From c79b01f4baf8948a22fdca96a73710466b4fcd41 Mon Sep 17 00:00:00 2001
From: antirez <antirez@gmail.com>
Date: Tue, 15 Jan 2019 18:26:44 +0100
Subject: [PATCH] ACL: the AUTH command can be always executed.

---
 src/acl.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/acl.c b/src/acl.c
index 3191ebc6..38c4f89b 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -298,7 +298,9 @@ int ACLCheckCommandPerm(client *c) {
     if (c->cmd->id >= USER_MAX_COMMAND_BIT) return C_ERR;
 
     /* Check if the user can execute this command. */
-    if (!(u->flags & USER_FLAG_ALLCOMMANDS)) {
+    if (!(u->flags & USER_FLAG_ALLCOMMANDS) &&
+        c->cmd->proc != authCommand)
+    {
         uint64_t wordid = id / sizeof(u->allowed_commands[0]) / 8;
         uint64_t bit = 1 << (id % (sizeof(u->allowed_commands[0] * 8)));
         /* If the bit is not set we have to check further, in case the