the server that will load it.
so ACL SAVE needs to always start with resetchannels directive.

This should still be compatible with old acl files (from redis 6.0), and ones from earlier
versions of 6.2 that didn't mess with channels.

Co-authored-by: Harkrishn Patro <harkrisp@amazon.com>
Co-authored-by: Oran Agra <oran@redislabs.com>
2021-04-19 13:27:44 +03:00
Huang Zhw
3b74b55084
Fix "default" and overwritten / reset users will not have pubsub channels permissions by default. (#8723)
Background:
Redis 6.2 added ACL control for pubsub channels (#7993), which were supposed
to be permissive by default to retain compatibility with redis 6.0 ACL. 
But due to a bug, only newly created users got this `acl-pubsub-default` applied,
while overwritten (updated) users got reset to `resetchannels` (denied).

Since the "default" user exists before loading the config file,
any ACL change to it, results in an update / overwrite.

So when a "default" user is loaded from config file or include ACL
file with no channels related rules, the user will not have any
permissions to any channels. But other users will have default
permissions to any channels.

When upgraded from 6.0 with config rewrite, this will lead to
"default" user channels permissions lost.
When users are loaded from include file, then call "acl load", users
will also lost channels permissions.

Similarly, the `reset` ACL rule, would have reset the user to be denied
access to any channels, ignoring `acl-pubsub-default` and breaking
compatibility with redis 6.0.

The implication of this fix is that it regains compatibility with redis 6.0,
but breaks compatibility with redis 6.2.0 and 2.0.1. e.g. after the upgrade,
the default user will regain access to pubsub channels.

Other changes:
Additionally this commit rename server.acl_pubusub_default to
server.acl_pubsub_default and fix typo in acl tests.
2021-04-05 23:13:20 +03:00
Oran Agra
ca1c182567 Sanitize dump payload: ziplist, listpack, zipmap, intset, stream
When loading an encoded payload we will at least do a shallow validation to
check that the size that's encoded in the payload matches the size of the
allocation.
This let's us later use this encoded size to make sure the various offsets
inside encoded payload don't reach outside the allocation, if they do, we'll
assert/panic, but at least we won't segfault or smear memory.

We can also do 'deep' validation which runs on all the records of the encoded
payload and validates that they don't contain invalid offsets. This lets us
detect corruptions early and reject a RESTORE command rather than accepting
it and asserting (crashing) later when accessing that payload via some command.

configuration:
- adding ACL flag skip-sanitize-payload
- adding config sanitize-dump-payload [yes/no/clients]

For now, we don't have a good way to ensure MIGRATE in cluster resharding isn't
being slowed down by these sanitation, so i'm setting the default value to `no`,
but later on it should be set to `clients` by default.

changes:
- changing rdbReportError not to `exit` in RESTORE command
- adding a new stat to be able to later check if cluster MIGRATE isn't being
  slowed down by sanitation.
2020-12-06 14:54:34 +02:00
杨博东
0666267d27
Tests: Add aclfile load and save tests (#7765)
improves test coverage
2020-09-09 17:13:35 +03:00
Yossi Gottlieb
818a746e32
Fix default/explicit "save" parameter loading. (#7767)
Save parameters should either be default or whatever specified in the
config file. This fixes an issue introduced in #7092 which causes
configuration file settings to be applied on top of the defaults.
2020-09-09 15:12:57 +03:00
antirez
8444b46d20 Fix test "server is up" detection after logging changes. 2016-12-19 16:49:58 +01:00
antirez
79d2f70f5c Test: enable latency monitor in the default config.
This way as a side effect of running the test we also stress the latency
monitor data collection.
2014-07-10 15:04:34 +02:00
Marc-Antoine Perennou
edd7eb9b7d test-server: only listen to 127.0.0.1
Signed-off-by: Marc-Antoine Perennou <Marc-Antoine@Perennou.com>
2013-06-12 22:49:32 +02:00
antirez
86a6aad984 Test default config modified to set logfile to empty string.
Required because of recent changes in the way logfile is set to standard
output.
2013-05-15 10:19:14 +02:00
antirez
ace86cfaef Test: remove useless statements and comments from test default config. 2013-04-04 14:30:05 +02:00
antirez
fd7350b084 Test: No clients timeout while testing. 2013-02-05 12:02:46 +01:00
antirez
562b2bd6a7 Keyspace notifications: fixed a leak and a bug introduced in the latest commit. 2013-01-28 13:15:16 +01:00
antirez
fce016d31b Keyspace events: it is now possible to select subclasses of events.
When keyspace events are enabled, the overhead is not sever but
noticeable, so this commit introduces the ability to select subclasses
of events in order to avoid to generate events the user is not
interested in.

The events can be selected using redis.conf or CONFIG SET / GET.
2013-01-28 13:15:12 +01:00
antirez
40f822da73 Enable keyspace events notification when testing. 2013-01-28 13:15:01 +01:00
Xiaochen Wang
f2305046ef fix typos in tests/assets/default.conf 2012-03-29 18:23:04 +08:00
antirez
03116904c3 RDB load of different encodings test added. 2012-03-23 20:24:30 +01:00
antirez
87faf90696 hash-max-zipmap-... renamed hash-max-ziplist-... in defalt conf for tests. 2012-03-10 12:14:17 +01:00
Pieter Noordhuis
80586cb894 Test that zipmap from RDB is correctly converted 2012-01-25 13:28:11 -08:00
antirez
c9d0c3623a diskstore removed 2011-06-25 12:22:03 +02:00
antirez
5e1d2d30f7 initial fix of the test suite to run both in in-memory and diskstore mode 2011-01-09 16:49:52 +01:00
antirez
5d46e370b7 diskstore more fixes 2011-01-03 17:18:37 +01:00
antirez
4942145d72 fixed a bug in diskstore 2011-01-02 21:39:17 +01:00
Pieter Noordhuis
f166bb1d50 code to enable running tests with the vm enabled 2010-05-20 13:58:58 +02:00
antirez
ab72b4833d minor fixes to the new test suite, html doc updated 2010-05-14 18:48:33 +02:00