From 3ea3ad2d592b0d07ed92651fdc675c3dc7cdd892 Mon Sep 17 00:00:00 2001 From: niv Date: Sun, 10 Apr 2022 18:55:00 +0200 Subject: [PATCH 1/2] redis: password authentication Fixes #467 --- Plugins/Redis/Config.cpp | 16 ++++++++++++++++ Plugins/Redis/README.md | 1 + Plugins/Redis/Redis.hpp | 2 ++ 3 files changed, 19 insertions(+) diff --git a/Plugins/Redis/Config.cpp b/Plugins/Redis/Config.cpp index 73cc38cb70c..f01add8f3c6 100644 --- a/Plugins/Redis/Config.cpp +++ b/Plugins/Redis/Config.cpp @@ -17,6 +17,15 @@ std::unique_ptr Redis::PoolMakeFunc() auto p = std::make_unique(); (*p).connect(m_internal->m_config.m_host, static_cast(m_internal->m_config.m_port)); + + // Pool ctor currently authenticates synchronously. + // Invalid passwords aren't handled at all - you'll have to watch the server logs for that. + if (!m_internal->m_config.m_password.empty()) + { + (*p).auth(m_internal->m_config.m_password); + (*p).commit(); + } + return p; } @@ -30,6 +39,7 @@ void Redis::Reconfigure() // Redis server. m_internal->m_config.m_host = *Config::Get("HOST"); m_internal->m_config.m_port = Config::Get("PORT", 6379); + m_internal->m_config.m_password = Config::Get("AUTH_PASSWORD", ""); // Pubsub. m_internal->m_config.m_pubsub_script = Config::Get("PUBSUB_SCRIPT", "on_pubsub"); @@ -53,6 +63,12 @@ void Redis::Reconfigure() m_internal->m_connection_pubsub.connect( m_internal->m_config.m_host, static_cast(m_internal->m_config.m_port)); + if (!m_internal->m_config.m_password.empty()) + { + m_internal->m_connection_pubsub.auth(m_internal->m_config.m_password); + m_internal->m_connection_pubsub.commit(); + } + auto bound = std::bind(&Redis::OnPubsub, this, _1, _2); for (auto& ch : m_internal->m_config.m_pubsub_channels) { diff --git a/Plugins/Redis/README.md b/Plugins/Redis/README.md index 2d24ae1d077..e15f4da9420 100644 --- a/Plugins/Redis/README.md +++ b/Plugins/Redis/README.md @@ -70,5 +70,6 @@ if (NWNX_Redis_GetResultAsInt(NWNX_Redis_EXISTS("examples:examplekey"))) | ---------------------------- | :---------------------: | ---------------------------------- | | `NWNX_REDIS_HOST` | string | (none) | | `NWNX_REDIS_PORT` | int16 | 6379 | +| `NWNX_REDIS_AUTH_PASSWORD` | string | "" | | `NWNX_REDIS_PUBSUB_SCRIPT` | string | on_pubsub | | `NWNX_REDIS_PUBSUB_CHANNELS` | comma-separated strings | "" | diff --git a/Plugins/Redis/Redis.hpp b/Plugins/Redis/Redis.hpp index c4b9cff14d4..e96bfff6aba 100644 --- a/Plugins/Redis/Redis.hpp +++ b/Plugins/Redis/Redis.hpp @@ -29,6 +29,8 @@ class Redis : public NWNXLib::Plugin std::string m_host; // PORT int m_port; + // AUTH (no ACL support) + std::string m_password; // TODO: // Bridge the internal message bus to redis? From c977ffe099d4611dd67062dc85ac34fa8699b18f Mon Sep 17 00:00:00 2001 From: niv Date: Fri, 29 Apr 2022 23:15:48 +0200 Subject: [PATCH 2/2] redis auth: use sync_commit --- Plugins/Redis/Config.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Plugins/Redis/Config.cpp b/Plugins/Redis/Config.cpp index f01add8f3c6..7300db5b8bf 100644 --- a/Plugins/Redis/Config.cpp +++ b/Plugins/Redis/Config.cpp @@ -23,7 +23,7 @@ std::unique_ptr Redis::PoolMakeFunc() if (!m_internal->m_config.m_password.empty()) { (*p).auth(m_internal->m_config.m_password); - (*p).commit(); + (*p).sync_commit(); } return p;