diff --git a/src/acl.c b/src/acl.c index 43db1989..2351fc7f 100644 --- a/src/acl.c +++ b/src/acl.c @@ -1572,3 +1572,49 @@ void addReplyCommandCategories(client *c, struct redisCommand *cmd) { } setDeferredSetLen(c, flaglen, flagcount); } + +/* AUTH + * AUTH (Redis >= 6.0 form) + * + * When the user is omitted it means that we are trying to authenticate + * against the default user. */ +void authCommand(client *c) { + /* Only two or three argument forms are allowed. */ + if (c->argc > 3) { + addReply(c,shared.syntaxerr); + return; + } + + /* Handle the two different forms here. The form with two arguments + * will just use "default" as username. */ + robj *username, *password; + if (c->argc == 2) { + /* Mimic the old behavior of giving an error for the two commands + * from if no password is configured. */ + if (DefaultUser->flags & USER_FLAG_NOPASS) { + addReplyError(c,"AUTH called without any password " + "configured for the default user. Are you sure " + "your configuration is correct?"); + return; + } + + username = createStringObject("default",7); + password = c->argv[1]; + } else { + username = c->argv[1]; + password = c->argv[2]; + } + + if (ACLCheckUserCredentials(username,password) == C_OK) { + c->authenticated = 1; + c->user = ACLGetUserByName(username->ptr,sdslen(username->ptr)); + addReply(c,shared.ok); + } else { + addReplyError(c,"-WRONGPASS invalid username-password pair"); + } + + /* Free the "default" string object we created for the two + * arguments form. */ + if (c->argc == 2) decrRefCount(username); +} + diff --git a/src/networking.c b/src/networking.c index 599d69be..e46e1b7f 100644 --- a/src/networking.c +++ b/src/networking.c @@ -2023,7 +2023,7 @@ NULL } } -/* HELLO [AUTH ] */ +/* HELLO [AUTH ] [SETNAME ] */ void helloCommand(client *c) { long long ver; diff --git a/src/server.c b/src/server.c index 89e79504..31b04ed6 100644 --- a/src/server.c +++ b/src/server.c @@ -3599,51 +3599,6 @@ int writeCommandsDeniedByDiskError(void) { } } -/* AUTH - * AUTH (Redis >= 6.0 form) - * - * When the user is omitted it means that we are trying to authenticate - * against the default user. */ -void authCommand(client *c) { - /* Only two or three argument forms are allowed. */ - if (c->argc > 3) { - addReply(c,shared.syntaxerr); - return; - } - - /* Handle the two different forms here. The form with two arguments - * will just use "default" as username. */ - robj *username, *password; - if (c->argc == 2) { - /* Mimic the old behavior of giving an error for the two commands - * from if no password is configured. */ - if (DefaultUser->flags & USER_FLAG_NOPASS) { - addReplyError(c,"AUTH called without any password " - "configured for the default user. Are you sure " - "your configuration is correct?"); - return; - } - - username = createStringObject("default",7); - password = c->argv[1]; - } else { - username = c->argv[1]; - password = c->argv[2]; - } - - if (ACLCheckUserCredentials(username,password) == C_OK) { - c->authenticated = 1; - c->user = ACLGetUserByName(username->ptr,sdslen(username->ptr)); - addReply(c,shared.ok); - } else { - addReplyError(c,"-WRONGPASS invalid username-password pair"); - } - - /* Free the "default" string object we created for the two - * arguments form. */ - if (c->argc == 2) decrRefCount(username); -} - /* The PING command. It works in a different way if the client is in * in Pub/Sub mode. */ void pingCommand(client *c) {