diff --git a/modules/ndb_redis/doc/ndb_redis_admin.xml b/modules/ndb_redis/doc/ndb_redis_admin.xml index 1f4d6ddae95..6a9635a3f94 100644 --- a/modules/ndb_redis/doc/ndb_redis_admin.xml +++ b/modules/ndb_redis/doc/ndb_redis_admin.xml @@ -62,14 +62,13 @@
<varname>server</varname> (str) - Specify the details to connect to REDIS server. It takes a list of - attribute=value separated by semicolon, the attributes can be - name, unix, addr, port and db. Name is a generic identifier to be used - with module functions. unix is the path to the unix domain socket provided - by redis server. addr and port are the IP address and the port to - connect to REDIS server. unix and (addr, port) are mutually exclusive. - If both appear in same server settings unix domain socket is configured. - db is the DB number to use (defaults to 0 if not specified). + Specify the details to connect to REDIS server. It takes a list of attribute=value + separated by semicolon, the attributes can be name, unix, addr, port, db and pass. Name + is a generic identifier to be used with module functions. unix is the path to the unix + domain socket provided by redis server. addr and port are the IP address and the port to + connect to REDIS server. pass is the server password. unix and (addr, port) are mutually + exclusive. If both appear in same server settings unix domain socket is configured. db + is the DB number to use (defaults to 0 if not specified). You can set this parameter many times, in case you want to connect to @@ -86,7 +85,7 @@ ... modparam("ndb_redis", "server", "name=srvN;addr=127.0.0.1;port=6379;db=1") -modparam("ndb_redis", "server", "name=srvX;addr=127.0.0.2;port=6379;db=4") +modparam("ndb_redis", "server", "name=srvX;addr=127.0.0.2;port=6379;db=4;pass=mypassword") # Unix domain socket modparam("ndb_redis", "server", "name=srvY;unix=/tmp/redis.sock;db=3") diff --git a/modules/ndb_redis/redis_client.c b/modules/ndb_redis/redis_client.c index 2108386f1d9..23cb2cbcc53 100644 --- a/modules/ndb_redis/redis_client.c +++ b/modules/ndb_redis/redis_client.c @@ -46,7 +46,7 @@ static redisc_reply_t *_redisc_rpl_list=NULL; */ int redisc_init(void) { - char *addr, *unix_sock_path = NULL; + char *addr, *pass, *unix_sock_path = NULL; unsigned int port, db; redisc_server_t *rsrv=NULL; param_t *pit = NULL; @@ -66,6 +66,8 @@ int redisc_init(void) addr = "127.0.0.1"; port = 6379; db = 0; + pass = NULL; + for (pit = rsrv->attrs; pit; pit=pit->next) { if(pit->name.len==4 && strncmp(pit->name.s, "unix", 4)==0) { @@ -80,6 +82,9 @@ int redisc_init(void) } else if(pit->name.len==2 && strncmp(pit->name.s, "db", 2)==0) { if(str2int(&pit->body, &db) < 0) db = 0; + } else if(pit->name.len==4 && strncmp(pit->name.s, "pass", 4)==0) { + pass = pit->body.s; + pass[pit->body.len] = '\0'; } } @@ -94,6 +99,8 @@ int redisc_init(void) goto err; if (rsrv->ctxRedis->err) goto err2; + if ((pass != NULL) && redisc_check_auth(rsrv, pass)) + goto err2; if (redisCommandNR(rsrv->ctxRedis, "PING")) goto err2; if (redisCommandNR(rsrv->ctxRedis, "SELECT %i", db)) @@ -515,3 +522,17 @@ int redisc_free_reply(str *name) /* reply entry not found. */ return -1; } + +int redisc_check_auth(redisc_server_t *rsrv, char *pass) +{ + redisReply *reply; + int retval = 0; + + reply = redisCommand(rsrv->ctxRedis, "AUTH %s", pass); + if (reply->type == REDIS_REPLY_ERROR) { + LM_ERR("Redis authentication error\n"); + retval = -1; + } + freeReplyObject(reply); + return retval; +} diff --git a/modules/ndb_redis/redis_client.h b/modules/ndb_redis/redis_client.h index 73a3f1dc894..a86acaff215 100644 --- a/modules/ndb_redis/redis_client.h +++ b/modules/ndb_redis/redis_client.h @@ -67,4 +67,5 @@ int redisc_exec(str *srv, str *res, str *cmd, ...); void* redisc_exec_argv(redisc_server_t *rsrv, int argc, const char **argv, const size_t *argvlen); redisc_reply_t *redisc_get_reply(str *name); int redisc_free_reply(str *name); +int redisc_check_auth(redisc_server_t *rsrv, char *pass); #endif