diff --git a/src/acl.c b/src/acl.c index 105bcfc9..43517300 100644 --- a/src/acl.c +++ b/src/acl.c @@ -937,11 +937,18 @@ int ACLAppendUserForLoading(sds *argv, int argc) { /* Try to apply the user rules in a fake user to see if they * are actually valid. */ - user fu = {0}; - user *fakeuser = &fu; + char *funame = "__fakeuser__"; + user *fakeuser = ACLCreateUser(funame,strlen(funame)); + serverAssert(fakeuser != NULL); + int retval = raxRemove(Users,(unsigned char*) funame,strlen(funame),NULL); + serverAssert(retval != 0); + for (int j = 2; j < argc; j++) { if (ACLSetUser(fakeuser,argv[j],sdslen(argv[j])) == C_ERR) { - if (errno != ENOENT) return C_ERR; + if (errno != ENOENT) { + ACLFreeUser(fakeuser); + return C_ERR; + } } } @@ -950,6 +957,7 @@ int ACLAppendUserForLoading(sds *argv, int argc) { for (int j = 1; j < argc; j++) copy[j-1] = sdsdup(argv[j]); copy[argc-1] = NULL; listAddNodeTail(UsersToLoad,copy); + ACLFreeUser(fakeuser); return C_OK; } diff --git a/src/config.c b/src/config.c index 91bbdee7..b2600d2e 100644 --- a/src/config.c +++ b/src/config.c @@ -791,6 +791,11 @@ void loadServerConfigFromString(char *config) { "Allowed values: 'upstart', 'systemd', 'auto', or 'no'"; goto loaderr; } + } else if (!strcasecmp(argv[0],"user") && argc >= 2) { + if (ACLAppendUserForLoading(argv,argc) == C_ERR) { + err = "Syntax error in user declaration"; + goto loaderr; + } } else if (!strcasecmp(argv[0],"loadmodule") && argc >= 2) { queueLoadModule(argv[1],&argv[2],argc-2); } else if (!strcasecmp(argv[0],"sentinel")) { diff --git a/src/server.h b/src/server.h index 13d29308..3f23cee2 100644 --- a/src/server.h +++ b/src/server.h @@ -1738,6 +1738,7 @@ int ACLCheckCommandPerm(client *c); int ACLSetUser(user *u, const char *op, ssize_t oplen); sds ACLDefaultUserFirstPassword(void); uint64_t ACLGetCommandCategoryFlagByName(const char *name); +int ACLAppendUserForLoading(sds *argv, int argc); /* Sorted sets data type */