Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
Turbo码先生
redis
提交
09041b93
R
redis
项目概览
Turbo码先生
/
redis
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
R
redis
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
09041b93
编写于
9月 30, 2019
作者:
A
antirez
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
ACLs: change hashed passwords opcode to also remove them.
Related to PR #6405
上级
ea7c3fe7
变更
2
显示空白变更内容
内联
并排
Showing
2 changed file
with
28 addition
and
10 deletion
+28
-10
src/acl.c
src/acl.c
+22
-10
tests/unit/acl.tcl
tests/unit/acl.tcl
+6
-0
未找到文件。
src/acl.c
浏览文件 @
09041b93
...
...
@@ -652,11 +652,14 @@ void ACLAddAllowedSubcommand(user *u, unsigned long id, const char *sub) {
* ><password> Add this password to the list of valid password for the user.
* For example >mypass will add "mypass" to the list.
* This directive clears the "nopass" flag (see later).
* #<
password hash> Add this password hash to the list of valid hashes for
* #<
hash> Add this password hash to the list of valid hashes for
* the user. This is useful if you have previously computed
* the hash, and don't want to store it in plaintext.
* This directive clears the "nopass" flag (see later).
* <<password> Remove this password from the list of valid passwords.
* !<hash> Remove this hashed password from the list of valid passwords.
* This is useful when you want to remove a password just by
* hash without knowing its plaintext version at all.
* nopass All the set passwords of the user are removed, and the user
* is flagged as requiring no password: it means that every
* password will work against this user. If this directive is
...
...
@@ -759,8 +762,17 @@ int ACLSetUser(user *u, const char *op, ssize_t oplen) {
else
sdsfree
(
newpass
);
u
->
flags
&=
~
USER_FLAG_NOPASS
;
}
else
if
(
op
[
0
]
==
'<'
)
{
sds
delpass
=
ACLHashPassword
((
unsigned
char
*
)
op
+
1
,
oplen
-
1
);
}
else
if
(
op
[
0
]
==
'<'
||
op
[
0
]
==
'!'
)
{
sds
delpass
;
if
(
op
[
0
]
==
'<'
)
{
delpass
=
ACLHashPassword
((
unsigned
char
*
)
op
+
1
,
oplen
-
1
);
}
else
{
if
(
oplen
!=
HASH_PASSWORD_LEN
+
1
)
{
errno
=
EBADMSG
;
return
C_ERR
;
}
delpass
=
sdsnewlen
(
op
+
1
,
oplen
-
1
);
}
listNode
*
ln
=
listSearchKey
(
u
->
passwords
,
delpass
);
sdsfree
(
delpass
);
if
(
ln
)
{
...
...
tests/unit/acl.tcl
浏览文件 @
09041b93
...
...
@@ -55,6 +55,12 @@ start_server {tags {"acl"}} {
assert_no_match
{
*passwd4*
}
$passstr
}
test
{
Test hashed passwords removal
}
{
r ACL setuser newuser !34344e4d60c2b6d639b7bd22e18f2b0b91bc34bf0ac5f9952744435093cfb4e6
set passstr
[
dict get
[
r ACL getuser newuser
]
passwords
]
assert_no_match
{
*34344e4d60c2b6d639b7bd22e18f2b0b91bc34bf0ac5f9952744435093cfb4e6*
}
$passstr
}
test
{
By default users are not able to access any command
}
{
catch
{
r SET foo bar
}
e
set e
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录