nats-server

mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-14 02:07:59 -07:00

Go to file

Ivan Kozlovic eef194c43b [CHANGED] Duplicates in authorization{} and accounts{} now detected

If accounts{} block is specified, authorization{} should not have
any user/password/token or users array defined.

The reason is that users parsed in accounts{} are associated with
their respective account but users parsed in authorization{} are
associated with the global account. If the same user name is
in both, and since internally the parsing of those 2 blocks is
completely random (even if layed out in the config in a specific
order), the outcome may be that a user is either associated with
an account or the default global account.

To minimize breaking changes, but still avoid this unexpected
outcome, the server will now detect if there are duplicate users
(or nkeys) inside authorization{} block itself, but also between
this block and accounts{}.
The check will also detect if accounts{} has any user/nkey, then
the authorization{} block should not have any user/password/token,
making this test similar to the check we had in authorization{}
block itself.

Resolves #2926

Signed-off-by: Ivan Kozlovic <ivan@synadia.com>

2022-03-21 19:50:16 -06:00

.github

Nightly: set Go version to 1.17 and use latest goreleaser

2022-01-26 15:29:41 -07:00

conf

Travis updates

2021-11-15 17:23:08 -07:00

doc

remove ADR files from the server

2021-07-13 10:07:31 +02:00

docker

Fix nightly to have proper git commit and move to Go 1.17

2022-01-26 14:58:11 -07:00

internal

Redact URLs before logging or returning in error (#2643 )

2021-10-27 12:44:59 -04:00

logger

Travis updates

2021-11-15 17:23:08 -07:00

logos

Only linux for travis

2016-04-21 09:33:42 -07:00

scripts

Prepare for release v2.7.0, start with v2.7.0-rc1

2022-01-13 16:15:51 -07:00

server

[CHANGED] Duplicates in authorization{} and accounts{} now detected

2022-03-21 19:50:16 -06:00

test

Ensure file path is correct during stream restore

2022-03-09 13:31:51 -07:00

util

Add hardened systemd service

2021-07-27 22:36:32 +02:00

.coveralls.yml

Should have been included from the coveralls instructions to know more.

2014-07-25 13:16:58 -07:00

.gitignore

Fixed raft bug on catchup logic with external snapshots

2021-02-12 19:58:02 -08:00

.goreleaser-nightly.yml

Fix nightly to have proper git commit and move to Go 1.17

2022-01-26 14:58:11 -07:00

.goreleaser.yml

Fixed goreleaser ldflags

2022-01-13 19:02:41 -07:00

.travis.yml

Fix goreleaser script invocation - bump to rc2

2022-01-13 16:58:19 -07:00

CODE-OF-CONDUCT.md

Add CNCF Code of Conduct

2018-03-15 11:38:25 -07:00

dependencies.md

Create dependencies.md [ci skip]

2021-01-06 10:53:35 -06:00

go.mod

Adding denies $KV.>/$OBJ.> along leaf connections on differing domain (#2916 )

2022-03-09 13:17:59 -05:00

go.sum

Adding denies $KV.>/$OBJ.> along leaf connections on differing domain (#2916 )

2022-03-09 13:17:59 -05:00

GOVERNANCE.md

Update GOVERNANCE.md

2020-11-10 10:40:28 -06:00

LICENSE

Update license to Apache 2

2018-03-15 22:31:07 -07:00

locksordering.txt

[FIXED] Some lock inversions

2022-03-09 09:47:37 -07:00

main.go

Added in ability to have account limits configured in server config.

2021-12-21 18:31:07 -08:00

MAINTAINERS.md

Update MAINTAINERS.md

2020-06-22 11:10:49 -05:00

README.md

Release v2.7.4

2022-03-09 13:58:33 -07:00

TODO.md

[ADDED] Server sends INFO with cluster URLs to clients with support

2016-07-26 10:55:55 -06:00

README.md

NATS is a simple, secure and performant communications system for digital systems, services and devices. NATS is part of the Cloud Native Computing Foundation (CNCF). NATS has over 40 client language implementations, and its server can run on-premise, in the cloud, at the edge, and even on a Raspberry Pi. NATS can secure and simplify design and operation of modern distributed systems.

Documentation

Official documentation
FAQ
Watch a video overview of NATS to learn more about its origin story and design philosophy.

Contact

Twitter: Follow us on Twitter!
Google Groups: Where you can ask questions
Slack: Click here to join. You can ask question to our maintainers and to the rich and active community.

Contributing

If you are interested in contributing to NATS, read about our...

Roadmap

The NATS product roadmap can be found here.

Security

Security Audit

A third party security audit was performed by Cure53, you can see the full report here.

Reporting Security Vulnerabilities

If you've found a vulnerability or a potential vulnerability in the NATS server, please let us know at nats-security.

License

Unless otherwise noted, the NATS source files are distributed under the Apache Version 2.0 license found in the LICENSE file.