mirror of https://github.com/redis/redis.git
04589f90d7
# PR: Add Mechanism for Internal Commands and Connections in Redis This PR introduces a mechanism to handle **internal commands and connections** in Redis. It includes enhancements for command registration, internal authentication, and observability. ## Key Features 1. **Internal Command Flag**: - Introduced a new **module command registration flag**: `internal`. - Commands marked with `internal` can only be executed by **internal connections**, AOF loading flows, and master-replica connections. - For any other connection, these commands will appear as non-existent. 2. **Support for internal authentication added to `AUTH`**: - Used by depicting the special username `internal connection` with the right internal password, i.e.,: `AUTH "internal connection" <internal_secret>`. - No user-defined ACL username can have this name, since spaces are not aloud in the ACL parser. - Allows connections to authenticate as **internal connections**. - Authenticated internal connections can execute internal commands successfully. 4. **Module API for Internal Secret**: - Added the `RedisModule_GetInternalSecret()` API, that exposes the internal secret that should be used as the password for the new `AUTH "internal connection" <password>` command. - This API enables the modules to authenticate against other shards as local connections. ## Notes on Behavior - **ACL validation**: - Commands dispatched by internal connections bypass ACL validation, to give the caller full access regardless of the user with which it is connected. - **Command Visibility**: - Internal commands **do not appear** in `COMMAND <subcommand>` and `MONITOR` for non-internal connections. - Internal commands **are logged** in the slow log, latency report and commands' statistics to maintain observability. - **`RM_Call()` Updates**: - **Non-internal connections**: - Cannot execute internal commands when the command is sent with the `C` flag (otherwise can). - Internal connections bypass ACL validations (i.e., run as the unrestricted user). - **Internal commands' success**: - Internal commands succeed upon being sent from either an internal connection (i.e., authenticated via the new `AUTH "internal connection" <internal_secret>` API), an AOF loading process, or from a master via the replication link. Any other connections that attempt to execute an internal command fail with the `unknown command` error message raised. - **`CLIENT LIST` flags**: - Added the `I` flag, to indicate that the connection is internal. - **Lua Scripts**: - Prevented internal commands from being executed via Lua scripts. --------- Co-authored-by: Meir Shpilraien <meir@redis.com> |
||
|---|---|---|
| .. | ||
| aclcheck.tcl | ||
| async_rm_call.tcl | ||
| auth.tcl | ||
| basics.tcl | ||
| blockedclient.tcl | ||
| blockonbackground.tcl | ||
| blockonkeys.tcl | ||
| cluster.tcl | ||
| cmdintrospection.tcl | ||
| commandfilter.tcl | ||
| crash.tcl | ||
| datatype.tcl | ||
| datatype2.tcl | ||
| defrag.tcl | ||
| eventloop.tcl | ||
| fork.tcl | ||
| getchannels.tcl | ||
| getkeys.tcl | ||
| hash.tcl | ||
| hooks.tcl | ||
| infotest.tcl | ||
| infra.tcl | ||
| internalsecret.tcl | ||
| keyspace_events.tcl | ||
| keyspecs.tcl | ||
| list.tcl | ||
| mallocsize.tcl | ||
| misc.tcl | ||
| moduleauth.tcl | ||
| moduleconfigs.tcl | ||
| postnotifications.tcl | ||
| propagate.tcl | ||
| publish.tcl | ||
| rdbloadsave.tcl | ||
| reply.tcl | ||
| scan.tcl | ||
| stream.tcl | ||
| subcommands.tcl | ||
| test_lazyfree.tcl | ||
| testrdb.tcl | ||
| timer.tcl | ||
| usercall.tcl | ||
| zset.tcl | ||