Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: error while parsing aclfile #2980

Closed
34fathombelow opened this issue Apr 30, 2024 · 2 comments · Fixed by #2982
Closed

bug: error while parsing aclfile #2980

34fathombelow opened this issue Apr 30, 2024 · 2 comments · Fixed by #2982
Assignees
@kostasrim
Labels
bug Something isn't working

Comments

@34fathombelow
Copy link

Describe the bug

Receiving an error acl_family.cc:271 Error while parsing aclfile: Unrecognized parameter >mypassword while using an known valid ACL file.

"USER local-testing.rot-1 ON >mypassword resetkeys ~mykey* +set +get +del +ping"

To Reproduce

  1. Create an ACL file with the contents above
  2. Deploy on Kubernetes with Dragonfly DB operator v.1.1.2
  3. View the logs of the StatefulSet
  4. See error: acl_family.cc:271 Error while parsing aclfile

Expected behavior
File should be loaded successfully, according to your documentation > should be supported.

Environment (please complete the following information):

  • Containerized?: Kubernetes
  • Dragonfly Version: v1.17.1

Additional context
The bug may have been introduced here: #2123

According to the Redis Documentation > is used for plaintext passwords where as # is used for a hash value.

Configure valid passwords for the user:

><password>: Add this password to the list of valid passwords for the user. For example >mypass will add "mypass" to the list of valid passwords. This directive clears the nopass flag (see later). Every user can have any number of passwords.
<<password>: Remove this password from the list of valid passwords. Emits an error in case the password you are trying to remove is actually not set.
#<hash>: Add this SHA-256 hash value to the list of valid passwords for the user. This hash value will be compared to the hash of a password entered for an ACL user. This allows users to store hashes in the acl.conf file rather than storing cleartext passwords. Only SHA-256 hash values are accepted as the password hash must be 64 characters and only contain lowercase hexadecimal characters.

Non Relevant
This is a really cool project and I appreciate all the hard work that has gone into it. Keep up the great work!
@34fathombelow 34fathombelow added the bug Something isn't working label Apr 30, 2024
@chakaz
Copy link
Collaborator

chakaz commented Apr 30, 2024

@kostasrim

@kostasrim kostasrim self-assigned this Apr 30, 2024
@kostasrim kostasrim mentioned this issue Apr 30, 2024
Merged
@kostasrim
Copy link
Contributor

Hi @34fathombelow,

Indeed we had a bug on our side but I already submitted a PR :)

Non Relevant
This is a really cool project and I appreciate all the hard work that has gone into it. Keep up the great work!

This means a lot, thank you ❤️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kostasrim kostasrim

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: allow non hashed passwords when loading users from acl file dragonflydb/dragonfly
3 participants
@chakaz @kostasrim @34fathombelow