375 Commits

Author SHA1 Message Date
antirez
c43aea7e9f Warn when configured maxmemory value seems odd.
This commit warns the user with a log at "warning" level if:

1) After the server startup the maxmemory limit was found to be < 1MB.
2) After a CONFIG SET command modifying the maxmemory setting the limit
is set to a value that is smaller than the currently used memory.

The behaviour of the Redis server is unmodified, and this wil not make
the CONFIG SET command or a wrong configuration in redis.conf less
likely to create problems, but at least this will make aware most users
about a possbile error they committed without resorting to external
help.

However no warning is issued if, as a result of loading the AOF or RDB
file, we are very near the maxmemory setting, or key eviction will be
needed in order to go under the specified maxmemory setting. The reason
is that in servers configured as a cache with an aggressive
maxmemory-policy most of the times restarting the server will cause this
condition to happen if persistence is not switched off.

This fixes issue #429.
2012-10-05 11:16:22 +02:00
antirez
169a44cbd6 Sentinel: Redis-side support for slave priority.
A Redis slave can now be configured with a priority, that is an integer
number that is shown in INFO output and can be get and set using the
redis.conf file or the CONFIG GET/SET command.

This field is used by Sentinel during slave election. A slave with lower
priority is preferred. A slave with priority zero is never elected (and
is considered to be impossible to elect even if it is the only slave
available).

A next commit will add support in the Sentinel side as well.
2012-08-28 17:20:26 +02:00
antirez
6b5daa2df2 First implementation of Redis Sentinel.
This commit implements the first, beta quality implementation of Redis
Sentinel, a distributed monitoring system for Redis with notification
and automatic failover capabilities.

More info at http://redis.io/topics/sentinel
2012-07-23 13:14:44 +02:00
antirez
31a1439bfd Fixed a timing attack on AUTH (Issue #560).
The way we compared the authentication password using strcmp() allowed
an attacker to gain information about the password using a well known
class of attacks called "timing attacks".

The bug appears to be practically not exploitable in most modern systems
running Redis since even using multiple bytes of differences in the
input at a time instead of one the difference in running time in in the
order of 10 nanoseconds, making it hard to exploit even on LAN. However
attacks always get better so we are providing a fix ASAP.

The new implementation uses two fixed length buffers and a constant time
comparison function, with the goal of:

1) Completely avoid leaking information about the content of the
password, since the comparison is always performed between 512
characters and without conditionals.
2) Partially avoid leaking information about the length of the
password.

About "2" we still have a stage in the code where the real password and
the user provided password are copied in the static buffers, we also run
two strlen() operations against the two inputs, so the running time
of the comparison is a fixed amount plus a time proportional to
LENGTH(A)+LENGTH(B). This means that the absolute time of the operation
performed is still related to the length of the password in some way,
but there is no way to change the input in order to get a difference in
the execution time in the comparison that is not just proportional to
the string provided by the user (because the password length is fixed).

Thus in practical terms the user should try to discover LENGTH(PASSWORD)
looking at the whole execution time of the AUTH command and trying to
guess a proportionality between the whole execution time and the
password length: this appears to be mostly unfeasible in the real world.

Also protecting from this attack is not very useful in the case of Redis
as a brute force attack is anyway feasible if the password is too short,
while with a long password makes it not an issue that the attacker knows
the length.
2012-06-21 11:50:01 +02:00
antirez
a5f8341245 Two small fixes to maxclients handling.
1) Don't accept maxclients set to < 0
2) Allow maxclients < 1024, it is useful for testing.
2012-04-18 11:31:24 +02:00
antirez
84bcd3aa24 It is now possible to enable/disable RDB checksum computation from redis.conf or via CONFIG SET/GET. Also CONFIG SET support added for rdbcompression as well. 2012-04-10 15:47:10 +02:00
antirez
39bd025c29 Redis software watchdog. 2012-03-27 11:47:51 +02:00
antirez
ca09ad4d64 CONFIG RESETSTAT resets two more fields. 2012-03-25 11:43:19 +02:00
antirez
c1d01b3c57 New INFO field aof_delayed_fsync introduced.
This new field counts all the times Redis is configured with AOF enabled and
fsync policy 'everysec', but the previous fsync performed by the
background thread was not able to complete within two seconds, forcing
Redis to perform a write against the AOF file while the fsync is still
in progress (likely a blocking operation).
2012-03-25 11:27:35 +02:00
antirez
f3fd419fc9 Support for read-only slaves. Semantical fixes.
This commit introduces support for read only slaves via redis.conf and CONFIG GET/SET commands. Also various semantical fixes are implemented here:

1) MULTI/EXEC with only read commands now work where the server is into a state where writes (or commands increasing memory usage) are not allowed. Before this patch everything inside a transaction would fail in this conditions.

2) Scripts just calling read-only commands will work against read only
slaves, when the server is out of memory, or when persistence is into an
error condition. Before the patch EVAL always failed in this condition.
2012-03-20 17:32:48 +01:00
antirez
d22248ae99 Removed handling of deprecated hash-max-zipmap-entries nad hash-map-zipmap-value. Pieter is too good with users ;). Better to have them switch to a saner configuration ASAP after the 2.6 upgrade. 2012-03-10 10:41:39 +01:00
antirez
8562798308 Merge conflicts resolved. 2012-03-09 22:07:45 +01:00
antirez
0823e48fb9 Support for all the redis.conf fields in CONFIG GET. config.c refactored a bit. 2012-03-08 12:14:23 +01:00
antirez
4d3bbf3590 By default Redis refuses writes with an error if the latest BGSAVE failed (and at least one save point is configured). However people having good monitoring systems may prefer a server that continues to work, since they are notified that there are problems by their monitoring systems. This commit implements the ability to turn the feature on or off via redis.conf and CONFIG SET. 2012-03-07 18:02:26 +01:00
antirez
7fe8d49a70 Client output buffer limits: configuration of parameters for the different classes of clients implemented. 2012-01-24 10:43:30 +01:00
antirez
4aac3ff247 It is now posible to flush all the previous saving points in redis.conf by using a save directive with a single empty string argument, like it happens for CONFIG SET save. 2012-01-16 16:50:24 +01:00
Pieter Noordhuis
ebd85e9a45 Encode small hashes with a ziplist 2012-01-02 22:14:10 -08:00
antirez
1844f9900f server.replstate -> server.repl_state 2011-12-21 12:23:18 +01:00
antirez
f48cd4b90c some RDB server struct fields renamed. 2011-12-21 12:22:13 +01:00
antirez
2c915bcf6d AOF fileds in the global server state, and define names, renamed with more consistent names. More work to do. 2011-12-21 11:58:42 +01:00
antirez
e394114d95 AOF refactoring, now with three states: ON, OFF, WAIT_REWRITE. 2011-12-21 10:31:34 +01:00
antirez
67c6f0f630 Support for command line configuration options for redis-server. 2011-12-01 13:44:53 +01:00
antirez
8996bf7720 7c6da73 2011-10-31 11:13:28 +01:00
antirez
1eceb85ebc It is now possible to disable password authentication via CONFIG SET. Thanks to Jan Oberst. This closes issue #171. 2011-10-31 09:57:06 +01:00
Nathan Florea
bb48c5fa67 Set errno to 0 before calling strtol. 2011-10-26 13:01:24 +02:00
Nathan Florea
8523876503 Added a config directive for a Unix socket mask
Added a configuration directive to allow a user to specify the
permissions to be granted to the Unix socket file.  I followed
the format Pieter and Salvatore discusses in issue #85 (
https://github.com/antirez/redis/issues/85).
2011-10-10 11:21:15 -07:00
antirez
2aa26d2a63 CONFIG SET/GET support for loglevel 2011-10-05 16:08:35 +02:00
antirez
eab0e26e03 replaced redisAssert() with redisAssertWithInfo() in a shitload of places. 2011-10-04 18:43:03 +02:00
Pieter Noordhuis
bb831c313c Fix adding bulk reply when getcwd fails 2011-07-27 16:22:28 +02:00
antirez
5f54619494 Fix for a typo left after merging. 2011-07-12 12:43:05 +02:00
antirez
0681c5ad84 master branch merged into scripting. 2011-07-12 12:39:16 +02:00
antirez
35a6044140 slow log configuration implemented 2011-06-30 15:47:15 +02:00
antirez
994ed2bc55 unstable merge conflicts resolved 2011-06-25 12:29:24 +02:00
antirez
c9d0c3623a diskstore removed 2011-06-25 12:22:03 +02:00
antirez
0d1650f8a9 Updated to unstable 2011-06-14 18:06:39 +02:00
antirez
0ec932208e CONFIG SET/GET support for new automatic AOF rewrite parameters 2011-06-10 15:14:10 +02:00
antirez
4ff34b6adb AOF auto rewrite percentage option parsing fixed 2011-06-10 14:43:11 +02:00
antirez
b333e23997 automatic AOF rewrite first implementation. Still to be tested. 2011-06-10 12:39:23 +02:00
antirez
eeffcf380f Lua scripts max execution time 2011-05-25 12:32:48 +02:00
antirez
7c0e1b53c4 Merge remote branch 'pietern/unstable-zset' into unstable 2011-04-14 13:31:14 +02:00
antirez
1793752d97 node cluster configuration file configurable via redis.conf 2011-04-07 21:34:41 +02:00
Pieter Noordhuis
7d8c555e92 Merge branch 'unstable' into unstable-zset
Conflicts:
	src/object.c
2011-04-06 16:15:01 +02:00
antirez
ecc9109434 Cluster branch merged to unstable. 2011-03-29 17:51:15 +02:00
Pieter Noordhuis
3ea204e103 Configurable thresholds for encoded sorted sets 2011-03-09 14:01:57 +01:00
Paul Gideon Dann
df50d707f3 Allow port to be 0 in configuration, in order to allow disabling of TCP. 2011-02-22 12:13:29 +01:00
antirez
09d2abdca2 check return value of getcwd() 2011-02-21 17:51:28 +01:00
antirez
465b4189e6 CONFIG SET/GET for all the special encoding parameters of sets, lists, hashes 2011-02-17 12:20:59 +01:00
antirez
21cda08b3b CONFIG GET/SET dir implemented 2011-02-14 02:51:27 +01:00
antirez
d7ed7fd2fc INFO commandstats section reset with config resetstat, a new microseconds per call field, and a few other minor things 2011-01-24 10:56:06 +01:00
Pieter Noordhuis
a510cb0c03 Remove glueoutputbuf option and broken code 2011-01-05 10:39:41 +01:00