feature:支持redis连接时密码验证

program/include/cert_conf.h

@@ -58,8 +58,9 @@ struct _initer_addr_t{
     char maat_ip[16];      /*maat redis ip */
     int dbindex;           /*maat redis dbindex*/
 
-    uint16_t store_port;   /*store redis port */
-    char store_ip[16];     /*store redis ip*/
+    uint16_t local_redis_port;   /*store redis port */
+    char local_redis_ip[16];     /*store redis ip*/
+    char local_redis_passwd[128];
 
     uint16_t statsd_port;
     char statsd_server[16];

program/src/cert_conf.cpp

@@ -100,17 +100,21 @@ static int load_module_config(const char *config)
         goto finish;
     }
 
-    xret = MESA_load_profile_string_nodef(config, "CERTSTORE_REDIS", "ip", rte->addr_t.store_ip, 16);
+    xret = MESA_load_profile_string_nodef(config, "CERTSTORE_REDIS", "ip", rte->addr_t.local_redis_ip, 16);
     if (xret < 0){
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Certsotre redis ip invalid");
         goto finish;
     }
-
-    xret = MESA_load_profile_short_nodef(config, "CERTSTORE_REDIS", "port", (short *)&(rte->addr_t.store_port));
+    xret = MESA_load_profile_short_nodef(config, "CERTSTORE_REDIS", "port", (short *)&(rte->addr_t.local_redis_port));
     if (xret < 0){
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Certsotre redis port invalid");
         goto finish;
     }
+	xret = MESA_load_profile_string_nodef(config, "CERTSTORE_REDIS", "password", rte->addr_t.local_redis_passwd, 128);
+    if (xret < 0){
+        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Certsotre redis passwd invalid");
+        goto finish;
+    }
 
 	xret = MESA_load_profile_string_nodef(config, "stat", "statsd_server", rte->addr_t.statsd_server, 16);
     if (xret < 0){

program/src/cert_session.cpp

@@ -958,13 +958,23 @@ void request_destroy(struct tfe_http_request *request)
 	request = NULL;
 }
 
-static
-int redis_rsync_init(struct event_base *base, struct redisAsyncContext **cl_ctx)
+static void redis_conn_aunth_callback(redisAsyncContext *cl_ctx, void *r, void *privdata)
+{
+	redisReply *reply = (redisReply*)r;
+	if (reply->type == REDIS_REPLY_ERROR)
+	{
+		redisAsyncDisconnect(cl_ctx);
+		mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Redis async authentication failed ...");
+	}
+    return;
+}
+
+static int redis_rsync_init(struct event_base *base, struct redisAsyncContext **cl_ctx)
 {
     int xret = -1;
     struct config_bucket_t *redis = cfg_instanec();
 
-    *cl_ctx = redisAsyncConnect(redis->addr_t.store_ip, redis->addr_t.store_port);
+    *cl_ctx = redisAsyncConnect(redis->addr_t.local_redis_ip, redis->addr_t.local_redis_port);
 	if((*cl_ctx)->err )	{
         mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Redis Connect error : %s", (*cl_ctx)->errstr);
 		goto finish;
@@ -972,6 +982,7 @@ int redis_rsync_init(struct event_base *base, struct redisAsyncContext **cl_ctx)
 	redisLibeventAttach((*cl_ctx), base);
 	redisAsyncSetConnectCallback((*cl_ctx), connectCallback);
 	redisAsyncSetDisconnectCallback((*cl_ctx), disconnectCallback);
+	redisAsyncCommand(*cl_ctx, redis_conn_aunth_callback, NULL, "AUTH %s", redis->addr_t.local_redis_passwd);
 
     xret = 0;
 
@@ -1460,6 +1471,8 @@ void redis_get_callback(redisAsyncContext __attribute__((__unused__))*c, void *r
             xret = redis_clnt_pdu_send(request);
             break;
         default:
+			mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "%s", reply->str);
+			xret = redis_clnt_send(request, reply);
             break;
     }
     return;
@@ -1792,11 +1805,12 @@ finish:
 int redis_sync_init(struct redisContext **c)
 {
     int xret = -1;
+    redisReply *reply;
     struct config_bucket_t *redis = cfg_instanec();
 
     struct timeval timeout = { 1, 500000 }; // 1.5 seconds
 
-    *c = redisConnectWithTimeout(redis->addr_t.store_ip, redis->addr_t.store_port, timeout);
+    *c = redisConnectWithTimeout(redis->addr_t.local_redis_ip, redis->addr_t.local_redis_port, timeout);
     if (*c == NULL || (*c)->err) {
         if (*c) {
             mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Sync connection error: %s", (*c)->errstr);
@@ -1807,6 +1821,20 @@ int redis_sync_init(struct redisContext **c)
         }
         goto finish;
     }
+
+	reply= (redisReply *)redisCommand(*c, "AUTH %s", redis->addr_t.local_redis_passwd);
+	if (reply->type == REDIS_REPLY_ERROR)
+	{
+		redisFree(*c);
+		*c=NULL;
+		mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Redis authentication failed ...");
+	}
+	else
+	{
+		mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Redis authentication succeeded ...");
+	}
+	freeReplyObject(reply);
+
     xret = 0;
 finish:
     return xret;

program/src/cert_store.cpp

@@ -47,8 +47,8 @@ void cert_store_preview ()
     printf("\r\nBasic Configuration of CertStore \n");
 	printf("%30s:%45s\n", "Run Mode", (rte->mode == 1)?"async":"sync");
     printf("%30s:%45d\n", "The Threads", rte->thread_nu);
-    printf("%30s:%45s\n", "Store Redis Ip", rte->addr_t.store_ip);
-    printf("%30s:%45d\n", "Store Redis Port", rte->addr_t.store_port);
+    printf("%30s:%45s\n", "Store Redis Ip", rte->addr_t.local_redis_ip);
+    printf("%30s:%45d\n", "Store Redis Port", rte->addr_t.local_redis_port);
     printf("%30s:%45s\n", "Maat Redis Ip", rte->addr_t.maat_ip);
     printf("%30s:%45d\n", "Maat Redis Port", rte->addr_t.maat_port);
     printf("%30s:%45d\n", "Maat Redis index", rte->addr_t.dbindex);