685 Commits

Author SHA1 Message Date
Oran Agra
ac2c96f5b1 A few non-data commands that should be allowed while loading or stale
SELECT, and HELLO are commands that may be executed by the client
as soon as it connects, there's no reason to block them, preventing the
client from doing the rest of his sequence (which might just be INFO or
CONFIG, etc).

MONITOR, DEBUG, SLOWLOG, TIME, LASTSAVE are all non-data accessing
commands, which there's no reason to block.
2020-02-06 08:53:23 +02:00
Oran Agra
9ac6cb9ce4 memoryGetKeys helper function so that ACL can limit access to keys for MEMORY command 2020-02-05 09:42:49 +02:00
antirez
0c1a4b5576 ACL LOG: log failed auth attempts. 2020-02-04 12:55:26 +01:00
antirez
61dffd8669 ACL LOG: actually emit entries. 2020-01-28 18:04:20 +01:00
antirez
3e9e27e98f ACL LOG: data structures and initial functions. 2020-01-27 18:37:52 +01:00
srzhao
38f6207f88 Check OOM at script start to get stable lua OOM state.
Checking OOM by `getMaxMemoryState` inside script might get different result
with `freeMemoryIfNeededAndSafe` at script start, because lua stack and
arguments also consume memory.

This leads to memory `borderline` when memory grows near server.maxmemory:

- `freeMemoryIfNeededAndSafe` at script start detects no OOM, no memory freed
- `getMaxMemoryState` inside script detects OOM, script aborted

We solve this 'borderline' issue by saving OOM state at script start to get
stable lua OOM state.

related to issue #6565 and #5250.
2020-01-20 21:34:05 +08:00
antirez
7ef2270ee7 Change error message for #6775. 2020-01-15 17:55:24 +01:00
Vasyl Melnychuk
b5f52bf01c Make error when submitting command in incorrect context more explicit
So error message `ERR only (P)SUBSCRIBE / (P)UNSUBSCRIBE / PING / QUIT allowed in this context` will become
`ERR 'get' command submitted, but only (P)SUBSCRIBE / (P)UNSUBSCRIBE / PING / QUIT allowed in this context`
2020-01-10 23:34:15 +02:00
Salvatore Sanfilippo
d3a9dff6b9
Merge pull request #6615 from soloestoy/wrap-also-propagate-as-multi
Wrap also propagate as multi
2019-12-19 09:24:52 +01:00
Salvatore Sanfilippo
f4b8197060
Merge pull request #6052 from jtru/better-systemd-integration-v2
Better systemd integration v2
2019-12-19 08:54:22 +01:00
Madelyn Olson
034dcf185c Add module APIs for custom authentication 2019-12-17 06:59:59 +00:00
antirez
901b7469b9 Clarify change in #6662. 2019-12-16 11:24:19 +01:00
Salvatore Sanfilippo
276a093753
Merge pull request #6662 from oranagra/fix_hz_div0
init server.hz early to avoid div by 0 during config file loading
2019-12-16 11:18:08 +01:00
Oran Agra
ef6e263fde init server.hz early to avoid div by 0 during config file loading
since the refactory of config.c, it was initialized from config_hz in initServer
but apparently that's too late since the config file loading creates objects
which call LRU_CLOCK
2019-12-12 17:56:02 +02:00
Salvatore Sanfilippo
118db9eeae
Merge pull request #6516 from IAmATeaPot418/patch-2
Add no-slowlog to acl command to prevent passwords
2019-12-12 09:41:19 +01:00
antirez
441cd9713c Clients connected and bytes used is too spammy for verbose.
This message is there for ten years, but is hardly useful.
Moreover it is likely that it will fill an entire disk if log ratation
is not configured, for no good reasons.
2019-12-11 10:17:23 +01:00
Oran Agra
18e72c5cc7 Converting more configs to use generic infra, and moving defaults to config.c
Changes in behavior:
- Change server.stream_node_max_entries from int64_t to long long, so that it can be used by the generic infra
- standard error reply instead of "repl-backlog-size must be 1 or greater" and such
- tls-port and a few TLS booleans were readable (config get) even when USE_OPENSSL was off (now they aren't)
- syslog-enabled, syslog-ident, cluster-enabled, appendfilename, and supervised didn't have a get (now they do)
- pidfile was initialized to NULL in InitServerConfig but had CONFIG_DEFAULT_PID_FILE in rewriteConfig (so the real default was "", but rewrite would cause it to be set), fixed the rewrite.
- TLS config in server.h was uninitialized (if no tls config args were provided)

Adding test for sanity and coverage
2019-11-28 11:24:57 +02:00
Oran Agra
e0cc3c99d2 Additional config.c refactory and bugfixes
- add capability for each config to have a callback to check if value is valid and return error string
  will enable converting many of the remaining custom configs into generic ones (reducing the x4 repetition for set,get,config,rewrite)
- add capability for each config to  to run some update code after config is changed (only for CONFIG SET)
  will also enable converting many of the remaining custom configs into generic ones
- add capability to move default values from server.h and server.c to config.c
  will reduce many excess lines in server.h and server.c (plus, no need to rebuild the entire code base when a default change 8-))

other behavior changes:
- fix bug in bool config get (always returning 'yes')
- fix a bug in modifying jemalloc-bg-thread at runtime (didn't call set_jemalloc_bg_thread, due to bad merge conflict resolution (my fault))
- side effect when a failed attempt to enable activedefrag at runtime, we now respond with -ERR and not with -DISABLED
2019-11-26 16:52:28 +02:00
zhaozhao.zz
6b056d29f3 block: propagate BRPOPLPUSH as RPOPLPUSH when unblock 2019-11-22 16:38:49 +08:00
zhaozhao.zz
37a10cef02 Propagation: wrap commands in also_propagate array with MULIT/EXEC
Random command like SPOP with count is replicated as
some SREM operations, and store them in also_propagate
array to propagate after the call, but this would break
atomicity.

To keep the command's atomicity, wrap also_propagate
array with MULTI/EXEC.
2019-11-22 15:42:49 +08:00
Salvatore Sanfilippo
64c2508ee3
Merge branch 'unstable' into rm_get_server_info 2019-11-21 10:06:15 +01:00
Maxim Ivanov
c7b68d10ea
Prune leftover TODO comment
Is it sufficient... ? -- Yes it is. In standalone mode, we say READY=1
at the comment point; however in replicated mode, we delay sending
READY=1 until the replication sync completes.
2019-11-20 19:45:25 +02:00
Salvatore Sanfilippo
c697edf4f4
Merge pull request #6559 from oranagra/active_defrag_tunables
Adjustments for active defrag defaults
2019-11-20 10:08:08 +01:00
Johannes Truschnigg
129d14e143 Auto-detect and link libsystemd at compile-time
This adds Makefile/build-system support for USE_SYSTEMD=(yes|no|*). This
variable's value determines whether or not libsystemd will be linked at
build-time.

If USE_SYSTEMD is set to "yes", make will use PKG_CONFIG to check for
libsystemd's presence, and fail the build early if it isn't
installed/detected properly.

If USE_SYSTEM is set to "no", libsystemd will *not* be linked, even if
support for it is available on the system redis is being built on.

For any other value that USE_SYSTEM might assume (e.g. "auto"),
PKG_CONFIG will try to determine libsystemd's presence, and set up the
build process to link against it, if it was indicated as being
installed/available.

This approach has a number of repercussions of its own, most importantly
the following: If you build redis on a system that actually has systemd
support, but no libsystemd-dev package(s) installed, you'll end up
*without* support for systemd notification/status reporting support in
redis-server. This changes established runtime behaviour.

I'm not sure if the build system and/or the server binary should
indicate this. I'm also wondering if not actually having
systemd-notify-support, but requesting it via the server's config,
should result in a fatal error now.
2019-11-19 18:55:44 +02:00
Johannes Truschnigg
641c64ada1 Use libsystemd's sd_notify for communicating redis status to systemd
Instead of replicating a subset of libsystemd's sd_notify(3) internally,
use the dynamic library provided by systemd to communicate with the
service manager.

When systemd supervision was auto-detected or configured, communicate
the actual server status (i.e. "Loading dataset", "Waiting for
master<->replica sync") to systemd, instead of declaring readiness right
after initializing the server process.
2019-11-19 18:55:44 +02:00
antirez
ce03d68332 Rename var to fixed_time_expire now that is more general. 2019-11-19 11:28:04 +01:00
antirez
84b01f63db Expire cycle: introduce configurable effort. 2019-11-18 11:30:05 +01:00
antirez
2766805680 Expire cycle: tollerate less stale keys, expire cycle CPU in INFO. 2019-11-15 11:29:34 +01:00
antirez
2f6fe5ce3a Expire cycle: introduce the new state needed for the new algo. 2019-11-14 18:28:01 +01:00
Oran Agra
0bc3dab095 Adjustments for active defrag defaults and tuning
Reduce default minimum effort, so that when fragmentation is just detected,
the impact on the latency will be minor.

Reduce the default maximum effort, mainly to prevent a case were a sudden
massive deletions, won't trigger an aggressive defrag that will cause latency.

When activedefrag is disabled mid-run, reset the 'running' info field, and
clear the scan cursor, so that when it'll be re-enabled, a new fresh scan will
start.

Clearing the 'running' variable is important since lowering the defragger
tunables mid-scan won't help, the defragger only considers new threshold when
a new scan starts, and during a scan it can only become more aggressive,
(when more severe fragmentation is detected), it'll never go less aggressive.
So by temporarily disabling activedefrag, one can lower th the tunables.

Removing the experimantal warning.
2019-11-12 15:05:29 +02:00
antirez
0f026af185 Merge branch 'unstable' of github.com:/antirez/redis into unstable 2019-11-06 17:44:42 +01:00
antirez
8b2c0f9044 Update PR #6537: use a fresh time outside call().
One problem with the solution proposed so far in #6537 is that key
lookups outside a command execution via call(), still used a cached
time. The cached time needed to be refreshed in multiple places,
especially because of modules callbacks from timers, cluster bus, and
thread safe contexts, that may use RM_Open().

In order to avoid this problem, this commit introduces the ability to
detect if we are inside call(): this way we can use the reference fixed
time only when we are in the context of a command execution or Lua
script, but for the asynchronous lookups, we can still use mstime() to
get a fresh time reference.
2019-11-06 09:57:29 +01:00
antirez
824f5f0b7a Update PR #6537 patch to for generality.
After the thread in #6537 and thanks to the suggestions received, this
commit updates the original patch in order to:

1. Solve the problem of updating the time in multiple places by updating
it in call().
2. Avoid introducing a new field but use our cached time.

This required some minor refactoring to the function updating the time,
and the introduction of a new cached time in microseconds in order to
use less gettimeofday() calls.
2019-11-05 10:14:34 +01:00
zhaozhao.zz
e542132b07 expires: refactoring judgment about whether a key is expired
Calling lookupKey*() many times to search a key in one command
may get different result.

That's because lookupKey*() calls expireIfNeeded(), and delete
the key when reach the expire time. So we can get an robj before
the expire time, but a NULL after the expire time.

The worst is that may lead to Redis crash, for example
`RPOPLPUSH foo foo` the first time we get a list form `foo` and
hold the pointer, but when we get `foo` again it's expired and
deleted. Now we hold a freed memory, when execute rpoplpushHandlePush()
redis crash.

To fix it, we can refactor the judgment about whether a key is expired,
using the same basetime `server.cmd_start_mstime` instead of calling
mstime() everytime.
2019-11-05 09:56:39 +01:00
Oran Agra
4d580438b0 Add module api for looking into INFO fields
- Add RM_GetServerInfo and friends
- Add auto memory for new opaque struct
- Add tests for new APIs

other minor fixes:
- add const in various char pointers
- requested_section in modulesCollectInfo was actually not sds but char*
- extract new string2d out of getDoubleFromObject for code reuse

Add module API for
2019-11-03 15:02:25 +02:00
Jamie Scott
5eb2290f68
Add no-slowlog to acl command to prevent passwords
Adding no-slowlog to acl command to prevent acl passwords from showing in slowlog
2019-10-29 15:10:07 -07:00
Oran Agra
51c3ff8d75 Modules hooks: complete missing hooks for the initial set of hooks
* replication hooks: role change, master link status, replica online/offline
* persistence hooks: saving, loading, loading progress
* misc hooks: cron loop, shutdown, module loaded/unloaded
* change the way hooks test work, and add tests for all of the above

startLoading() now gets flag indicating what is loaded.
stopLoading() now gets an indication of success or failure.
adding startSaving() and stopSaving() with similar args and role.
2019-10-29 17:59:09 +02:00
antirez
8337e083b6 Merge branch 'unstable' of github.com:/antirez/redis into unstable 2019-10-28 11:09:09 +01:00
Salvatore Sanfilippo
e097c99681
Merge pull request #4761 from WJWH/minor-typos
Fix some minor typos in comments
2019-10-28 09:58:38 +01:00
zhaozhao.zz
c74398e130 Modules: make unloading module more safe
As we know if a module exports module-side data types,
unload it is not allowed. This rule is the same with
blocked clients in module, because we use background
threads to implement module blocked clients, and it's
not safe to unload a module if there are background
threads running. So it's necessary to check if any
blocked clients running in this module when unload it.

Moreover, after that we can ensure that if no modules,
then no module blocked clients even module unloaded.
So, we can call moduleHandleBlockedClients only when
we have installed modules.
2019-10-28 11:31:58 +08:00
Wander Hillen
fb1f4f4e7e
Merge branch 'unstable' into minor-typos 2019-10-25 10:18:26 +02:00
antirez
5dd1130272 Remove trailing space from server.c. 2019-10-24 11:20:15 +02:00
Yossi Gottlieb
0db3b0a0ff Merge remote-tracking branch 'upstream/unstable' into tls 2019-10-16 17:08:07 +03:00
Yossi Gottlieb
c469f6ad9e Code review minor changes (names, comments). 2019-10-15 17:21:51 +03:00
Salvatore Sanfilippo
363604a27d
Merge pull request #6437 from OMG-By/redis-omg_by
there should is AUTH && HELLO non authenticated state.
2019-10-10 14:55:03 +02:00
Salvatore Sanfilippo
14a9da0613
Merge pull request #6145 from oranagra/jemalloc_purge_bg
purge jemalloc after flush, and enable background purging thread
2019-10-10 14:48:59 +02:00
antirez
747be463d2 Cluster: fix memory leak of cached master.
This is what happened:

1. Instance starts, is a slave in the cluster configuration, but
actually server.masterhost is not set, so technically the instance
is acting like a master.

2. loadDataFromDisk() calls replicationCacheMasterUsingMyself() even if
the instance is a master, in the case it is logically a slave and the
cluster is enabled. So now we have a cached master even if the instance
is practically configured as a master (from the POV of
server.masterhost value and so forth).

3. clusterCron() sees that the instance requires to replicate from its
master, because logically it is a slave, so it calls
replicationSetMaster() that will in turn call
replicationCacheMasterUsingMyself(): before this commit, this call would
overwrite the old cached master, creating a memory leak.
2019-10-10 10:23:34 +02:00
omg-by
1a292e0634 there should is AUTH && HELLO non authenticated state. 2019-10-10 00:52:26 +08:00
Yossi Gottlieb
61733ded14 TLS: Configuration options.
Add configuration options for TLS protocol versions, ciphers/cipher
suites selection, etc.
2019-10-07 21:07:27 +03:00
Oran Agra
6b6294807c TLS: Implement support for write barrier. 2019-10-07 21:06:30 +03:00