gogrlx/nats-server
1
0
Fork 0
mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-14 18:20:42 -07:00
Code Issues Packages Projects Releases Wiki Activity
6,189 Commits 30 Branches 48 Tags
e6ae36cb7e9d8a008c39a24575df0464efee9006
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Matthias Hanel e6ae36cb7e Fix bad sys request for different account (#3382) 
When a request for a system service like $SYS.REQ.ACCOUNT.*.CONNZ
is imported/exported we ensured that the requesting account is identical
to the account referenced in the subject.

In #3250 this check was extended from CONNZ to all $SYS.REQ.ACCOUNT.*.*
requests.

In general this check interferes with monitoring accounts that need
to query all other accounts, not just itself.
There the use case is that account A sends a request with account B
in the subject. The check for equal accounts prevents this.

This change removes the check to support these use cases.

Instead of the check, the default export now uses exportAuth
tokenPos to ensure that the 4th token is the importer account id.
This guarantees that an explicit export (done by user) can only import
for the own account.

This change also ensures that an explicit export is not overwritten
by the system.
This is not a problem when the export is public.
Automatic imports set the account id correctly and do not use wildcards.

To cover cases where the export is private, automatically added imports
are not subject a token check.

Signed-off-by: Matthias Hanel <mh@synadia.com>
2022-08-19 17:16:53 -07:00
.github
Move to Go 1.19, remote io/util, fix data race and a flapper
2022-08-05 09:55:37 -06:00
conf
Move to Go 1.19, remote io/util, fix data race and a flapper
2022-08-05 09:55:37 -06:00
doc
remove ADR files from the server
2021-07-13 10:07:31 +02:00
docker
Move to Go 1.19, remote io/util, fix data race and a flapper
2022-08-05 09:55:37 -06:00
internal
Redact URLs before logging or returning in error (#2643)
2021-10-27 12:44:59 -04:00
logger
Move to Go 1.19, remote io/util, fix data race and a flapper
2022-08-05 09:55:37 -06:00
logos
Only linux for travis
2016-04-21 09:33:42 -07:00
scripts
Exclude chaos tests from build by default
2022-08-05 15:20:09 -07:00
server
Fix bad sys request for different account (#3382)
2022-08-19 17:16:53 -07:00
test
Move to Go 1.19, remote io/util, fix data race and a flapper
2022-08-05 09:55:37 -06:00
util
Add hardened systemd service
2021-07-27 22:36:32 +02:00
.coveralls.yml
Should have been included from the coveralls instructions to know more.
2014-07-25 13:16:58 -07:00
.gitignore
Ignore dist and .vscode
2022-08-03 14:01:55 -07:00
.goreleaser-nightly.yml
Fix nightly to have proper git commit and move to Go 1.17
2022-01-26 14:58:11 -07:00
.goreleaser.yml
[ADDED] Symlink for deb/rpm packages
2022-07-05 10:05:04 -06:00
.travis.yml
Move to Go 1.19, remote io/util, fix data race and a flapper
2022-08-05 09:55:37 -06:00
CODE-OF-CONDUCT.md
Add CNCF Code of Conduct
2018-03-15 11:38:25 -07:00
dependencies.md
Update dependencies.md
2022-08-16 16:48:00 -06:00
go.mod
Update nats.go mod to be able to run tests
2022-08-10 13:26:06 -06:00
go.sum
Update nats.go mod to be able to run tests
2022-08-10 13:26:06 -06:00
GOVERNANCE.md
Update GOVERNANCE.md
2020-11-10 10:40:28 -06:00
LICENSE
Update license to Apache 2
2018-03-15 22:31:07 -07:00
locksordering.txt
Update locksordering.txt with some more ordering and jsa.usageMu
2022-05-02 11:14:31 -06:00
main.go
Allow maxprocs to debug log after start banner
2022-07-02 08:46:19 -07:00
MAINTAINERS.md
Update MAINTAINERS.md
2020-06-22 11:10:49 -05:00
README.md
Release v2.8.4
2022-05-26 10:15:52 -06:00
TODO.md
[ADDED] Server sends INFO with cluster URLs to clients with support
2016-07-26 10:55:55 -06:00

README.md

NATS is a simple, secure and performant communications system for digital systems, services and devices. NATS is part of the Cloud Native Computing Foundation (CNCF). NATS has over 40 client language implementations, and its server can run on-premise, in the cloud, at the edge, and even on a Raspberry Pi. NATS can secure and simplify design and operation of modern distributed systems.

License Build Release Slack Coverage Docker Downloads CII Best Practices

Documentation

Contact

  • Twitter: Follow us on Twitter!
  • Google Groups: Where you can ask questions
  • Slack: Click here to join. You can ask question to our maintainers and to the rich and active community.

Contributing

If you are interested in contributing to NATS, read about our...

Roadmap

The NATS product roadmap can be found here.

Security

Security Audit

A third party security audit was performed by Cure53, you can see the full report here.

Reporting Security Vulnerabilities

If you've found a vulnerability or a potential vulnerability in the NATS server, please let us know at nats-security.

License

Unless otherwise noted, the NATS source files are distributed under the Apache Version 2.0 license found in the LICENSE file.

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme Apache-2.0 33 MiB
Languages
Go 99.6%
Shell 0.4%