"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/acl.c" between
redis-6.2-rc3.tar.gz and redis-6.2.0.tar.gz

About: redis is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets.

acl.c  (redis-6.2-rc3):acl.c  (redis-6.2.0)
skipping to change at line 817 skipping to change at line 817
* The function returns C_OK if the action to perform was understood because * The function returns C_OK if the action to perform was understood because
* the 'op' string made sense. Otherwise C_ERR is returned if the operation * the 'op' string made sense. Otherwise C_ERR is returned if the operation
* is unknown or has some syntax error. * is unknown or has some syntax error.
* *
* When an error is returned, errno is set to the following values: * When an error is returned, errno is set to the following values:
* *
* EINVAL: The specified opcode is not understood or the key/channel pattern is * EINVAL: The specified opcode is not understood or the key/channel pattern is
* invalid (contains non allowed characters). * invalid (contains non allowed characters).
* ENOENT: The command name or command category provided with + or - is not * ENOENT: The command name or command category provided with + or - is not
* known. * known.
* EBUSY: The subcommand you want to add is about a command that is currently
* fully added.
* EEXIST: You are adding a key pattern after "*" was already added. This is * EEXIST: You are adding a key pattern after "*" was already added. This is
* almost surely an error on the user side. * almost surely an error on the user side.
* EISDIR: You are adding a channel pattern after "*" was already added. This is * EISDIR: You are adding a channel pattern after "*" was already added. This is
* almost surely an error on the user side. * almost surely an error on the user side.
* ENODEV: The password you are trying to remove from the user does not exist. * ENODEV: The password you are trying to remove from the user does not exist.
* EBADMSG: The hash you are trying to add is not a valid hash. * EBADMSG: The hash you are trying to add is not a valid hash.
*/ */
int ACLSetUser(user *u, const char *op, ssize_t oplen) { int ACLSetUser(user *u, const char *op, ssize_t oplen) {
if (oplen == -1) oplen = strlen(op); if (oplen == -1) oplen = strlen(op);
if (oplen == 0) return C_OK; /* Empty string is a no-operation. */ if (oplen == 0) return C_OK; /* Empty string is a no-operation. */
skipping to change at line 979 skipping to change at line 977
} }
/* The subcommand cannot be empty, so things like DEBUG| /* The subcommand cannot be empty, so things like DEBUG|
* are syntax errors of course. */ * are syntax errors of course. */
if (strlen(sub) == 0) { if (strlen(sub) == 0) {
zfree(copy); zfree(copy);
errno = EINVAL; errno = EINVAL;
return C_ERR; return C_ERR;
} }
/* The command should not be set right now in the command
* bitmap, because adding a subcommand of a fully added
* command is probably an error on the user side. */
unsigned long id = ACLGetCommandID(copy); unsigned long id = ACLGetCommandID(copy);
if (ACLGetUserCommandBit(u,id) == 1) { /* Add the subcommand to the list of valid ones, if the command is n
zfree(copy); ot set. */
errno = EBUSY; if (ACLGetUserCommandBit(u,id) == 0) {
return C_ERR; ACLAddAllowedSubcommand(u,id,sub);
} }
/* Add the subcommand to the list of valid ones. */
ACLAddAllowedSubcommand(u,id,sub);
/* We have to clear the command bit so that we force the
* subcommand check. */
ACLSetUserCommandBit(u,id,0);
zfree(copy); zfree(copy);
} }
} else if (op[0] == '-' && op[1] != '@') { } else if (op[0] == '-' && op[1] != '@') {
if (ACLLookupCommand(op+1) == NULL) { if (ACLLookupCommand(op+1) == NULL) {
errno = ENOENT; errno = ENOENT;
return C_ERR; return C_ERR;
} }
unsigned long id = ACLGetCommandID(op+1); unsigned long id = ACLGetCommandID(op+1);
ACLSetUserCommandBit(u,id,0); ACLSetUserCommandBit(u,id,0);
ACLResetSubcommandsForCommand(u,id); ACLResetSubcommandsForCommand(u,id);
skipping to change at line 1033 skipping to change at line 1021
} }
/* Return a description of the error that occurred in ACLSetUser() according to /* Return a description of the error that occurred in ACLSetUser() according to
* the errno value set by the function on error. */ * the errno value set by the function on error. */
const char *ACLSetUserStringError(void) { const char *ACLSetUserStringError(void) {
const char *errmsg = "Wrong format"; const char *errmsg = "Wrong format";
if (errno == ENOENT) if (errno == ENOENT)
errmsg = "Unknown command or category name in ACL"; errmsg = "Unknown command or category name in ACL";
else if (errno == EINVAL) else if (errno == EINVAL)
errmsg = "Syntax error"; errmsg = "Syntax error";
else if (errno == EBUSY)
errmsg = "Adding a subcommand of a command already fully "
"added is not allowed. Remove the command to start. "
"Example: -DEBUG +DEBUG|DIGEST";
else if (errno == EEXIST) else if (errno == EEXIST)
errmsg = "Adding a pattern after the * pattern (or the " errmsg = "Adding a pattern after the * pattern (or the "
"'allkeys' flag) is not valid and does not have any " "'allkeys' flag) is not valid and does not have any "
"effect. Try 'resetkeys' to start with an empty " "effect. Try 'resetkeys' to start with an empty "
"list of patterns"; "list of patterns";
else if (errno == EISDIR) else if (errno == EISDIR)
errmsg = "Adding a pattern after the * pattern (or the " errmsg = "Adding a pattern after the * pattern (or the "
"'allchannels' flag) is not valid and does not have any " "'allchannels' flag) is not valid and does not have any "
"effect. Try 'resetchannels' to start with an empty " "effect. Try 'resetchannels' to start with an empty "
"list of channels"; "list of channels";
skipping to change at line 2256 skipping to change at line 2240
if (c->argc == 2) { if (c->argc == 2) {
/* Mimic the old behavior of giving an error for the two commands /* Mimic the old behavior of giving an error for the two commands
* from if no password is configured. */ * from if no password is configured. */
if (DefaultUser->flags & USER_FLAG_NOPASS) { if (DefaultUser->flags & USER_FLAG_NOPASS) {
addReplyError(c,"AUTH <password> called without any password " addReplyError(c,"AUTH <password> called without any password "
"configured for the default user. Are you sure " "configured for the default user. Are you sure "
"your configuration is correct?"); "your configuration is correct?");
return; return;
} }
username = createStringObject("default",7); username = shared.default_username;
password = c->argv[1]; password = c->argv[1];
} else { } else {
username = c->argv[1]; username = c->argv[1];
password = c->argv[2]; password = c->argv[2];
} }
if (ACLAuthenticateUser(c,username,password) == C_OK) { if (ACLAuthenticateUser(c,username,password) == C_OK) {
addReply(c,shared.ok); addReply(c,shared.ok);
} else { } else {
addReplyError(c,"-WRONGPASS invalid username-password pair or user is di sabled."); addReplyError(c,"-WRONGPASS invalid username-password pair or user is di sabled.");
} }
/* Free the "default" string object we created for the two
* arguments form. */
if (c->argc == 2) decrRefCount(username);
} }
 End of changes. 7 change blocks. 
24 lines changed or deleted 5 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)