gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-14 18:20:42 -07:00
Code Issues Packages Projects Releases Wiki Activity
2,163 Commits 30 Branches 48 Tags
34ff5aade6e409488d600205b04dfacd0da2ff2c
Commit Graph

1199 Commits

Author SHA1 Message Date
Derek Collison
8bfe14bbfd check response perms more often, make sure we limit memory growth 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-25 16:53:54 -07:00
Derek Collison
495a1a7ec3 Allow dynamic publish permissions based on reply subjects of received msgs 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-25 13:17:26 -07:00
Derek Collison
df29be11ed Changes based on PR comments 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-22 18:37:40 -07:00
Derek Collison
1d6c58074f Fix for #1065 (leaked subscribers from dq subs across routes) 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-22 17:17:43 -07:00
Alberto Ricart
273e5af0a8 Fixed an issue where the leaf authentication was not checking for account/signers, so user JWTs signed by a signer failed authentication. 2019-07-17 16:03:55 -04:00
Ivan Kozlovic
b61744aa17 Release 2.0.2 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-07-15 09:49:00 -06:00
Andy Xie
2f99b144aa add ut for tracemsg 2019-07-15 14:02:02 +08:00
Derek Collison
7a3fb4ebe0 Merge pull request #1057 from andyxning/allow_limits_to_traced_message 
allow limit to traced message
 2019-07-14 21:34:31 -07:00
Andy Xie
cd214fca89 allow limit to traced message 2019-07-15 11:39:00 +08:00
Derek Collison
8262082289 If we read data and have an error, still process and parse data. 
This is helpful for clients who send data and close the connection.
Also helpful to process errors like auth for solicited leafnodes.

Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-13 05:19:35 -07:00
Ivan Kozlovic
0873b46f67 [FIXED] LeafNode urls may be missing in INFO sent to LN connections 
When a cluster of servers are having routes to each other, there
is a chance that the list of leafnode URLs maintained on each
server is not complete. This would result in LN servers connecting
to this cluster to not get the full list of possible URLs the
server could reconnect to.

Also fixed a DATA RACE that appeared when running the updated
TestLeafNodeInfoURLs test. Fixed the race and added specific
test that easily demonstrated the race: TestLeafNodeNoRaceGeneratingNonce

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-07-12 19:15:30 -06:00
Ivan Kozlovic
0a72993d80 Add warning for TLS insecure setting on LeafNodes 
Also fix for #1071 in that we need to check remote gateways TLS
config even if main gateway section is not configured with TLS.

Related to #1071

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-07-12 17:22:57 -06:00
Derek Collison
7766f27616 Bump version to RC2 [ci skip] 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-12 14:29:07 -07:00
Derek Collison
18a2c357e4 Merge pull request #1072 from nats-io/handshake 
Report authorization error and use TLS hostname for IPs on leafnodes.
 2019-07-12 14:11:53 -07:00
Derek Collison
a795920dc3 Report authorization error and use TLS hostname for IPs on leafnodes. 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-12 13:57:16 -07:00
Ivan Kozlovic
9e09486e26 Use all caps for the production message 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-07-12 13:44:01 -06:00
Ivan Kozlovic
37d08a6c56 [FIXED] Allow TLS InsecureSkipVerify again 
This has an effect only on connections created by the server,
so routes and gateways (explicit and implicit).
Make sure that an explicit warning is printed if the insecure
property is set, but otherwise allow it.

Resolves #1062

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-07-12 12:10:28 -06:00
Derek Collison
b3f6997bc0 Make sure to flush 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-11 17:37:07 -07:00
Derek Collison
d027ff7efd Add leafnode usage test 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-11 17:30:01 -07:00
Derek Collison
b868e91c5e Merge pull request #1064 from andyxning/check_for_monitor_server_start_error 
check for monitor server start error
 2019-07-10 21:00:23 -07:00
Andy Xie
c9221fd187 check for monitor server start error 2019-07-11 11:44:06 +08:00
Derek Collison
951ae49100 Prevent multiple solicited leafnodes from forming cycles. 
When a solicited leafnode comes from multiple servers that themselves are a cluster, cycles were formed.
This change allows solicited leafnodes to behave similar to gateways in that each server of a cluster
is expected to have a solicted leafnode per destination account and cluster.

We no longer forward subscription interest or messages to a cluster from a server that has a solicited leafnode.

Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-10 20:16:47 -07:00
Derek Collison
10d4f1ab7a Convert leafnode solicited remotes to array 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-10 11:53:34 -07:00
antmanler
24ab33b879 Add a simple test for Sublist.All 2019-07-10 22:32:15 +08:00
antmanler
ca773bf07b Make sure Sublist.All collect all subscriptions 2019-07-10 21:41:44 +08:00
Derek Collison
074c87d49e Merge pull request #1060 from nats-io/gr 
Make sure we route  responses across leafnodes
 2019-07-08 17:07:57 -07:00
Derek Collison
49707317a1 Make sure we route responses across leafnodes 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-08 16:20:40 -07:00
Derek Collison
f76a6b9a5c When a bound account's maxpayload is not the same make sure we send it to clients that can do async INFO. 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-08 15:20:23 -07:00
Derek Collison
d7e5554630 Grab opts under correct lock, make cache decision more explicit 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-02 09:31:54 -07:00
Derek Collison
8168aa1f81 Allow sublist cache do be disabled globally 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-02 07:34:02 -07:00
Derek Collison
3c3e97f729 Fold under cache conditional 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-02 06:06:53 -07:00
Derek Collison
acc1031705 Protect stats when no cache is present 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-02 05:47:39 -07:00
Ivan Kozlovic
156511bba7 [FIXED] Check of maxpayload could be bypassed if size overruns int32 
One could craft a PUB protocol to cause server to panic. This can
happen if the size in the PUB protocol overruns an int32.

(note that if authorization is enabled, the user would need to
authenticate first, limiting the impact).

Thank you to Aviv Sasson and Ariel Zelivansky from Twistlock
for the security report!

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-07-01 15:06:08 -06:00
Derek Collison
e83e0a7f5c Merge pull request #1048 from nats-io/ping 
Stager first ping from server and suppress pings if a ping was received.
 2019-07-01 12:06:32 -07:00
Derek Collison
a6cef5b584 spaces fix 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-01 12:03:45 -07:00
Derek Collison
e11a959584 Send ping when RTT update needed 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-01 11:58:06 -07:00
Derek Collison
ce22bc87a4 Make ReadOperatorJWT public for embedded use case. Fixes #1050 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-01 11:14:21 -07:00
Derek Collison
5a89c14eb9 Change to JoinHostPort 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-01 09:37:03 -07:00
Derek Collison
8a3db71ad5 Updates from comments 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-07-01 08:47:13 -07:00
Derek Collison
0f20592fb3 Made leafnode connect a Debugf to be consistent, added first connect Noticef. 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-06-29 19:11:02 -07:00
Derek Collison
100d0d2b02 Use default port for leafnode remote if not specified 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-06-29 17:50:21 -07:00
Derek Collison
ebd4deb8b9 Stager first ping from server and suppress pings if a ping was received. 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-06-29 15:43:15 -07:00
Derek Collison
2db76bde33 version bump [ci skip] 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-06-24 17:17:13 -07:00
Derek Collison
5b42b99dc1 Allow operator to be inline JWT. Also preloads just warn on validation issues, do not stop starting or reloads. 
We issue validation warnings now to the log.

Signed-off-by: Derek Collison <derek@nats.io>
 2019-06-24 16:46:22 -07:00
Derek Collison
6f49f76efb Fix for #1043 [ci skip] 
Signed-off-by: Derek Collison <derek@nats.io>
 2019-06-21 08:58:18 -07:00
Waldemar Quevedo
8147adc1b0 Add support to extend leafnodes remote tls timeout 
Bump default TLS timeout for leafnode connections

Add checks for when cert_file or key_file are missing in TLS config

Signed-off-by: Waldemar Quevedo <wally@synadia.com>
 2019-06-14 08:04:44 -07:00
Derek Collison
d1a782e014 Messages not distributed evenly when sourced from leafnode. 
When messages came from a leafnode there were not being distributed evenly to the destination cluster.

Signed-off-by: Derek Collison <derek@nats.io>
 2019-06-11 20:37:49 -07:00
Ivan Kozlovic
4ce5217242 Prepare for release 2.0.0 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-06-04 22:15:23 -06:00
Ivan Kozlovic
6382ba8d77 Release v2.0.0-RC19 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-06-04 09:05:00 -06:00
Ivan Kozlovic
ed1901c792 Update go.mod to satisfy v2 requirements 
Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2019-06-03 19:45:47 -06:00