test#469
Open
sundb wants to merge 2 commits into
Open
Conversation
BCAST tracking sent invalidations for every key matching a registered prefix without an ACL check, letting a client learn names of keys it cannot read. Filter each key via ACLUserCheckKeyPerm() against the subscriber's user; cache replies per user to keep the check O(U*K).
Pending BCAST invalidations accumulate per-prefix and are flushed in beforeSleep, filtered by each subscriber's current ACL key permissions. If a client re-AUTHs or a user's ACL is rewritten in place between accumulation and flush, beforeSleep re-filters already-accumulated keys by the new (possibly stricter) permissions and silently drops invalidations the client was entitled to under its old identity. Deliver pending invalidations under the old identity before it changes: - clientSetUser(): flushes the client's subscribed prefixes before c->user changes; wired into all auth paths and clientSetDefaultAuth. - ACL SETUSER: flush prefixes with a subscriber of the modified user before overwriting it in place. - ACL LOAD: whole-table flush before mutating users (DefaultUser is overwritten in place, and many users may change at once). - deauthenticateAndCloseClient(): disable tracking before resetting the user so the dying client can't receive invalidations under DefaultUser. trackingBroadcastInvalidationMessages() now takes a user filter (NULL flushes all); the per-prefix send logic is extracted into a shared helper. Adds tests for same-user filtering, re-AUTH, in-place SETUSER, and LOAD.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.