diff options
| author | laodc <github@laodc.com> | 2023-08-21 15:45:58 +0700 |
|---|---|---|
| committer | laodc <github@laodc.com> | 2023-08-21 15:45:58 +0700 |
| commit | 75fdc829bacbdc767b20d3f0e40b91215fce14fe (patch) | |
| tree | 209d8d53e71cd5a92deb69fcb740bb2649bb66ee /lualib/rspamadm | |
| parent | 1931487b17059d6c63adf2245c9632384657f89e (diff) | |
| download | rspamd-75fdc829bacbdc767b20d3f0e40b91215fce14fe.tar.gz rspamd-75fdc829bacbdc767b20d3f0e40b91215fce14fe.zip | |
Added support for Redis 6 ACL (username/password)
Diffstat (limited to 'lualib/rspamadm')
| -rw-r--r-- | lualib/rspamadm/configwizard.lua | 16 | ||||
| -rw-r--r-- | lualib/rspamadm/fuzzy_convert.lua | 34 |
2 files changed, 37 insertions, 13 deletions
diff --git a/lualib/rspamadm/configwizard.lua b/lualib/rspamadm/configwizard.lua index 27c358e3b..7bcda5a01 100644 --- a/lualib/rspamadm/configwizard.lua +++ b/lualib/rspamadm/configwizard.lua @@ -249,7 +249,21 @@ local function setup_redis(cfg, changes) redis_params['write_servers'] = ws end - if ask_yes_no('Do you have any password set for your Redis?') then + if ask_yes_no('Do you have any username set for your Redis?') then + local usernm = readline_default("Enter Redis username:", nil) + + if usernm then + changes.l['redis.conf']['username'] = usernm + redis_params['username'] = usernm + end + + local passwd = readline_default("Enter Redis password:", nil) + + if passwd then + changes.l['redis.conf']['password'] = passwd + redis_params['password'] = passwd + end + elseif ask_yes_no('Do you have any password set for your Redis?') then local passwd = readline_default("Enter Redis password:", nil) if passwd then diff --git a/lualib/rspamadm/fuzzy_convert.lua b/lualib/rspamadm/fuzzy_convert.lua index a31baa4e2..67a2664bc 100644 --- a/lualib/rspamadm/fuzzy_convert.lua +++ b/lualib/rspamadm/fuzzy_convert.lua @@ -12,7 +12,16 @@ local function connect_redis(server, password, db) return nil, 'Cannot connect: ' .. err end - if password then + if username then + if password then + ret = conn:add_cmd('AUTH', { username, password }) + if not ret then + return nil, 'Cannot queue command' + end + else + return nil, 'Redis requires a password when username is supplied' + end + else if password then ret = conn:add_cmd('AUTH', { password }) if not ret then return nil, 'Cannot queue command' @@ -28,8 +37,8 @@ local function connect_redis(server, password, db) return conn, nil end -local function send_digests(digests, redis_host, redis_password, redis_db) - local conn, err = connect_redis(redis_host, redis_password, redis_db) +local function send_digests(digests, redis_host, redis_username, redis_password, redis_db) + local conn, err = connect_redis(redis_host, redis_username, redis_password, redis_db) if err then print(err) return false @@ -62,8 +71,8 @@ local function send_digests(digests, redis_host, redis_password, redis_db) return true end -local function send_shingles(shingles, redis_host, redis_password, redis_db) - local conn, err = connect_redis(redis_host, redis_password, redis_db) +local function send_shingles(shingles, redis_host, redis_username, redis_password, redis_db) + local conn, err = connect_redis(redis_host, redis_username, redis_password, redis_db) if err then print("Redis error: " .. err) return false @@ -95,8 +104,8 @@ local function send_shingles(shingles, redis_host, redis_password, redis_db) return true end -local function update_counters(total, redis_host, redis_password, redis_db) - local conn, err = connect_redis(redis_host, redis_password, redis_db) +local function update_counters(total, redis_host, redis_username, redis_password, redis_db) + local conn, err = connect_redis(redis_host, redis_username, redis_password, redis_db) if err then print(err) return false @@ -135,6 +144,7 @@ return function(_, res) local total_digests = 0 local total_shingles = 0 local lim_batch = 1000 -- Update each 1000 entries + local redis_username = res['redis_username'] local redis_password = res['redis_password'] local redis_db = nil @@ -162,14 +172,14 @@ return function(_, res) end end if num_batch_digests >= lim_batch then - if not send_digests(digests, res['redis_host'], redis_password, redis_db) then + if not send_digests(digests, res['redis_host'], redis_username, redis_password, redis_db) then return end num_batch_digests = 0 digests = {} end if num_batch_shingles >= lim_batch then - if not send_shingles(shingles, res['redis_host'], redis_password, redis_db) then + if not send_shingles(shingles, res['redis_host'], redis_username, redis_password, redis_db) then return end num_batch_shingles = 0 @@ -177,12 +187,12 @@ return function(_, res) end end if digests[1] then - if not send_digests(digests, res['redis_host'], redis_password, redis_db) then + if not send_digests(digests, res['redis_host'], redis_username, redis_password, redis_db) then return end end if shingles[1] then - if not send_shingles(shingles, res['redis_host'], redis_password, redis_db) then + if not send_shingles(shingles, res['redis_host'], redis_username, redis_password, redis_db) then return end end @@ -191,7 +201,7 @@ return function(_, res) 'Migrated %d digests and %d shingles', total_digests, total_shingles ) - if not update_counters(total_digests, res['redis_host'], redis_password, redis_db) then + if not update_counters(total_digests, res['redis_host'], redis_username, redis_password, redis_db) then message = message .. ' but failed to update counters' end print(message) |