gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-15 10:40:41 -07:00
Code Issues Packages Projects Releases Wiki Activity
4,880 Commits 30 Branches 48 Tags
5dfdac28ef2f9d1b0ac02da8b2a7b967e3de0a43
Commit Graph

3168 Commits

Author SHA1 Message Date
Derek Collison
5dfdac28ef Merge pull request #2470 from nats-io/fix_2469 
[FIXED] #2469
 2021-08-25 13:04:38 -07:00
Derek Collison
5523a337d3 Fix for test 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-25 11:45:07 -07:00
Derek Collison
da577e2065 Added ability for leaafnodes to allow broader subscriptions to pass through and not cause disconnects. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-25 11:00:01 -07:00
Derek Collison
6294c0b0c7 Fixes for reversing perms on the hub side of a leafnode. 
Note since the hub will disconnect currently on a subscription from a soliciting leaf, we still do strict checks there.
We always properly check if data can flow, so we could remove the sub checks all together.

I did look into ways of returning a scoped subject for explicit allow subscriptions when presented with a wildcard, however this would have meant resolving multiple items.
E.g. allow ['foo', 'bar', 'foo.bar']
 With a sub of '*' that would have to expand to ['foo', 'bar']
 With a sub of '>' that would have to expand to ['foo', 'bar', "foo.bar']
 With a sub of 'foo.*' that would have to expand to ['foo.bar']

I may sleep on this and revisit if I think I can get it to work properly.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-24 20:30:34 -07:00
Matthias Hanel
2e40bdd5bc [fixed] error print on re adding existing system import 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-24 14:29:44 -04:00
Derek Collison
752fd295a5 Consumer num pending fixes for multiple matches and merging. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-24 07:52:29 -07:00
Matthias Hanel
9f3dfc0ba1 Merge pull request #2461 from nats-io/resolver-pinned-accounts 
[added] operator option to ensure user are signed by certain accounts
 2021-08-23 21:26:48 -04:00
Matthias Hanel
7f1833ab1a Adding counter for number of failed logons due to pinned accounts 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-23 18:56:56 -04:00
Derek Collison
3a20582ad5 Add in optional compression schemes for Accept-Encoding on server api requests. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-23 13:06:18 -07:00
Ivan Kozlovic
1308c73273 [CHANGED] ConsumerInfo's SequencePair replaced with SequenceInfo 
This change was made in a previous PR wit this commit:
9405b77e46

After some discussions, we agreed that the original approach
is best, so using a dedicated object SequenceInfo for ConsumerInfo.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2021-08-23 12:28:23 -06:00
Matthias Hanel
0447f1c64f [added] operator option to ensure user are signed by certain accounts 
option name: resolver_pinned_accounts
Contains a list of public account nkeys.
Connecting user of leaf nodes need to be signed by this.
The system account will always be able to connect.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-23 13:45:11 -04:00
Derek Collison
70d28bd221 Use append in case pubAck is larger than stack []byte 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-20 15:53:37 -07:00
Derek Collison
12c912d7f4 Only compact when msg is not first. 
Make sure compact works with snapshots.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-20 06:47:53 -07:00
Derek Collison
ea040b77ef Updates based on feedback 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-19 19:04:36 -07:00
Derek Collison
d349edeeb6 When a JetStream stream was used as a KV, there could be times where we have lots of file storage unused. 
This change introduces utilization, better interior block deletes, and individual block compaction when we are below 50% utilization of the block.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-19 18:24:41 -07:00
Ivan Kozlovic
038be717e1 [FIXED] LeafNode: wrong permission check prevented message flow 
Resolves #2454

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2021-08-19 14:25:08 -06:00
David Laban
1d5cc21c3c make error actionable when adding operator+leafnodes 
There are many examples in the documentation for one half of this configuration or the other,
but none which configure a leafnode remote on an operator-authenticated cluster.

The error "operator mode requires account nkeys in remotes." is not very clear or actionable.
 2021-08-18 18:07:53 +01:00
Derek Collison
a5afa86790 Merge pull request #2453 from nats-io/encrypt-checks 
Add in additional checks for failures during filestore encryption.
 2021-08-17 14:55:41 -07:00
Derek Collison
539cbb0f20 Bumped beta version 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 14:32:43 -07:00
Derek Collison
a7cf0ad985 Add in additional checks for failures during filestore encryption. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 14:08:50 -07:00
Derek Collison
6871d1240b When we expired all messages on a restart we did not properly setup lmb. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 13:45:50 -07:00
Derek Collison
02c702f7af Added test for system account update as well 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 11:09:13 -07:00
Derek Collison
84ff537e66 Make sure jwt claim update does not wipe system imports 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-17 10:03:30 -07:00
Matthias Hanel
2ec87a56ba fixed unit tests where SequencePair comparisons fail due to time last_active 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-16 21:05:12 -04:00
Derek Collison
3f099f6719 Add in warn for error on catchup 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-16 08:03:53 -07:00
Ivan Kozlovic
23e30b0b98 Merge pull request #2442 from nats-io/fix_ln_wss 
[FIXED] LeafNode with "wss://.." url was not always initiating TLS
 2021-08-16 08:37:20 -06:00
Ivan Kozlovic
d7a124baaf [FIXED] LeafNode with "wss://.." url was not always initiating TLS 
If the remote did not have any TLS configuration, the URL scheme
"wss://" was not used as the indicating that the connection should
be attempted as a TLS connection, causing "invalid websocket connection"
in the server attempting to create the remote leafnode connection.

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>
 2021-08-15 12:39:10 -06:00
Derek Collison
969c563822 Fix for flapper 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-15 11:31:55 -07:00
Derek Collison
75ae7c6032 When an account asked for connz should be client and leaf connections only by default. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-15 11:04:23 -07:00
Derek Collison
f07a86c6db Merge branch 'main' into acc-connz 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 18:13:43 -07:00
Derek Collison
944dd248c4 Fix for tests 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 17:39:51 -07:00
Derek Collison
cdb5a56329 Fix for flapping test 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 15:26:27 -07:00
Derek Collison
b095870c2a Fixed a leak of internal clients for JetStream consumers. 
We were not properly unregistering from the account on cleanup.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 15:09:42 -07:00
Derek Collison
b6c0412d2a More fixes for some flapping tests 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 13:35:04 -07:00
Derek Collison
14572b080b Fixed and moved large purge test to no race 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 13:07:46 -07:00
Derek Collison
9d7123213a Keep SequencePair vs SequenceInfo 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 12:01:29 -07:00
Derek Collison
c90dc48ba9 Fix for flapper 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 11:44:17 -07:00
Derek Collison
9405b77e46 Added in last active reporting for consumers for delivered and ack floor. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 11:36:27 -07:00
Derek Collison
969cf60def Add in push bound status for consumer info. 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-14 08:35:40 -07:00
Derek Collison
c4a78d91b7 Remove PushActive 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-13 15:11:31 -07:00
Derek Collison
5ec5020a8b Add in DeliverGroup to consumer as optional queue group. 
Changed sublist register for notifications to be queue bound.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-13 15:07:56 -07:00
Derek Collison
9f50b66ad7 Break once we see interest 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-13 10:41:26 -07:00
Derek Collison
10167b1bcf Added in ability for normal accounts to access scoped connz info. 
Added in client kind and sub type for clients.
Added in ability to filter connections based on matching subject interest.

Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-13 10:19:12 -07:00
Matthias Hanel
1d9a891477 Merge pull request #2430 from nats-io/issuer-2415 
[fixed] issue where js overwrote leafnode remotes permissions from creds
 2021-08-12 15:12:37 -04:00
Derek Collison
d252f0f700 Make sure PushActive is nil for pull consumers 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-12 10:15:55 -07:00
Matthias Hanel
d39822e1d0 added check assuring subscription made it to other end of leaf connection 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-12 12:57:50 -04:00
Matthias Hanel
db9fd45be2 [fixed] issue where js overwrote leafnode remotes permissions from creds 
Fixes #2415. We did a set instead of merge.
changes in `jwt_test.go` are to make the `createUserWithLimit` usable by my new test.

Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-12 12:57:50 -04:00
Matthias Hanel
d6de19c649 Made test more predictable by waiting for leader after leader shutdown 
Signed-off-by: Matthias Hanel <mh@synadia.com>
 2021-08-12 12:34:15 -04:00
Derek Collison
98f7d63b84 Fix for data race and corruption 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-12 06:14:19 -07:00
Derek Collison
c9875e09a0 Fix for a flapper 
Signed-off-by: Derek Collison <derek@nats.io>
 2021-08-12 06:13:47 -07:00