gvsafronov/futriix
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

ACL: default user off should not allow automatic authentication.

Browse Source 
This fixes issue #7011.
This commit is contained in:
antirez 2020-03-20 12:45:48 +01:00
parent b3a97004f4
commit f9c56dbb09
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/networking.c
View File

@ -124,7 +124,8 @@ client *createClient(connection *conn) {
c->ctime = c->lastinteraction = server.unixtime; c->ctime = c->lastinteraction = server.unixtime;
/* If the default user does not require authentication, the user is /* If the default user does not require authentication, the user is
* directly authenticated. */ * directly authenticated. */
c->authenticated = (c->user->flags & USER_FLAG_NOPASS) != 0; c->authenticated = (c->user->flags & USER_FLAG_NOPASS) &&
!(c->user->flags & USER_FLAG_DISABLED);
c->replstate = REPL_STATE_NONE; c->replstate = REPL_STATE_NONE;
c->repl_put_online_on_ack = 0; c->repl_put_online_on_ack = 0;
c->reploff = 0; c->reploff = 0;

2
src/server.c
View File

@ -3380,7 +3380,7 @@ int processCommand(client *c) {
/* Check if the user is authenticated. This check is skipped in case /* Check if the user is authenticated. This check is skipped in case
* the default user is flagged as "nopass" and is active. */ * the default user is flagged as "nopass" and is active. */
int auth_required = (!(DefaultUser->flags & USER_FLAG_NOPASS) || int auth_required = (!(DefaultUser->flags & USER_FLAG_NOPASS) ||
DefaultUser->flags & USER_FLAG_DISABLED) && (DefaultUser->flags & USER_FLAG_DISABLED)) &&
!c->authenticated; !c->authenticated;
if (auth_required) { if (auth_required) {
/* AUTH and HELLO and no auth modules are valid even in /* AUTH and HELLO and no auth modules are valid even in