diff options
| author | laodc <github@laodc.com> | 2023-08-21 15:45:58 +0700 |
|---|---|---|
| committer | laodc <github@laodc.com> | 2023-08-21 15:45:58 +0700 |
| commit | 75fdc829bacbdc767b20d3f0e40b91215fce14fe (patch) | |
| tree | 209d8d53e71cd5a92deb69fcb740bb2649bb66ee /src/libstat | |
| parent | 1931487b17059d6c63adf2245c9632384657f89e (diff) | |
| download | rspamd-75fdc829bacbdc767b20d3f0e40b91215fce14fe.tar.gz rspamd-75fdc829bacbdc767b20d3f0e40b91215fce14fe.zip | |
Added support for Redis 6 ACL (username/password)
Diffstat (limited to 'src/libstat')
| -rw-r--r-- | src/libstat/backends/redis_backend.c | 21 | ||||
| -rw-r--r-- | src/libstat/learn_cache/redis_cache.c | 21 |
2 files changed, 40 insertions, 2 deletions
diff --git a/src/libstat/backends/redis_backend.c b/src/libstat/backends/redis_backend.c index a0d11bb0d..72ffd6c44 100644 --- a/src/libstat/backends/redis_backend.c +++ b/src/libstat/backends/redis_backend.c @@ -45,6 +45,7 @@ struct redis_stat_ctx { gint conf_ref; struct rspamd_stat_async_elt *stat_elt; const gchar *redis_object; + const gchar *username; const gchar *password; const gchar *dbname; gdouble timeout; @@ -363,7 +364,17 @@ gsize rspamd_redis_expand_object(const gchar *pattern, static void rspamd_redis_maybe_auth(struct redis_stat_ctx *ctx, redisAsyncContext *redis) { - if (ctx->password) { + if (ctx->username) { + if (ctx->password) { + redisAsyncCommand(redis, NULL, NULL, "AUTH %s %s", ctx->username, ctx->password); + } + else { + msg_err("Redis requires a password when username is supplied"); + redisAsyncFree(ctx); + return NULL; + } + } + else if (ctx->password) { redisAsyncCommand(redis, NULL, NULL, "AUTH %s", ctx->password); } if (ctx->dbname) { @@ -1603,6 +1614,14 @@ rspamd_redis_init(struct rspamd_stat_ctx *ctx, } lua_pop(L, 1); + lua_pushstring(L, "username"); + lua_gettable(L, -2); + if (lua_type(L, -1) == LUA_TSTRING) { + backend->username = rspamd_mempool_strdup(cfg->cfg_pool, + lua_tostring(L, -1)); + } + lua_pop(L, 1); + lua_pushstring(L, "password"); lua_gettable(L, -2); if (lua_type(L, -1) == LUA_TSTRING) { diff --git a/src/libstat/learn_cache/redis_cache.c b/src/libstat/learn_cache/redis_cache.c index 3026009bc..0bbae8560 100644 --- a/src/libstat/learn_cache/redis_cache.c +++ b/src/libstat/learn_cache/redis_cache.c @@ -35,6 +35,7 @@ static const gchar *M = "redis learn cache"; struct rspamd_redis_cache_ctx { lua_State *L; struct rspamd_statfile_config *stcf; + const gchar *username; const gchar *password; const gchar *dbname; const gchar *redis_object; @@ -77,7 +78,17 @@ static void rspamd_redis_cache_maybe_auth(struct rspamd_redis_cache_ctx *ctx, redisAsyncContext *redis) { - if (ctx->password) { + if (ctx->username) { + if (ctx->password) { + redisAsyncCommand(redis, NULL, NULL, "AUTH %s %s", ctx->username, ctx->password); + } + else { + msg_err("Redis requires a password when username is supplied"); + redisAsyncFree(ctx); + return NULL; + } + } + else if (ctx->password) { redisAsyncCommand(redis, NULL, NULL, "AUTH %s", ctx->password); } if (ctx->dbname) { @@ -328,6 +339,14 @@ rspamd_stat_cache_redis_init(struct rspamd_stat_ctx *ctx, } lua_pop(L, 1); + lua_pushstring(L, "username"); + lua_gettable(L, -2); + if (lua_type(L, -1) == LUA_TSTRING) { + cache_ctx->username = rspamd_mempool_strdup(cfg->cfg_pool, + lua_tostring(L, -1)); + } + lua_pop(L, 1); + lua_pushstring(L, "password"); lua_gettable(L, -2); if (lua_type(L, -1) == LUA_TSTRING) { |