From 8b3d9ff97187ba7eb1b7132d39a303e0ce56ee98 Mon Sep 17 00:00:00 2001 From: zeekling Date: Sun, 28 May 2023 00:27:43 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81=E5=9C=A8=E5=88=9D=E5=A7=8B?= =?UTF-8?q?=E5=8C=96=E6=97=B6=E6=B7=BB=E5=8A=A0=E7=94=A8=E6=88=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .clang-format | 213 ++++++++++++++++++++++++++++++++++ src/redis-acl.c | 301 ++++++++++++++++++++++++------------------------ src/redis-acl.h | 6 +- 3 files changed, 368 insertions(+), 152 deletions(-) create mode 100644 .clang-format diff --git a/.clang-format b/.clang-format new file mode 100644 index 0000000..67f1578 --- /dev/null +++ b/.clang-format @@ -0,0 +1,213 @@ +# 语言: None, Cpp, Java, JavaScript, ObjC, Proto, TableGen, TextProto +Language: Cpp +# BasedOnStyle: LLVM + +# 访问说明符(public、private等)的偏移 +AccessModifierOffset: -4 + +# 开括号(开圆括号、开尖括号、开方括号)后的对齐: Align, DontAlign, AlwaysBreak(总是在开括号后换行) +AlignAfterOpenBracket: Align + +# 连续赋值时,对齐所有等号 +AlignConsecutiveAssignments: false + +# 连续声明时,对齐所有声明的变量名 +AlignConsecutiveDeclarations: false + +# 右对齐逃脱换行(使用反斜杠换行)的反斜杠 +AlignEscapedNewlines: Right + +# 水平对齐二元和三元表达式的操作数 +AlignOperands: true + +# 对齐连续的尾随的注释 +AlignTrailingComments: true + +# 不允许函数声明的所有参数在放在下一行 +AllowAllParametersOfDeclarationOnNextLine: false + +# 不允许短的块放在同一行 +AllowShortBlocksOnASingleLine: true + +# 允许短的case标签放在同一行 +AllowShortCaseLabelsOnASingleLine: true + +# 允许短的函数放在同一行: None, InlineOnly(定义在类中), Empty(空函数), Inline(定义在类中,空函数), All +AllowShortFunctionsOnASingleLine: None + +# 允许短的if语句保持在同一行 +AllowShortIfStatementsOnASingleLine: true + +# 允许短的循环保持在同一行 +AllowShortLoopsOnASingleLine: true + +# 总是在返回类型后换行: None, All, TopLevel(顶级函数,不包括在类中的函数), +# AllDefinitions(所有的定义,不包括声明), TopLevelDefinitions(所有的顶级函数的定义) +AlwaysBreakAfterReturnType: None + +# 总是在多行string字面量前换行 +AlwaysBreakBeforeMultilineStrings: false + +# 总是在template声明后换行 +AlwaysBreakTemplateDeclarations: true + +# false表示函数实参要么都在同一行,要么都各自一行 +BinPackArguments: true + +# false表示所有形参要么都在同一行,要么都各自一行 +BinPackParameters: true + +# 大括号换行,只有当BreakBeforeBraces设置为Custom时才有效 +BraceWrapping: + # class定义后面 + AfterClass: false + # 控制语句后面 + AfterControlStatement: false + # enum定义后面 + AfterEnum: false + # 函数定义后面 + AfterFunction: false + # 命名空间定义后面 + AfterNamespace: false + # struct定义后面 + AfterStruct: false + # union定义后面 + AfterUnion: false + # extern之后 + AfterExternBlock: false + # catch之前 + BeforeCatch: false + # else之前 + BeforeElse: false + # 缩进大括号 + IndentBraces: false + # 分离空函数 + SplitEmptyFunction: false + # 分离空语句 + SplitEmptyRecord: false + # 分离空命名空间 + SplitEmptyNamespace: false + +# 在二元运算符前换行: None(在操作符后换行), NonAssignment(在非赋值的操作符前换行), All(在操作符前换行) +BreakBeforeBinaryOperators: NonAssignment + +# 在大括号前换行: Attach(始终将大括号附加到周围的上下文), Linux(除函数、命名空间和类定义,与Attach类似), +# Mozilla(除枚举、函数、记录定义,与Attach类似), Stroustrup(除函数定义、catch、else,与Attach类似), +# Allman(总是在大括号前换行), GNU(总是在大括号前换行,并对于控制语句的大括号增加额外的缩进), WebKit(在函数前换行), Custom +# 注:这里认为语句块也属于函数 +BreakBeforeBraces: Custom + +# 在三元运算符前换行 +BreakBeforeTernaryOperators: false + +# 在构造函数的初始化列表的冒号后换行 +BreakConstructorInitializers: AfterColon + +#BreakInheritanceList: AfterColon + +BreakStringLiterals: false + +# 每行字符的限制,0表示没有限制 +ColumnLimit: 0 + +CompactNamespaces: true + +# 构造函数的初始化列表要么都在同一行,要么都各自一行 +ConstructorInitializerAllOnOneLineOrOnePerLine: false + +# 构造函数的初始化列表的缩进宽度 +ConstructorInitializerIndentWidth: 4 + +# 延续的行的缩进宽度 +ContinuationIndentWidth: 4 + +# 去除C++11的列表初始化的大括号{后和}前的空格 +Cpp11BracedListStyle: true + +# 继承最常用的指针和引用的对齐方式 +DerivePointerAlignment: false + +# 固定命名空间注释 +FixNamespaceComments: true + +# 缩进case标签 +IndentCaseLabels: false + +IndentPPDirectives: None + +# 缩进宽度 +IndentWidth: 4 + +# 函数返回类型换行时,缩进函数声明或函数定义的函数名 +IndentWrappedFunctionNames: false + +# 保留在块开始处的空行 +KeepEmptyLinesAtTheStartOfBlocks: false + +# 连续空行的最大数量 +MaxEmptyLinesToKeep: 1 + +# 命名空间的缩进: None, Inner(缩进嵌套的命名空间中的内容), All +NamespaceIndentation: None + +# 指针和引用的对齐: Left, Right, Middle +PointerAlignment: Right + +# 允许重新排版注释 +ReflowComments: true + +# 允许排序#include +SortIncludes: false + +# 允许排序 using 声明 +SortUsingDeclarations: false + +# 在C风格类型转换后添加空格 +SpaceAfterCStyleCast: false + +# 在Template 关键字后面添加空格 +SpaceAfterTemplateKeyword: true + +# 在赋值运算符之前添加空格 +SpaceBeforeAssignmentOperators: true + +# SpaceBeforeCpp11BracedList: true + +# SpaceBeforeCtorInitializerColon: true + +# SpaceBeforeInheritanceColon: true + +# 开圆括号之前添加一个空格: Never, ControlStatements, Always +SpaceBeforeParens: ControlStatements + +# SpaceBeforeRangeBasedForLoopColon: true + +# 在空的圆括号中添加空格 +SpaceInEmptyParentheses: false + +# 在尾随的评论前添加的空格数(只适用于//) +SpacesBeforeTrailingComments: 1 + +# 在尖括号的<后和>前添加空格 +SpacesInAngles: false + +# 在C风格类型转换的括号中添加空格 +SpacesInCStyleCastParentheses: false + +# 在容器(ObjC和JavaScript的数组和字典等)字面量中添加空格 +SpacesInContainerLiterals: true + +# 在圆括号的(后和)前添加空格 +SpacesInParentheses: false + +# 在方括号的[后和]前添加空格,lamda表达式和未指明大小的数组的声明不受影响 +SpacesInSquareBrackets: false + +# 标准: Cpp03, Cpp11, Auto +Standard: Cpp11 + +# tab宽度 +TabWidth: 4 + +# 使用tab字符: Never, ForIndentation, ForContinuationAndIndentation, Always +UseTab: Never diff --git a/src/redis-acl.c b/src/redis-acl.c index e8773ca..82f6594 100644 --- a/src/redis-acl.c +++ b/src/redis-acl.c @@ -10,172 +10,177 @@ static int MAX_TIME = 1000; static RedisModuleDict *userDict = NULL; RedisModuleUser *createUser(RedisModuleCtx *ctx, const char *name) { - REDISMODULE_NOT_USED(ctx); - RedisModuleUser *user = RedisModule_CreateModuleUser(name); - RedisModule_SetModuleUserACL(user, "allcommands"); - RedisModule_SetModuleUserACL(user, "allkeys"); - RedisModule_SetModuleUserACL(user, "on"); - return user; + REDISMODULE_NOT_USED(ctx); + RedisModuleUser *user = RedisModule_CreateModuleUser(name); + RedisModule_SetModuleUserACL(user, "allcommands"); + RedisModule_SetModuleUserACL(user, "allkeys"); + RedisModule_SetModuleUserACL(user, "on"); + return user; } -int authReply(RedisModuleCtx *ctx, RedisModuleString *username, RedisModuleString *password, RedisModuleString **err) { - REDISMODULE_NOT_USED(password); - void **targ = RedisModule_GetBlockedClientPrivateData(ctx); - int result = (uintptr_t)targ[0]; - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "auth reply"); - size_t userlen = 0; - const char *user = RedisModule_StringPtrLen(username, &userlen); - if (result == 1) { - // auth success - RedisModuleUser *moduleUser = createUser(ctx, user); - uint64_t client_id; - int authResult = RedisModule_AuthenticateClientWithUser( - ctx, moduleUser, NULL, NULL, &client_id); - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "auth success user=%s, %lu", user, client_id); - if (authResult == REDISMODULE_ERR) { - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user not exits user=%s", user); +int authReply(RedisModuleCtx *ctx, RedisModuleString *username, + RedisModuleString *password, RedisModuleString **err) { + REDISMODULE_NOT_USED(password); + void **targ = RedisModule_GetBlockedClientPrivateData(ctx); + int result = (uintptr_t)targ[0]; + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "auth reply"); + size_t userlen = 0; + const char *user = RedisModule_StringPtrLen(username, &userlen); + if (result == 1) { + // auth success + RedisModuleUser *moduleUser = createUser(ctx, user); + uint64_t client_id; + int authResult = RedisModule_AuthenticateClientWithUser( + ctx, moduleUser, NULL, NULL, &client_id); + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "auth success user=%s, %lu", user, + client_id); + if (authResult == REDISMODULE_ERR) { + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user not exits user=%s", user); + } + return REDISMODULE_AUTH_HANDLED; + } else if (result == 0) { + // auth failed + const char *err_msg = "Auth denied by Misc Module."; + *err = RedisModule_CreateString(ctx, err_msg, strlen(err_msg)); + return REDISMODULE_AUTH_HANDLED; } + /** skip auth*/ return REDISMODULE_AUTH_HANDLED; - } else if (result == 0) { - // auth failed - const char *err_msg = "Auth denied by Misc Module."; - *err = RedisModule_CreateString(ctx, err_msg, strlen(err_msg)); - return REDISMODULE_AUTH_HANDLED; - } - /** skip auth*/ - return REDISMODULE_AUTH_HANDLED; } void freeAuthData(RedisModuleCtx *ctx, void *privdata) { - REDISMODULE_NOT_USED(ctx); - RedisModule_Free(privdata); + REDISMODULE_NOT_USED(ctx); + RedisModule_Free(privdata); } void *AuthBlockThreadMain(void *arg) { - void **targ = arg; - RedisModuleBlockedClient *bc = targ[0]; - RedisModuleCtx *ctx = targ[1]; - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "begin auth "); - const char *pwd = RedisModule_StringPtrLen(targ[3], NULL); - void **replyarg = RedisModule_Alloc(sizeof(void *)); - int result = 2; - int nokey; - struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGet(userDict, targ[2], &nokey); - if (nokey || !acl) { - RedisModule_Log(ctx, LOG_LEVEL_WARNING, "auth failed"); - result = 0; - goto returnResult; - } - if (!strcmp(pwd, acl->password)) { - result = 1; - } else { - result = 0; - } -returnResult: - replyarg[0] = (void *)(uintptr_t)result; - RedisModule_BlockedClientMeasureTimeEnd(bc); - RedisModule_UnblockClient(bc, replyarg); - RedisModule_FreeString(NULL, targ[2]); - RedisModule_FreeString(NULL, targ[3]); - RedisModule_Free(targ); - return NULL; + void **targ = arg; + RedisModuleBlockedClient *bc = targ[0]; + RedisModuleCtx *ctx = targ[1]; + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "begin auth "); + const char *user = RedisModule_StringPtrLen(targ[2], NULL); + const char *pwd = RedisModule_StringPtrLen(targ[3], NULL); + void **replyarg = RedisModule_Alloc(sizeof(void *)); + int result = 2; + struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGetC(userDict, user, strlen(user), NULL); + if (!acl) { + RedisModule_Log(ctx, LOG_LEVEL_WARNING, "auth failed"); + result = 0; + goto returnResult; + } + const char *passwdInModule = RedisModule_StringPtrLen(acl->password, NULL); + if (!strcmp(pwd, passwdInModule)) { + result = 1; + } else { + result = 0; + } +returnResult: + replyarg[0] = (void *)(uintptr_t)result; + RedisModule_BlockedClientMeasureTimeEnd(bc); + RedisModule_UnblockClient(bc, replyarg); + RedisModule_FreeString(NULL, targ[2]); + RedisModule_FreeString(NULL, targ[3]); + RedisModule_Free(targ); + return NULL; } -int moduleBlockAuth(RedisModuleCtx *ctx, RedisModuleString *username, RedisModuleString *password, RedisModuleString **err) { - REDISMODULE_NOT_USED(password); - REDISMODULE_NOT_USED(err); - RedisModuleBlockedClient *bc = - RedisModule_BlockClientOnAuth(ctx, authReply, freeAuthData); - int ctx_flags = RedisModule_GetContextFlags(ctx); - if (ctx_flags & REDISMODULE_CTX_FLAGS_MULTI || - ctx_flags & REDISMODULE_CTX_FLAGS_LUA) { - RedisModule_UnblockClient(bc, NULL); - return REDISMODULE_AUTH_HANDLED; - } - RedisModule_BlockedClientMeasureTimeStart(bc); - pthread_t tid; - void **targ = RedisModule_Alloc(sizeof(void *) * 4); - targ[0] = bc; - targ[1] = ctx; - targ[2] = RedisModule_CreateStringFromString(NULL, username); - targ[3] = RedisModule_CreateStringFromString(NULL, password); - if (pthread_create(&tid, NULL, AuthBlockThreadMain, targ) != 0) { - RedisModule_AbortBlock(bc); - } - return REDISMODULE_AUTH_HANDLED; -} - -int moduleAuth(RedisModuleCtx *ctx, RedisModuleString *username, RedisModuleString *password, RedisModuleString **err) { - const char *user = RedisModule_StringPtrLen(username, NULL); - const char *pwd = RedisModule_StringPtrLen(password, NULL); - int nokey; - struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGet(userDict, username, &nokey); - if (!nokey) { - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user=%s, password=", acl->username, acl->password); - } - - if (!nokey && acl->password && !strcmp(pwd, acl->password)) { - RedisModuleUser *moduleUser = createUser(ctx, user); - uint64_t client_id; - int authResult = RedisModule_AuthenticateClientWithUser( - ctx, moduleUser, NULL, NULL, &client_id); - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "auth success user=%s, %lu", user, client_id); - if (authResult == REDISMODULE_ERR) { - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user not exits user=%s", user); +int moduleBlockAuth(RedisModuleCtx *ctx, RedisModuleString *username, + RedisModuleString *password, RedisModuleString **err) { + REDISMODULE_NOT_USED(password); + REDISMODULE_NOT_USED(err); + RedisModuleBlockedClient *bc = + RedisModule_BlockClientOnAuth(ctx, authReply, freeAuthData); + int ctx_flags = RedisModule_GetContextFlags(ctx); + if (ctx_flags & REDISMODULE_CTX_FLAGS_MULTI || ctx_flags & REDISMODULE_CTX_FLAGS_LUA) { + RedisModule_UnblockClient(bc, NULL); + return REDISMODULE_AUTH_HANDLED; + } + RedisModule_BlockedClientMeasureTimeStart(bc); + pthread_t tid; + void **targ = RedisModule_Alloc(sizeof(void *) * 4); + targ[0] = bc; + targ[1] = ctx; + targ[2] = RedisModule_CreateStringFromString(NULL, username); + targ[3] = RedisModule_CreateStringFromString(NULL, password); + if (pthread_create(&tid, NULL, AuthBlockThreadMain, targ) != 0) { + RedisModule_AbortBlock(bc); } return REDISMODULE_AUTH_HANDLED; - } else { - const char *err_msg = "Auth denied by Misc Module."; - *err = RedisModule_CreateString(ctx, err_msg, strlen(err_msg)); - return REDISMODULE_AUTH_HANDLED; - } - return REDISMODULE_AUTH_NOT_HANDLED; } -void cronLoopCallBack(RedisModuleCtx *ctx, RedisModuleEvent *e, uint64_t sub, void *data) { - REDISMODULE_NOT_USED(e); - RedisModuleCronLoop *ei = data; - REDISMODULE_NOT_USED(ei); - REDISMODULE_NOT_USED(sub); - if (time < MAX_TIME) { - times++; - return; - } - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "cron event"); - times = 0; +int moduleAuth(RedisModuleCtx *ctx, RedisModuleString *username, + RedisModuleString *password, RedisModuleString **err) { + const char *user = RedisModule_StringPtrLen(username, NULL); + const char *pwd = RedisModule_StringPtrLen(password, NULL); + struct redisAcl *acl = (struct redisAcl *)RedisModule_DictGetC(userDict, user, strlen(user), NULL); + if (!acl) { + const char *err_msg = "Auth denied by Misc Module."; + *err = RedisModule_CreateString(ctx, err_msg, strlen(err_msg)); + return REDISMODULE_AUTH_HANDLED; + } + const char *userInModule = RedisModule_StringPtrLen(acl->username, NULL); + const char *userInPass = RedisModule_StringPtrLen(acl->password, NULL); + + if (!strcmp(pwd, userInPass)) { + RedisModuleUser *moduleUser = createUser(ctx, userInModule); + uint64_t client_id; + RedisModule_AuthenticateClientWithUser(ctx, moduleUser, NULL, NULL, &client_id); + return REDISMODULE_AUTH_HANDLED; + } else { + const char *err_msg = "Auth denied by Misc Module."; + *err = RedisModule_CreateString(ctx, err_msg, strlen(err_msg)); + return REDISMODULE_AUTH_HANDLED; + } + return REDISMODULE_AUTH_NOT_HANDLED; } -int initUsers(RedisModuleCtx *ctx, RedisModuleString **argv, int argc) { - REDISMODULE_NOT_USED(ctx); - REDISMODULE_NOT_USED(argv); - REDISMODULE_NOT_USED(argc); - if (userDict == NULL) { - userDict = RedisModule_CreateDict(ctx); - } - struct redisAcl *acl = RedisModule_Calloc(1, sizeof(struct redisAcl)); - acl->username = "foo"; - acl->password = "block_allow"; - RedisModuleString *key = RedisModule_CreateString(ctx, acl->username, strlen(acl->username)); - int result = RedisModule_DictSet(userDict, key, &acl); - if (result == REDISMODULE_OK) { - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user add success, username=%s", acl->username); - } - return REDISMODULE_OK; +void cronLoopCallBack(RedisModuleCtx *ctx, RedisModuleEvent *e, uint64_t sub, + void *data) { + REDISMODULE_NOT_USED(e); + RedisModuleCronLoop *ei = data; + REDISMODULE_NOT_USED(ei); + REDISMODULE_NOT_USED(sub); + if (time < MAX_TIME) { + times++; + return; + } + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "cron event"); + times = 0; } -int RedisModule_OnLoad(RedisModuleCtx *ctx, RedisModuleString **argv, int argc) { - REDISMODULE_NOT_USED(argv); - REDISMODULE_NOT_USED(argc); - if (RedisModule_Init(ctx, "redis-auth", 1, REDISMODULE_APIVER_1) == REDISMODULE_ERR) { - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "init redis-auth failed"); - return REDISMODULE_ERR; - } - - RedisModule_RegisterAuthCallback(ctx, moduleBlockAuth); - RedisModule_RegisterAuthCallback(ctx, moduleAuth); - - initUsers(ctx, argv, argc); - - RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "init redis-auth success!"); - return REDISMODULE_OK; +int initUsers(RedisModuleCtx *ctx, const char *user, const char *passwd) { + REDISMODULE_NOT_USED(ctx); + if (userDict == NULL) { + userDict = RedisModule_CreateDict(ctx); + } + struct redisAcl *acl; + acl = RedisModule_Alloc(sizeof(*acl)); + memset(acl, 0, sizeof(*acl)); + acl->username = RedisModule_CreateString(ctx, user, strlen(user)); + acl->password = RedisModule_CreateString(ctx, passwd, strlen(passwd)); + int result = RedisModule_DictSetC(userDict, user, strlen(user), acl); + if (result == REDISMODULE_OK) { + char *userModule = RedisModule_StringPtrLen(acl->username, NULL); + char *passwdModule = RedisModule_StringPtrLen(acl->password, NULL); + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "user add success, username=%s, password=%s", userModule, passwdModule); + } + return REDISMODULE_OK; +} + +int RedisModule_OnLoad(RedisModuleCtx *ctx, RedisModuleString **argv, + int argc) { + REDISMODULE_NOT_USED(argv); + REDISMODULE_NOT_USED(argc); + if (RedisModule_Init(ctx, "redis-auth", 1, REDISMODULE_APIVER_1) == REDISMODULE_ERR) { + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "init redis-auth failed"); + return REDISMODULE_ERR; + } + + RedisModule_RegisterAuthCallback(ctx, moduleBlockAuth); + RedisModule_RegisterAuthCallback(ctx, moduleAuth); + + initUsers(ctx, "foo", "block_allow"); + + RedisModule_Log(ctx, LOG_LEVEL_NOTICE, "init redis-auth success!"); + return REDISMODULE_OK; } diff --git a/src/redis-acl.h b/src/redis-acl.h index 7e2fb23..de82a11 100644 --- a/src/redis-acl.h +++ b/src/redis-acl.h @@ -11,8 +11,8 @@ #define UNUSED(V) ((void) V) struct redisAcl { - char *username; - char *password; + RedisModuleString *username; + RedisModuleString *password; } redisAcl; @@ -30,8 +30,6 @@ int moduleAuth(RedisModuleCtx *ctx, RedisModuleString *username, RedisModuleStri void cronLoopCallBack(RedisModuleCtx *ctx, RedisModuleEvent *e, uint64_t sub, void *data); -int initUsers(RedisModuleCtx *ctx, RedisModuleString **argv, int argc); - #endif // REDISAUTH_H