Improve handling of backend failure #120
Conversation
|
@PierreF As I mentioned in the other PR, I'll review next week and get back to you. Cheers! |
* No longer cache response from backend when the backend fail. * Reply to Mosquitto using "MOSQ_ERR_UNKNOWN" which will disconnect client and avoid silent data loss when the error occure for ACL checks.
PierreF
force-pushed
the
backend-error
branch
from
012ed11 to
dc1edd8
Compare
|
Hi, is there something I can do to help this PR to get merged ? |
|
@PierreF Sorry for taking so long, I've been prioritizing other things lately. As I mentioned in the README, I expect to get back to reviewing and working a bit on the plugin during this month and the next one. |
|
@PierreF Hey again! I took care of a couple of bugs today and tried to get back to my JWT refactor, but in a very short span of time couldn't figure out exactly what I was doing a couple of months ago (yup, stupid me), just got to fix a couple of bugs in that branch and call it a day. I'm mentioning this because it is a major refactor in the JWT backend that could affect your PRs, so heads-up I guess. Besides the anecdote, I'm really struggling to maintain the plugin lately and your PRs show both knowledge and will. I'm going on vacation in about a week, which may mean I finally get to review everything, or it may mean I don't have a proper connection and, once again, won't respond for a couple of weeks. If it were the case I don't do anything for 3 weeks (and that's putting aside the month and a half of absence that already happened), is that critical to you? I gotta be honest: maintaining something that I haven't used for a really long time, is a burden. I've been busy with other things, and I'd be happy if you wanted to take over... or, if you want to, give a major help with the project. The JWT refactor is the only major thing I want to merge before being comfortable with the state of the plugin (with all its quirks and shit that need redoing, or, at the very least, rethinking) and being happy to give all the power to a peer to carry on. Just shoot your thoughts and I'll gladly read them. Cheers! |
|
Thanks for keeping us informed. At my company we need a Mosquitto authentication plugin. Since https://github.com/jpmens/mosquitto-auth-plug is archived (and I prefer writing Go than C :)), I'm willing to help maintaining this project. So to be clear, I'm open to both major help/being co-maintainer or taking alone the project. Just tell me what you prefer and what are the next step. |
|
Thanks, @PierreF! I'll keep you posted. |
|
I'm fixing conflict generated by last merge. Should be pushed in the hour. |
|
Conflict fixed. There is still one unrelated change in jwt_test.go: for test "But disabling superusers by removing superuri should now return false", the settings changed was "jwt_superquery" but I think the correct value is "jwt_pg_superquery" or "jwt_mysql_superquery". |
|
You're absolutely right, missed that when changing general queries to DB specific ones. Nice catch! |
| } | ||
|
|
||
| if o.hasher.Compare(password, fileUser.Password) { | ||
| return true | ||
| return true, nil | ||
| } | ||
|
|
||
| log.Warnf("wrong password for user %s", username) |
There was a problem hiding this comment.
This is on me, but we should really get rid of these warns that leak the username was correct.
There was a problem hiding this comment.
I'm going to push another PR with those fix (or did you started any works on this ?) to avoid unrelated change in this (already big) PR.
There was a problem hiding this comment.
No problem, I'll open one later today.
|
|
||
| var pwHash sql.NullString | ||
| err := o.DB.Get(&pwHash, o.UserQuery, username) | ||
|
|
||
| if err != nil { | ||
| log.Debugf("MySql get user error: %s", err) | ||
| return false | ||
| return false, err | ||
| } | ||
|
|
||
| if !pwHash.Valid { | ||
| log.Debugf("MySql get user error: user %s not found", username) |
There was a problem hiding this comment.
Again, not on you, but this leaks. OTOH, this one is only in debug level, so maybe not that bad.
| } | ||
|
|
||
| var count sql.NullInt64 | ||
| err := o.DB.Get(&count, o.SuperuserQuery, username) | ||
|
|
||
| if err != nil { | ||
| log.Debugf("MySql get superuser error: %s", err) | ||
| return false | ||
| return false, err | ||
| } | ||
|
|
||
| if !count.Valid { | ||
| log.Debugf("MySql get superuser error: user %s not found", username) |
There was a problem hiding this comment.
Same story, I'll have to go through all these cases.
|
|
||
| var pwHash sql.NullString | ||
| err := o.DB.Get(&pwHash, o.UserQuery, username) | ||
|
|
||
| if err != nil { | ||
| log.Debugf("SQlite get user error: %s", err) | ||
| return false | ||
| return false, err | ||
| } | ||
|
|
||
| if !pwHash.Valid { | ||
| log.Debugf("SQlite get user error: user %s not found.", username) |
Didn't you looked at a partial diff ? There are change to grpc.go file (and grpc_test.go). |
Oops, sorry, I don't know how but I totally missed them. |
Apply suggestions from code review Co-authored-by: Ignacio Gómez <[email protected]>
Co-authored-by: Ignacio Gómez <[email protected]>
|
@PierreF feel free to merge when you're ready and I'll go on to review the other PRs. |
This is more or less the port of jpmens/mosquitto-auth-plug#296 and jpmens/mosquitto-auth-plug#111
The issue this PR fix is is that when the HTTP (or MySQL) backend is down, ACL check return MOSQ_DENY_ACL. Which means that : 1) the message is rejected without notification for the sender 2) that rejection is cached.
This change few behavior:
Note on the PR changes:
jwt.GetSuperuser(username)(on line 198 and 360 on this PR), but I thinkjwt.GetSuperuser(token)is correctjwt.SuperuserUri = "", while I thinkjwt.SuperuserQuery = ""is correct.