gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-17 03:24:40 -07:00
Code Issues Packages Projects Releases Wiki Activity
4,892 Commits 30 Branches 48 Tags
56da097b38f825beab7f6b4bf699d7d2d5c18d46
Commit Graph

3180 Commits

Author SHA1 Message Date
Derek Collison
56da097b38 Merge pull request #2473 from nats-io/mixed-global 
Enable global account on non-js servers in mixed mode.
 2021-08-26 10:54:57 -07:00
Derek Collison
476c264560 If we are in a simple mixed-mode setup with just global account and system account and clustered, allow pass through. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-26 09:41:01 -07:00
Ivan Kozlovic
32646f8211 Merge pull request #2472 from miraculli/fix_2445 
[FIXED] build on OpenBSD-6.9
 2021-08-26 09:51:55 -06:00
mirac
f46c417419 with 'go fmt' applied 2021-08-26 16:52:43 +02:00
mirac
a025facbf1 remove not needed import 2021-08-26 08:31:10 +02:00
mirac
ab946adc0e quickfix for #2445 2021-08-26 08:09:55 +02:00
Matthias Hanel
41a253dabb fix daisy chained leaf node subject propagation issue. (#2468) 
fixes #2448 

initLeafNodeSmapAndSendSubs did not pick up enough local subscriptions.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-25 18:10:09 -04:00
Derek Collison
295280c676 Merge pull request #2471 from nats-io/s-js-inversion 
Fixed creating raft groups when we had a js->s lock pattern.
 2021-08-25 14:09:45 -07:00
Derek Collison
4b97f98d18 Merge pull request #2467 from nats-io/slow_encrypt 
Do not use crypto rand for nonce generation.
 2021-08-25 14:09:27 -07:00
Derek Collison
bbc4e43489 Fixed creating raft groups when we had a js->s lock pattern. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-25 13:44:30 -07:00
Derek Collison
ba4937f04e The slowdown was due to trying top expire messages without a proper index info. 
So now we read and encrypt index info in place as well.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-25 13:22:18 -07:00
Derek Collison
5dfdac28ef Merge pull request #2470 from nats-io/fix_2469 
[FIXED] #2469
 2021-08-25 13:04:38 -07:00
Derek Collison
5523a337d3 Fix for test 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-25 11:45:07 -07:00
Derek Collison
da577e2065 Added ability for leaafnodes to allow broader subscriptions to pass through and not cause disconnects. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-25 11:00:01 -07:00
Derek Collison
6294c0b0c7 Fixes for reversing perms on the hub side of a leafnode. 
Note since the hub will disconnect currently on a subscription from a soliciting leaf, we still do strict checks there.
We always properly check if data can flow, so we could remove the sub checks all together.

I did look into ways of returning a scoped subject for explicit allow subscriptions when presented with a wildcard, however this would have meant resolving multiple items.
E.g. allow ['foo', 'bar', 'foo.bar']
 With a sub of '*' that would have to expand to ['foo', 'bar']
 With a sub of '>' that would have to expand to ['foo', 'bar', "foo.bar']
 With a sub of 'foo.*' that would have to expand to ['foo.bar']

I may sleep on this and revisit if I think I can get it to work properly.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-24 20:30:34 -07:00
Derek Collison
4a6f1b4819 Do not use crypto rand for nonce generation. 
Crypto rand is not needed for nonce generation and could drain entropy.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-24 12:51:13 -07:00
Matthias Hanel
2e40bdd5bc [fixed] error print on re adding existing system import 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-24 14:29:44 -04:00
Derek Collison
752fd295a5 Consumer num pending fixes for multiple matches and merging. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-24 07:52:29 -07:00
Matthias Hanel
9f3dfc0ba1 Merge pull request #2461 from nats-io/resolver-pinned-accounts 
[added] operator option to ensure user are signed by certain accounts
 2021-08-23 21:26:48 -04:00
Matthias Hanel
7f1833ab1a Adding counter for number of failed logons due to pinned accounts 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-23 18:56:56 -04:00
Derek Collison
3a20582ad5 Add in optional compression schemes for Accept-Encoding on server api requests. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-23 13:06:18 -07:00
Ivan Kozlovic
1308c73273 [CHANGED] ConsumerInfo's SequencePair replaced with SequenceInfo 
This change was made in a previous PR wit this commit:
9405b77e46

After some discussions, we agreed that the original approach
is best, so using a dedicated object SequenceInfo for ConsumerInfo.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2021-08-23 12:28:23 -06:00
Matthias Hanel
0447f1c64f [added] operator option to ensure user are signed by certain accounts 
option name: resolver_pinned_accounts
Contains a list of public account nkeys.
Connecting user of leaf nodes need to be signed by this.
The system account will always be able to connect.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-23 13:45:11 -04:00
Derek Collison
70d28bd221 Use append in case pubAck is larger than stack []byte 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-20 15:53:37 -07:00
Derek Collison
12c912d7f4 Only compact when msg is not first. 
Make sure compact works with snapshots.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-20 06:47:53 -07:00
Derek Collison
ea040b77ef Updates based on feedback 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-19 19:04:36 -07:00
Derek Collison
d349edeeb6 When a JetStream stream was used as a KV, there could be times where we have lots of file storage unused. 
This change introduces utilization, better interior block deletes, and individual block compaction when we are below 50% utilization of the block.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-19 18:24:41 -07:00
Ivan Kozlovic
038be717e1 [FIXED] LeafNode: wrong permission check prevented message flow 
Resolves #2454

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2021-08-19 14:25:08 -06:00
David Laban
1d5cc21c3c make error actionable when adding operator+leafnodes 
There are many examples in the documentation for one half of this configuration or the other,
but none which configure a leafnode remote on an operator-authenticated cluster.

The error "operator mode requires account nkeys in remotes." is not very clear or actionable.
 2021-08-18 18:07:53 +01:00
Derek Collison
a5afa86790 Merge pull request #2453 from nats-io/encrypt-checks 
Add in additional checks for failures during filestore encryption.
 2021-08-17 14:55:41 -07:00
Derek Collison
539cbb0f20 Bumped beta version 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 14:32:43 -07:00
Derek Collison
a7cf0ad985 Add in additional checks for failures during filestore encryption. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 14:08:50 -07:00
Derek Collison
6871d1240b When we expired all messages on a restart we did not properly setup lmb. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 13:45:50 -07:00
Derek Collison
02c702f7af Added test for system account update as well 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 11:09:13 -07:00
Derek Collison
84ff537e66 Make sure jwt claim update does not wipe system imports 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 10:03:30 -07:00
Matthias Hanel
2ec87a56ba fixed unit tests where SequencePair comparisons fail due to time last_active 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-16 21:05:12 -04:00
Derek Collison
3f099f6719 Add in warn for error on catchup 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-16 08:03:53 -07:00
Ivan Kozlovic
23e30b0b98 Merge pull request #2442 from nats-io/fix_ln_wss 
[FIXED] LeafNode with "wss://.." url was not always initiating TLS
 2021-08-16 08:37:20 -06:00
Ivan Kozlovic
d7a124baaf [FIXED] LeafNode with "wss://.." url was not always initiating TLS 
If the remote did not have any TLS configuration, the URL scheme
"wss://" was not used as the indicating that the connection should
be attempted as a TLS connection, causing "invalid websocket connection"
in the server attempting to create the remote leafnode connection.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2021-08-15 12:39:10 -06:00
Derek Collison
969c563822 Fix for flapper 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-15 11:31:55 -07:00
Derek Collison
75ae7c6032 When an account asked for connz should be client and leaf connections only by default. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-15 11:04:23 -07:00
Derek Collison
f07a86c6db Merge branch 'main' into acc-connz 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 18:13:43 -07:00
Derek Collison
944dd248c4 Fix for tests 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 17:39:51 -07:00
Derek Collison
cdb5a56329 Fix for flapping test 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 15:26:27 -07:00
Derek Collison
b095870c2a Fixed a leak of internal clients for JetStream consumers. 
We were not properly unregistering from the account on cleanup.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 15:09:42 -07:00
Derek Collison
b6c0412d2a More fixes for some flapping tests 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 13:35:04 -07:00
Derek Collison
14572b080b Fixed and moved large purge test to no race 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 13:07:46 -07:00
Derek Collison
9d7123213a Keep SequencePair vs SequenceInfo 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 12:01:29 -07:00
Derek Collison
c90dc48ba9 Fix for flapper 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 11:44:17 -07:00
Derek Collison
9405b77e46 Added in last active reporting for consumers for delivered and ack floor. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 11:36:27 -07:00