Merge branch 'master' into add_groups

yandex · Mar 12, 2024 · 597dad5 · 597dad5
2 parents 79f6dc0 + ddbbb69
commit 597dad5
Show file tree

Hide file tree

Showing 45 changed files with 1,276 additions and 570 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -69,6 +69,7 @@ COPY --from=base /prep_stmts/pkg/pstmts-test /pstmts-test
 COPY --from=base /config-validation/pkg/config-validation /config-validation
 COPY ./docker/scram /scram
 COPY ./docker/hba /hba
+COPY ./docker/rule-address /rule-address
 COPY ./docker/auth_query /auth_query
 COPY ./docker/ldap /ldap
 COPY ./docker/lagpolling /lagpolling

diff --git a/docker/auth_query/test_auth_query.sh b/docker/auth_query/test_auth_query.sh
@@ -28,5 +28,4 @@ PGPASSWORD=passwd psql -h localhost -p 6432 -U auth_query_user_md5 -c "SELECT 1"
 	exit 1
 }
 
-
 ody-stop
diff --git a/docker/bin/setup b/docker/bin/setup
@@ -49,7 +49,7 @@ sudo -u postgres /usr/bin/pg_basebackup -D /var/lib/postgresql/14/repl -R -h loc
 sudo -u postgres /usr/lib/postgresql/14/bin/pg_ctl -D /var/lib/postgresql/14/repl/ -o '-p 5433' start
 
 # Create databases
-for database_name in db scram_db ldap_db auth_query_db db1 hba_db tsa_db group_db; do
+for database_name in db scram_db ldap_db auth_query_db db1 hba_db tsa_db group_db addr_db; do
     sudo -u postgres createdb $database_name >> "$SETUP_LOG" 2>&1 || {
         echo "ERROR: 'createdb $database_name' failed, examine the log"
         cat "$SETUP_LOG"
@@ -135,6 +135,14 @@ psql -h localhost -p 5432 -U postgres  -c "create user user_allow password 'corr
   exit 1
 }
 
+# Create users
+psql -h localhost -p 5432 -U postgres  -c "create user user_addr_correct password 'correct_password'; create user user_addr_incorrect password 'correct_password'; create user user_addr_default password 'correct_password'; create user user_addr_empty password 'correct_password'; create user user_addr_hostname_localhost password 'correct_password';" >> $SETUP_LOG 2>&1 || {
+  echo "ERROR: users creation failed, examine the log"
+  cat "$SETUP_LOG"
+  cat "$PG_LOG"
+  exit 1
+}
+
 for i in `seq 0 9`
 do
 	# Create tables

diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
@@ -6,8 +6,11 @@ cd /test_dir/test && /usr/bin/odyssey_test
 
 setup
 
-# group
+# group tests
 /group/test_group.sh
+
+# odyssey rule-address test
+/rule-address/test.sh
 if [ $? -eq 1 ]
 then
 	exit 1
@@ -81,4 +84,4 @@ ody-start
 /ody-integration-test
 ody-stop
 
-teardown
+teardown
diff --git a/docker/prep_stmts/.gitignore b/docker/prep_stmts/.gitignore
@@ -0,0 +1,2 @@
+pstst
+psmst
diff --git a/docker/prep_stmts/pstmts.conf b/docker/prep_stmts/pstmts.conf
@@ -60,7 +60,7 @@ database "db1" {
 		pool_timeout 0
 		pool_ttl 60
 		pool_discard no
-		pool_smart_discard yes
+		pool_smart_discard no
 		pool_cancel yes
 		pool_rollback yes
 		pool_reserve_prepared_statement yes

diff --git a/docker/prep_stmts/pstst b/docker/prep_stmts/pstst
diff --git a/docker/rule-address/addr.conf b/docker/rule-address/addr.conf
@@ -0,0 +1,64 @@
+listen {
+	host "*"
+	port 6432
+}
+
+storage "postgres_server" {
+            type "remote"
+            host "127.0.0.1"
+            port 5432
+}
+
+database "addr_db" {
+    user "user_addr_correct" "127.0.0.0/24" {
+            authentication "clear_text"
+            password "correct_password"
+            storage "postgres_server"
+            pool "session"
+    }
+
+    user "user_addr_incorrect" "255.0.0.0/24" {
+            authentication "clear_text"
+            password "correct_password"
+            storage "postgres_server"
+            pool "session"
+    }
+
+    user "user_addr_default" default {
+            authentication "clear_text"
+            password "correct_password"
+            storage "postgres_server"
+            pool "session"
+    }
+
+    user "user_addr_empty" {
+            authentication "clear_text"
+            password "correct_password"
+            storage "postgres_server"
+            pool "session"
+    }
+
+    user "user_addr_hostname_localhost" "localhost" {
+            authentication "clear_text"
+            password "correct_password"
+            storage "postgres_server"
+            pool "session"
+    }
+}
+
+daemonize yes
+pid_file "/var/run/odyssey.pid"
+
+unix_socket_dir "/tmp"
+unix_socket_mode "0644"
+
+locks_dir "/tmp"
+
+log_format "%p %t %l [%i %s] (%c) %m\n"
+log_file "/var/log/odyssey.log"
+log_to_stdout no
+log_config yes
+log_debug yes
+log_session yes
+log_stats no
+log_query yes
diff --git a/docker/rule-address/test.sh b/docker/rule-address/test.sh
@@ -0,0 +1,79 @@
+#!/bin/bash -x
+
+set -ex
+
+/usr/bin/odyssey /rule-address/addr.conf
+
+PGPASSWORD=correct_password psql -h localhost -p 6432 -U user_addr_correct -c "SELECT 1" addr_db > /dev/null 2>&1 || {
+  echo "ERROR: failed auth with correct addr, correct password and plain password in config"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=incorrect_password psql -h localhost -p 6432 -U user_addr_correct -c "SELECT 1" addr_db > /dev/null 2>&1 && {
+  echo "ERROR: successfully auth with correct addr, but incorrect password"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=correct_password psql -h localhost -p 6432 -U user_addr_incorrect -c "SELECT 1" addr_db > /dev/null 2>&1 && {
+  echo "ERROR: successfully auth with incorrect addr"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=correct_password psql -h localhost -p 6432 -U user_addr_default -c "SELECT 1" addr_db > /dev/null 2>&1 || {
+  echo "ERROR: failed auth with correct addr, correct password and plain password in config"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=incorrect_password psql -h localhost -p 6432 -U user_addr_default -c "SELECT 1" addr_db > /dev/null 2>&1 && {
+  echo "ERROR: successfully auth with correct addr, but incorrect password"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=correct_password psql -h localhost -p 6432 -U user_addr_empty -c "SELECT 1" addr_db > /dev/null 2>&1 || {
+  echo "ERROR: failed auth with correct addr, correct password and plain password in config"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=incorrect_password psql -h localhost -p 6432 -U user_addr_empty -c "SELECT 1" addr_db > /dev/null 2>&1 && {
+  echo "ERROR: successfully auth with correct addr, but incorrect password"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=correct_password psql -h localhost -p 6432 -U user_addr_hostname_localhost -c "SELECT 1" addr_db > /dev/null 2>&1 || {
+  echo "ERROR: failed auth with correct addr, correct password and plain password in config"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+PGPASSWORD=incorrect_password psql -h localhost -p 6432 -U user_addr_hostname_localhost -c "SELECT 1" addr_db > /dev/null 2>&1 && {
+  echo "ERROR: successfully auth with correct addr, but incorrect password"
+
+	cat /var/log/odyssey.log
+
+	exit 1
+}
+
+ody-stop
diff --git a/sources/CMakeLists.txt b/sources/CMakeLists.txt
@@ -24,6 +24,7 @@ set(od_src
     deploy.c
     reset.c
     frontend.c
+    backend_sync.c
     backend.c
     instance.c
     main.c
@@ -47,6 +48,7 @@ set(od_src
     storage.c
     murmurhash.c
     hashmap.c
+    address.c
     hba.c
     hba_reader.c
     hba_rule.c
Original file line number	Diff line number	Diff line change
Expand Up		@@ -28,5 +28,4 @@ PGPASSWORD=passwd psql -h localhost -p 6432 -U auth_query_user_md5 -c "SELECT 1"
		exit 1
		}


		ody-stop