debian/0000775000000000000000000000000013314731055007172 5ustar debian/redis-server.install0000664000000000000000000000012112265227024013166 0ustar src/redis-server /usr/bin debian/redis.conf /etc/redis sentinel.conf /etc/redis debian/rules0000775000000000000000000000054212265227024010253 0ustar #!/usr/bin/make -f unexport CFLAGS ifneq (,$(filter $(shell dpkg-architecture -qDEB_HOST_ARCH),armel hurd-i386 kfreebsd-amd64 kfreebsd-i386 s390 sparc)) export FORCE_LIBC_MALLOC = yes endif %: dh $@ override_dh_auto_test: # Testsuite requires working TCP/IP and a non-interactive mode override_dh_auto_install: clean: dh $@ rm -f src/release.h debian/source/0000775000000000000000000000000012265227024010472 5ustar debian/source/format0000664000000000000000000000001412265227024011700 0ustar 3.0 (quilt) debian/redis.conf0000664000000000000000000007274012265227024011161 0ustar # Redis configuration file example # Note on units: when memory size is needed, it is possible to specify # it in the usual form of 1k 5GB 4M and so forth: # # 1k => 1000 bytes # 1kb => 1024 bytes # 1m => 1000000 bytes # 1mb => 1024*1024 bytes # 1g => 1000000000 bytes # 1gb => 1024*1024*1024 bytes # # units are case insensitive so 1GB 1Gb 1gB are all the same. ################################## INCLUDES ################################### # Include one or more other config files here. This is useful if you # have a standard template that goes to all Redis server but also need # to customize a few per-server settings. Include files can include # other files, so use this wisely. # # Notice option "include" won't be rewritten by command "CONFIG REWRITE" # from admin or Redis Sentinel. Since Redis always uses the last processed # line as value of a configuration directive, you'd better put includes # at the beginning of this file to avoid overwriting config change at runtime. # # If instead you are interested in using includes to override configuration # options, it is better to use include as the last line. # # include /path/to/local.conf # include /path/to/other.conf ################################ GENERAL ##################################### # By default Redis does not run as a daemon. Use 'yes' if you need it. # Note that Redis will write a pid file in /var/run/redis.pid when daemonized. daemonize yes # When running daemonized, Redis writes a pid file in /var/run/redis.pid by # default. You can specify a custom pid file location here. pidfile /var/run/redis/redis-server.pid # Accept connections on the specified port, default is 6379. # If port 0 is specified Redis will not listen on a TCP socket. port 6379 # By default Redis listens for connections from all the network interfaces # available on the server. It is possible to listen to just one or multiple # interfaces using the "bind" configuration directive, followed by one or # more IP addresses. # # Examples: # # bind 192.168.1.100 10.0.0.1 bind 127.0.0.1 # Specify the path for the unix socket that will be used to listen for # incoming connections. There is no default, so Redis will not listen # on a unix socket when not specified. # # unixsocket /var/run/redis/redis.sock # unixsocketperm 755 # Close the connection after a client is idle for N seconds (0 to disable) timeout 0 # TCP keepalive. # # If non-zero, use SO_KEEPALIVE to send TCP ACKs to clients in absence # of communication. This is useful for two reasons: # # 1) Detect dead peers. # 2) Take the connection alive from the point of view of network # equipment in the middle. # # On Linux, the specified value (in seconds) is the period used to send ACKs. # Note that to close the connection the double of the time is needed. # On other kernels the period depends on the kernel configuration. # # A reasonable value for this option is 60 seconds. tcp-keepalive 0 # Specify the server verbosity level. # This can be one of: # debug (a lot of information, useful for development/testing) # verbose (many rarely useful info, but not a mess like the debug level) # notice (moderately verbose, what you want in production probably) # warning (only very important / critical messages are logged) loglevel notice # Specify the log file name. Also the empty string can be used to force # Redis to log on the standard output. Note that if you use standard # output for logging but daemonize, logs will be sent to /dev/null logfile /var/log/redis/redis-server.log # To enable logging to the system logger, just set 'syslog-enabled' to yes, # and optionally update the other syslog parameters to suit your needs. # syslog-enabled no # Specify the syslog identity. # syslog-ident redis # Specify the syslog facility. Must be USER or between LOCAL0-LOCAL7. # syslog-facility local0 # Set the number of databases. The default database is DB 0, you can select # a different one on a per-connection basis using SELECT where # dbid is a number between 0 and 'databases'-1 databases 16 ################################ SNAPSHOTTING ################################ # # Save the DB on disk: # # save # # Will save the DB if both the given number of seconds and the given # number of write operations against the DB occurred. # # In the example below the behaviour will be to save: # after 900 sec (15 min) if at least 1 key changed # after 300 sec (5 min) if at least 10 keys changed # after 60 sec if at least 10000 keys changed # # Note: you can disable saving at all commenting all the "save" lines. # # It is also possible to remove all the previously configured save # points by adding a save directive with a single empty string argument # like in the following example: # # save "" save 900 1 save 300 10 save 60 10000 # By default Redis will stop accepting writes if RDB snapshots are enabled # (at least one save point) and the latest background save failed. # This will make the user aware (in a hard way) that data is not persisting # on disk properly, otherwise chances are that no one will notice and some # disaster will happen. # # If the background saving process will start working again Redis will # automatically allow writes again. # # However if you have setup your proper monitoring of the Redis server # and persistence, you may want to disable this feature so that Redis will # continue to work as usual even if there are problems with disk, # permissions, and so forth. stop-writes-on-bgsave-error yes # Compress string objects using LZF when dump .rdb databases? # For default that's set to 'yes' as it's almost always a win. # If you want to save some CPU in the saving child set it to 'no' but # the dataset will likely be bigger if you have compressible values or keys. rdbcompression yes # Since version 5 of RDB a CRC64 checksum is placed at the end of the file. # This makes the format more resistant to corruption but there is a performance # hit to pay (around 10%) when saving and loading RDB files, so you can disable it # for maximum performances. # # RDB files created with checksum disabled have a checksum of zero that will # tell the loading code to skip the check. rdbchecksum yes # The filename where to dump the DB dbfilename dump.rdb # The working directory. # # The DB will be written inside this directory, with the filename specified # above using the 'dbfilename' configuration directive. # # The Append Only File will also be created inside this directory. # # Note that you must specify a directory here, not a file name. dir /var/lib/redis ################################# REPLICATION ################################# # Master-Slave replication. Use slaveof to make a Redis instance a copy of # another Redis server. Note that the configuration is local to the slave # so for example it is possible to configure the slave to save the DB with a # different interval, or to listen to another port, and so on. # # slaveof # If the master is password protected (using the "requirepass" configuration # directive below) it is possible to tell the slave to authenticate before # starting the replication synchronization process, otherwise the master will # refuse the slave request. # # masterauth # When a slave loses its connection with the master, or when the replication # is still in progress, the slave can act in two different ways: # # 1) if slave-serve-stale-data is set to 'yes' (the default) the slave will # still reply to client requests, possibly with out of date data, or the # data set may just be empty if this is the first synchronization. # # 2) if slave-serve-stale-data is set to 'no' the slave will reply with # an error "SYNC with master in progress" to all the kind of commands # but to INFO and SLAVEOF. # slave-serve-stale-data yes # You can configure a slave instance to accept writes or not. Writing against # a slave instance may be useful to store some ephemeral data (because data # written on a slave will be easily deleted after resync with the master) but # may also cause problems if clients are writing to it because of a # misconfiguration. # # Since Redis 2.6 by default slaves are read-only. # # Note: read only slaves are not designed to be exposed to untrusted clients # on the internet. It's just a protection layer against misuse of the instance. # Still a read only slave exports by default all the administrative commands # such as CONFIG, DEBUG, and so forth. To a limited extent you can improve # security of read only slaves using 'rename-command' to shadow all the # administrative / dangerous commands. slave-read-only yes # Slaves send PINGs to server in a predefined interval. It's possible to change # this interval with the repl_ping_slave_period option. The default value is 10 # seconds. # # repl-ping-slave-period 10 # The following option sets the replication timeout for: # # 1) Bulk transfer I/O during SYNC, from the point of view of slave. # 2) Master timeout from the point of view of slaves (data, pings). # 3) Slave timeout from the point of view of masters (REPLCONF ACK pings). # # It is important to make sure that this value is greater than the value # specified for repl-ping-slave-period otherwise a timeout will be detected # every time there is low traffic between the master and the slave. # # repl-timeout 60 # Disable TCP_NODELAY on the slave socket after SYNC? # # If you select "yes" Redis will use a smaller number of TCP packets and # less bandwidth to send data to slaves. But this can add a delay for # the data to appear on the slave side, up to 40 milliseconds with # Linux kernels using a default configuration. # # If you select "no" the delay for data to appear on the slave side will # be reduced but more bandwidth will be used for replication. # # By default we optimize for low latency, but in very high traffic conditions # or when the master and slaves are many hops away, turning this to "yes" may # be a good idea. repl-disable-tcp-nodelay no # Set the replication backlog size. The backlog is a buffer that accumulates # slave data when slaves are disconnected for some time, so that when a slave # wants to reconnect again, often a full resync is not needed, but a partial # resync is enough, just passing the portion of data the slave missed while # disconnected. # # The biggest the replication backlog, the longer the time the slave can be # disconnected and later be able to perform a partial resynchronization. # # The backlog is only allocated once there is at least a slave connected. # # repl-backlog-size 1mb # After a master has no longer connected slaves for some time, the backlog # will be freed. The following option configures the amount of seconds that # need to elapse, starting from the time the last slave disconnected, for # the backlog buffer to be freed. # # A value of 0 means to never release the backlog. # # repl-backlog-ttl 3600 # The slave priority is an integer number published by Redis in the INFO output. # It is used by Redis Sentinel in order to select a slave to promote into a # master if the master is no longer working correctly. # # A slave with a low priority number is considered better for promotion, so # for instance if there are three slaves with priority 10, 100, 25 Sentinel will # pick the one with priority 10, that is the lowest. # # However a special priority of 0 marks the slave as not able to perform the # role of master, so a slave with priority of 0 will never be selected by # Redis Sentinel for promotion. # # By default the priority is 100. slave-priority 100 # It is possible for a master to stop accepting writes if there are less than # N slaves connected, having a lag less or equal than M seconds. # # The N slaves need to be in "online" state. # # The lag in seconds, that must be <= the specified value, is calculated from # the last ping received from the slave, that is usually sent every second. # # This option does not GUARANTEES that N replicas will accept the write, but # will limit the window of exposure for lost writes in case not enough slaves # are available, to the specified number of seconds. # # For example to require at least 3 slaves with a lag <= 10 seconds use: # # min-slaves-to-write 3 # min-slaves-max-lag 10 # # Setting one or the other to 0 disables the feature. # # By default min-slaves-to-write is set to 0 (feature disabled) and # min-slaves-max-lag is set to 10. ################################## SECURITY ################################### # Require clients to issue AUTH before processing any other # commands. This might be useful in environments in which you do not trust # others with access to the host running redis-server. # # This should stay commented out for backward compatibility and because most # people do not need auth (e.g. they run their own servers). # # Warning: since Redis is pretty fast an outside user can try up to # 150k passwords per second against a good box. This means that you should # use a very strong password otherwise it will be very easy to break. # # requirepass foobared # Command renaming. # # It is possible to change the name of dangerous commands in a shared # environment. For instance the CONFIG command may be renamed into something # hard to guess so that it will still be available for internal-use tools # but not available for general clients. # # Example: # # rename-command CONFIG b840fc02d524045429941cc15f59e41cb7be6c52 # # It is also possible to completely kill a command by renaming it into # an empty string: # # rename-command CONFIG "" # # Please note that changing the name of commands that are logged into the # AOF file or transmitted to slaves may cause problems. ################################### LIMITS #################################### # Set the max number of connected clients at the same time. By default # this limit is set to 10000 clients, however if the Redis server is not # able to configure the process file limit to allow for the specified limit # the max number of allowed clients is set to the current file limit # minus 32 (as Redis reserves a few file descriptors for internal uses). # # Once the limit is reached Redis will close all the new connections sending # an error 'max number of clients reached'. # # maxclients 10000 # Don't use more memory than the specified amount of bytes. # When the memory limit is reached Redis will try to remove keys # according to the eviction policy selected (see maxmemory-policy). # # If Redis can't remove keys according to the policy, or if the policy is # set to 'noeviction', Redis will start to reply with errors to commands # that would use more memory, like SET, LPUSH, and so on, and will continue # to reply to read-only commands like GET. # # This option is usually useful when using Redis as an LRU cache, or to set # a hard memory limit for an instance (using the 'noeviction' policy). # # WARNING: If you have slaves attached to an instance with maxmemory on, # the size of the output buffers needed to feed the slaves are subtracted # from the used memory count, so that network problems / resyncs will # not trigger a loop where keys are evicted, and in turn the output # buffer of slaves is full with DELs of keys evicted triggering the deletion # of more keys, and so forth until the database is completely emptied. # # In short... if you have slaves attached it is suggested that you set a lower # limit for maxmemory so that there is some free RAM on the system for slave # output buffers (but this is not needed if the policy is 'noeviction'). # # maxmemory # MAXMEMORY POLICY: how Redis will select what to remove when maxmemory # is reached. You can select among five behaviors: # # volatile-lru -> remove the key with an expire set using an LRU algorithm # allkeys-lru -> remove any key accordingly to the LRU algorithm # volatile-random -> remove a random key with an expire set # allkeys-random -> remove a random key, any key # volatile-ttl -> remove the key with the nearest expire time (minor TTL) # noeviction -> don't expire at all, just return an error on write operations # # Note: with any of the above policies, Redis will return an error on write # operations, when there are not suitable keys for eviction. # # At the date of writing this commands are: set setnx setex append # incr decr rpush lpush rpushx lpushx linsert lset rpoplpush sadd # sinter sinterstore sunion sunionstore sdiff sdiffstore zadd zincrby # zunionstore zinterstore hset hsetnx hmset hincrby incrby decrby # getset mset msetnx exec sort # # The default is: # # maxmemory-policy volatile-lru # LRU and minimal TTL algorithms are not precise algorithms but approximated # algorithms (in order to save memory), so you can select as well the sample # size to check. For instance for default Redis will check three keys and # pick the one that was used less recently, you can change the sample size # using the following configuration directive. # # maxmemory-samples 3 ############################## APPEND ONLY MODE ############################### # By default Redis asynchronously dumps the dataset on disk. This mode is # good enough in many applications, but an issue with the Redis process or # a power outage may result into a few minutes of writes lost (depending on # the configured save points). # # The Append Only File is an alternative persistence mode that provides # much better durability. For instance using the default data fsync policy # (see later in the config file) Redis can lose just one second of writes in a # dramatic event like a server power outage, or a single write if something # wrong with the Redis process itself happens, but the operating system is # still running correctly. # # AOF and RDB persistence can be enabled at the same time without problems. # If the AOF is enabled on startup Redis will load the AOF, that is the file # with the better durability guarantees. # # Please check http://redis.io/topics/persistence for more information. appendonly no # The name of the append only file (default: "appendonly.aof") appendfilename "appendonly.aof" # The fsync() call tells the Operating System to actually write data on disk # instead to wait for more data in the output buffer. Some OS will really flush # data on disk, some other OS will just try to do it ASAP. # # Redis supports three different modes: # # no: don't fsync, just let the OS flush the data when it wants. Faster. # always: fsync after every write to the append only log . Slow, Safest. # everysec: fsync only one time every second. Compromise. # # The default is "everysec", as that's usually the right compromise between # speed and data safety. It's up to you to understand if you can relax this to # "no" that will let the operating system flush the output buffer when # it wants, for better performances (but if you can live with the idea of # some data loss consider the default persistence mode that's snapshotting), # or on the contrary, use "always" that's very slow but a bit safer than # everysec. # # More details please check the following article: # http://antirez.com/post/redis-persistence-demystified.html # # If unsure, use "everysec". # appendfsync always appendfsync everysec # appendfsync no # When the AOF fsync policy is set to always or everysec, and a background # saving process (a background save or AOF log background rewriting) is # performing a lot of I/O against the disk, in some Linux configurations # Redis may block too long on the fsync() call. Note that there is no fix for # this currently, as even performing fsync in a different thread will block # our synchronous write(2) call. # # In order to mitigate this problem it's possible to use the following option # that will prevent fsync() from being called in the main process while a # BGSAVE or BGREWRITEAOF is in progress. # # This means that while another child is saving, the durability of Redis is # the same as "appendfsync none". In practical terms, this means that it is # possible to lose up to 30 seconds of log in the worst scenario (with the # default Linux settings). # # If you have latency problems turn this to "yes". Otherwise leave it as # "no" that is the safest pick from the point of view of durability. no-appendfsync-on-rewrite no # Automatic rewrite of the append only file. # Redis is able to automatically rewrite the log file implicitly calling # BGREWRITEAOF when the AOF log size grows by the specified percentage. # # This is how it works: Redis remembers the size of the AOF file after the # latest rewrite (if no rewrite has happened since the restart, the size of # the AOF at startup is used). # # This base size is compared to the current size. If the current size is # bigger than the specified percentage, the rewrite is triggered. Also # you need to specify a minimal size for the AOF file to be rewritten, this # is useful to avoid rewriting the AOF file even if the percentage increase # is reached but it is still pretty small. # # Specify a percentage of zero in order to disable the automatic AOF # rewrite feature. auto-aof-rewrite-percentage 100 auto-aof-rewrite-min-size 64mb ################################ LUA SCRIPTING ############################### # Max execution time of a Lua script in milliseconds. # # If the maximum execution time is reached Redis will log that a script is # still in execution after the maximum allowed time and will start to # reply to queries with an error. # # When a long running script exceed the maximum execution time only the # SCRIPT KILL and SHUTDOWN NOSAVE commands are available. The first can be # used to stop a script that did not yet called write commands. The second # is the only way to shut down the server in the case a write commands was # already issue by the script but the user don't want to wait for the natural # termination of the script. # # Set it to 0 or a negative value for unlimited execution without warnings. lua-time-limit 5000 ################################## SLOW LOG ################################### # The Redis Slow Log is a system to log queries that exceeded a specified # execution time. The execution time does not include the I/O operations # like talking with the client, sending the reply and so forth, # but just the time needed to actually execute the command (this is the only # stage of command execution where the thread is blocked and can not serve # other requests in the meantime). # # You can configure the slow log with two parameters: one tells Redis # what is the execution time, in microseconds, to exceed in order for the # command to get logged, and the other parameter is the length of the # slow log. When a new command is logged the oldest one is removed from the # queue of logged commands. # The following time is expressed in microseconds, so 1000000 is equivalent # to one second. Note that a negative number disables the slow log, while # a value of zero forces the logging of every command. slowlog-log-slower-than 10000 # There is no limit to this length. Just be aware that it will consume memory. # You can reclaim memory used by the slow log with SLOWLOG RESET. slowlog-max-len 128 ############################# Event notification ############################## # Redis can notify Pub/Sub clients about events happening in the key space. # This feature is documented at http://redis.io/topics/keyspace-events # # For instance if keyspace events notification is enabled, and a client # performs a DEL operation on key "foo" stored in the Database 0, two # messages will be published via Pub/Sub: # # PUBLISH __keyspace@0__:foo del # PUBLISH __keyevent@0__:del foo # # It is possible to select the events that Redis will notify among a set # of classes. Every class is identified by a single character: # # K Keyspace events, published with __keyspace@__ prefix. # E Keyevent events, published with __keyevent@__ prefix. # g Generic commands (non-type specific) like DEL, EXPIRE, RENAME, ... # $ String commands # l List commands # s Set commands # h Hash commands # z Sorted set commands # x Expired events (events generated every time a key expires) # e Evicted events (events generated when a key is evicted for maxmemory) # A Alias for g$lshzxe, so that the "AKE" string means all the events. # # The "notify-keyspace-events" takes as argument a string that is composed # by zero or multiple characters. The empty string means that notifications # are disabled at all. # # Example: to enable list and generic events, from the point of view of the # event name, use: # # notify-keyspace-events Elg # # Example 2: to get the stream of the expired keys subscribing to channel # name __keyevent@0__:expired use: # # notify-keyspace-events Ex # # By default all notifications are disabled because most users don't need # this feature and the feature has some overhead. Note that if you don't # specify at least one of K or E, no events will be delivered. notify-keyspace-events "" ############################### ADVANCED CONFIG ############################### # Hashes are encoded using a memory efficient data structure when they have a # small number of entries, and the biggest entry does not exceed a given # threshold. These thresholds can be configured using the following directives. hash-max-ziplist-entries 512 hash-max-ziplist-value 64 # Similarly to hashes, small lists are also encoded in a special way in order # to save a lot of space. The special representation is only used when # you are under the following limits: list-max-ziplist-entries 512 list-max-ziplist-value 64 # Sets have a special encoding in just one case: when a set is composed # of just strings that happens to be integers in radix 10 in the range # of 64 bit signed integers. # The following configuration setting sets the limit in the size of the # set in order to use this special memory saving encoding. set-max-intset-entries 512 # Similarly to hashes and lists, sorted sets are also specially encoded in # order to save a lot of space. This encoding is only used when the length and # elements of a sorted set are below the following limits: zset-max-ziplist-entries 128 zset-max-ziplist-value 64 # Active rehashing uses 1 millisecond every 100 milliseconds of CPU time in # order to help rehashing the main Redis hash table (the one mapping top-level # keys to values). The hash table implementation Redis uses (see dict.c) # performs a lazy rehashing: the more operation you run into a hash table # that is rehashing, the more rehashing "steps" are performed, so if the # server is idle the rehashing is never complete and some more memory is used # by the hash table. # # The default is to use this millisecond 10 times every second in order to # active rehashing the main dictionaries, freeing memory when possible. # # If unsure: # use "activerehashing no" if you have hard latency requirements and it is # not a good thing in your environment that Redis can reply form time to time # to queries with 2 milliseconds delay. # # use "activerehashing yes" if you don't have such hard requirements but # want to free memory asap when possible. activerehashing yes # The client output buffer limits can be used to force disconnection of clients # that are not reading data from the server fast enough for some reason (a # common reason is that a Pub/Sub client can't consume messages as fast as the # publisher can produce them). # # The limit can be set differently for the three different classes of clients: # # normal -> normal clients # slave -> slave clients and MONITOR clients # pubsub -> clients subscribed to at least one pubsub channel or pattern # # The syntax of every client-output-buffer-limit directive is the following: # # client-output-buffer-limit # # A client is immediately disconnected once the hard limit is reached, or if # the soft limit is reached and remains reached for the specified number of # seconds (continuously). # So for instance if the hard limit is 32 megabytes and the soft limit is # 16 megabytes / 10 seconds, the client will get disconnected immediately # if the size of the output buffers reach 32 megabytes, but will also get # disconnected if the client reaches 16 megabytes and continuously overcomes # the limit for 10 seconds. # # By default normal clients are not limited because they don't receive data # without asking (in a push way), but just after a request, so only # asynchronous clients may create a scenario where data is requested faster # than it can read. # # Instead there is a default limit for pubsub and slave clients, since # subscribers and slaves receive data in a push fashion. # # Both the hard or the soft limit can be disabled by setting them to zero. client-output-buffer-limit normal 0 0 0 client-output-buffer-limit slave 256mb 64mb 60 client-output-buffer-limit pubsub 32mb 8mb 60 # Redis calls an internal function to perform many background tasks, like # closing connections of clients in timeout, purging expired keys that are # never requested, and so forth. # # Not all tasks are performed with the same frequency, but Redis checks for # tasks to perform accordingly to the specified "hz" value. # # By default "hz" is set to 10. Raising the value will use more CPU when # Redis is idle, but at the same time will make Redis more responsive when # there are many keys expiring at the same time, and timeouts may be # handled with more precision. # # The range is between 1 and 500, however a value over 100 is usually not # a good idea. Most users should use the default of 10 and raise this up to # 100 only in environments where very low latency is required. hz 10 # When a child rewrites the AOF file, if the following option is enabled # the file will be fsync-ed every 32 MB of data generated. This is useful # in order to commit the file to the disk more incrementally and avoid # big latency spikes. aof-rewrite-incremental-fsync yes debian/redis-tools.manpages0000664000000000000000000000005412265227024013152 0ustar debian/redis-cli.1 debian/redis-benchmark.1 debian/watch0000664000000000000000000000012712265227024010223 0ustar version=3 http://redis.io/download http://download.redis.io/releases/redis-(.*).tar.gz debian/control0000664000000000000000000000257513314505437010611 0ustar Source: redis Section: database Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Chris Lamb Build-Depends: debhelper (>= 7.0.50), libjemalloc-dev [linux-any] Standards-Version: 3.9.4 Homepage: http://redis.io/ Vcs-Git: git://github.com/lamby/pkg-redis.git Vcs-Browser: https://github.com/lamby/pkg-redis Package: redis-server Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends}, redis-tools (= ${binary:Version}), adduser Description: Persistent key-value database with network interface Redis is a key-value database in a similar vein to memcache but the dataset is non-volatile. Redis additionally provides native support for atomically manipulating and querying data structures such as lists and sets. . The dataset is stored entirely in memory and periodically flushed to disk. Package: redis-tools Architecture: any Depends: ${misc:Depends}, ${shlibs:Depends} Replaces: redis-server (<< 2:2.6.16-1) Breaks: redis-server (<< 2:2.6.16-1) Description: Persistent key-value database with network interface (client) Redis is a key-value database in a similar vein to memcache but the dataset is non-volatile. Redis additionally provides native support for atomically manipulating and querying data structures such as lists and sets. . This package contains the command line client and other tools. debian/bash_completion.d/0000775000000000000000000000000012265227024012562 5ustar debian/bash_completion.d/redis-cli0000664000000000000000000000175312265227024014366 0ustar # -*- sh -*- # # Bash completion function for the 'redis-cli' command. # # Steve # -- # http://www.steve.org.uk # _redis-cli() { COMPREPLY=() cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]} # # All known commands accepted. Sorted. # opts='bgrewriteaof bgsave dbsize debug decr decrby del echo exists expire expireat flushall flushdb get getset incr incrby info keys lastsave lindex llen lpop lpush lrange lrem lset ltrim mget move mset msetnx ping randomkey rename renamenx rewriteaof rpop rpoplpush rpush sadd save scard sdiff sdiffstore select set setnx shutdown sinter sinterstore sismember slaveof smembers smove sort spop srandmember srem sunion sunionstore ttl type zadd zcard zincrby zrange zrangebyscore zrem zremrangebyscore zrevrange zscore' # # Only complete on the first term. # if [ $COMP_CWORD -eq 1 ]; then COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) return 0 fi } complete -F _redis-cli redis-cli debian/redis-server.preinst0000664000000000000000000000116512265227024013215 0ustar #!/bin/sh set -eu USER="redis" GROUP="$USER" HOME="/var/lib/redis" # If we use NIS then errors should be tolerated. if which ypwhich >/dev/null 2>&1 && ypwhich >/dev/null 2>&1 then set +e fi if ! getent group $GROUP >/dev/null then addgroup --system $GROUP >/dev/null fi # creating user if it isn't already there if ! getent passwd $USER >/dev/null then adduser \ --system \ --disabled-login \ --ingroup $GROUP \ --home $HOME \ --gecos "$USER server" \ --shell /bin/false \ $USER >/dev/null fi # end of NIS tolerance zone set -e #DEBHELPER# debian/redis-benchmark.10000664000000000000000000000264012265227024012314 0ustar .TH REDIS-BENCHMARK 1 "June 28, 2010" .SH NAME redis-benchmark \- Benechmark a Redis instance .SH SYNOPSIS .B redis-benchmark [\-h ] [\-p ] [\-c ] [\-n [\-k ] .SH DESCRIPTION Redis is a key-value database. It is similar to memcached but the dataset is not volatile and other datatypes (such as lists and sets) are natively supported. .SH OPTIONS .TP \-h hostname Server hostname (default 127.0.0.1) .TP \-p hostname Server port (default 6379) .TP \-c clients Number of parallel connections (default 50) .TP \-n requests Total number of requests (default 10000) .TP \-d size Data size of SET/GET value in bytes (default 2) .TP \-k boolean 1=keep alive 0=reconnect (default 1) .TP \-r keyspacelen Use random keys for SET/GET/INCR, random values for SADD Using this option the benchmark will get/set keys in the form mykey_rand000000012456 instead of constant keys, the argument determines the max number of values for the random number. For instance if set to 10 only rand000000000000 - rand000000000009 range will be allowed. .TP \-q Quiet. Just show query/sec values .TP \-l Loop. Run the tests forever .TP \-I Idle mode. Just open N idle connections and wait. .TP \-D Debug mode. more verbose. .SH AUTHOR \fBredis-benchmark\fP was written by Salvatore Sanfilippo. .PP This manual page was written by Chris Lamb for the Debian project (but may be used by others). debian/copyright0000664000000000000000000000734612265227024011137 0ustar Author: Salvatore Sanfilippo Download: http://redis.io/ Files: * Copyright: © 2006-2012 Salvatore Sanfilippo License: BSD Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: . * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of Redis nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. . THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Files: src/rio.[ch] src/t_zset.c src/ziplist.h src/intset.[ch] src/redis-check-aof.c src/redis-check-dump.c deps/hiredis/ deps/linenoise/ Copyright: © 2009-2012 Pieter Noordhuis © 2009-2012 Salvatore Sanfilippo License: BSD Files: src/lzf.h src/lzf_d.c src/lzf_c.c Copyright: © 2000-2007 Marc Alexander Lehmann © 2009-2012 Salvatore Sanfilippo License: BSD Files: src/ae_evport.c Copyright: © 2012 Joyent, Inc. License: BSD Files: utils/install_server.sh Copyright: © 2011 Dvir Volk License: BSD Files: deps/jemalloc/ Copyright: © 2002-2012 Jason Evans © 2007-2012 Mozilla Foundation © 2009-2012 Facebook, Inc. License: BSD Files: src/ae_kqueue.c Copyright: © 2009 Harish Mallipeddi License: BSD Files: src/pqsort.[ch] Copyright: © 1992-1993 The Regents of the University of California License: BSD Files: deps/lua/ Copyright: © 1994-2012 Lua.org, PUC-Ri License: MIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: . The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Files: debian/* Copyright: © 2009 Chris Lamb License: BSD debian/redis-server.init0000775000000000000000000000314212265227024012474 0ustar #! /bin/sh ### BEGIN INIT INFO # Provides: redis-server # Required-Start: $syslog $remote_fs # Required-Stop: $syslog $remote_fs # Should-Start: $local_fs # Should-Stop: $local_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: redis-server - Persistent key-value db # Description: redis-server - Persistent key-value db ### END INIT INFO PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin DAEMON=/usr/bin/redis-server DAEMON_ARGS=/etc/redis/redis.conf NAME=redis-server DESC=redis-server RUNDIR=/var/run/redis PIDFILE=$RUNDIR/redis-server.pid test -x $DAEMON || exit 0 if [ -r /etc/default/$NAME ] then . /etc/default/$NAME fi . /lib/lsb/init-functions set -e case "$1" in start) echo -n "Starting $DESC: " mkdir -p $RUNDIR touch $PIDFILE chown redis:redis $RUNDIR $PIDFILE chmod 755 $RUNDIR if [ -n "$ULIMIT" ] then ulimit -n $ULIMIT fi if start-stop-daemon --start --quiet --umask 007 --pidfile $PIDFILE --chuid redis:redis --exec $DAEMON -- $DAEMON_ARGS then echo "$NAME." else echo "failed" fi ;; stop) echo -n "Stopping $DESC: " if start-stop-daemon --stop --retry forever/TERM/1 --quiet --oknodo --pidfile $PIDFILE --exec $DAEMON then echo "$NAME." else echo "failed" fi rm -f $PIDFILE sleep 1 ;; restart|force-reload) ${0} stop ${0} start ;; status) echo -n "$DESC is " if start-stop-daemon --stop --quiet --signal 0 --name ${NAME} --pidfile ${PIDFILE} then echo "running" else echo "not running" exit 1 fi ;; *) echo "Usage: /etc/init.d/$NAME {start|stop|restart|force-reload|status}" >&2 exit 1 ;; esac exit 0 debian/redis-server.logrotate0000664000000000000000000000017612265227024013532 0ustar /var/log/redis/*.log { weekly missingok copytruncate rotate 12 compress notifempty } debian/redis-server.default0000775000000000000000000000044012265227024013153 0ustar # redis-server configure options # ULIMIT: Call ulimit -n with this argument prior to invoking Redis itself. # This may be required for high-concurrency environments. Redis itself cannot # alter its limits as it is not being run as root. (default: do not call # ulimit) # # ULIMIT=65536 debian/compat0000664000000000000000000000000212265227024010370 0ustar 7 debian/redis-server.10000664000000000000000000000143412265227024011670 0ustar .TH REDIS-SERVER 1 "March 20, 2009" .SH NAME redis-server \- Persistent key-value database .SH SYNOPSIS .B redis-server .RI configfile .SH DESCRIPTION Redis is a key-value database. It is similar to memcached but the dataset is not volatile and other datatypes (such as lists and sets) are natively supported. .PP .SH OPTIONS .IP "configfile" Read options from specified configuration file. .SH NOTES On Debian GNU/Linux systems, \fBredis-server\fP is typically started via the \fB/etc/init.d/redis-server\fP initscript, not manually. This defaults to using \fB/etc/redis/redis.conf\fP as a configuration file. .SH AUTHOR \fBredis-server\fP was written by Salvatore Sanfilippo. .PP This manual page was written by Chris Lamb for the Debian project (but may be used by others). debian/redis-server.postinst0000664000000000000000000000020112265227024013402 0ustar #!/bin/sh set -eu USER="redis" GROUP="$USER" chown $USER:$GROUP /var/lib/redis chown $USER:$GROUP /var/log/redis #DEBHELPER# debian/redis-tools.install0000664000000000000000000000021712265227024013026 0ustar src/redis-benchmark /usr/bin src/redis-cli /usr/bin src/redis-check-aof /usr/bin src/redis-check-dump /usr/bin debian/bash_completion.d /etc debian/redis-server.manpages0000664000000000000000000000002612265227024013317 0ustar debian/redis-server.1 debian/redis-server.dirs0000664000000000000000000000003612265227024012466 0ustar /var/lib/redis /var/log/redis debian/redis-cli.10000664000000000000000000000121612265227024011127 0ustar .TH REDIS-CLI 1 "January 13, 2010" .SH NAME redis-cli \- Command-line client to redis-server .SH SYNOPSIS .B redis-cli .RI [options] .SH DESCRIPTION Redis is a key-value database. It is similar to memcached but the dataset is not volatile and other datatypes (such as lists and sets) are natively supported. .PP \fBredis-cli\fP provides a simple command-line interface to a Redis server. .SH OPTIONS See \fBredis-doc\fP for more information on the commands Redis accepts. .SH AUTHOR \fBredis-cli\fP was written by Salvatore Sanfilippo. .PP This manual page was written by Chris Lamb for the Debian project (but may be used by others). debian/patches/0000775000000000000000000000000013314733437010627 5ustar debian/patches/CVE-2013-7458.patch0000664000000000000000000000220713314505277013255 0ustar From a9817a3bfb9766738b56fd70dd353ec776518b87 Mon Sep 17 00:00:00 2001 From: leosilva Date: Mon, 25 Jun 2018 15:28:59 -0300 Subject: [PATCH] cve-2013-7458 Re-applied from debian wheezy --- deps/linenoise/linenoise.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/deps/linenoise/linenoise.c b/deps/linenoise/linenoise.c index 4632f7d..02117ee 100644 --- a/deps/linenoise/linenoise.c +++ b/deps/linenoise/linenoise.c @@ -93,6 +93,7 @@ #include #include #include +#include #include #include #include "linenoise.h" @@ -592,10 +593,14 @@ int linenoiseHistorySetMaxLen(int len) { /* Save the history in the specified file. On success 0 is returned * otherwise -1 is returned. */ int linenoiseHistorySave(char *filename) { + mode_t old_umask; + old_umask = umask(S_IXUSR|S_IRWXG|S_IRWXO); FILE *fp = fopen(filename,"w"); + umask(old_umask); int j; if (fp == NULL) return -1; + chmod(filename,S_IRUSR|S_IWUSR); for (j = 0; j < history_len; j++) fprintf(fp,"%s\n",history[j]); fclose(fp); -- 2.7.4 debian/patches/series0000664000000000000000000000034613314733437012047 0ustar 02-fix-ftbfs-on-kfreebsd -p1 03-use-system-jemalloc.diff -p1 CVE-2013-7458.patch CVE-2015-4335.patch CVE-2015-8080.patch CVE-2016-10517.patch CVE-2018-11218.patch CVE-2018-11219-1.patch CVE-2018-11219-2.patch CVE-2018-12326.patch debian/patches/03-use-system-jemalloc.diff0000664000000000000000000000310612265227024015575 0ustar Description: Use system jemalloc Upstream seem to be "difficult" on this matter. See: https://github.com/antirez/redis/pull/137 Author: Chris Lamb --- redis-2.4.2.orig/src/Makefile +++ redis-2.4.2/src/Makefile @@ -79,9 +79,8 @@ ifeq ($(MALLOC),tcmalloc_minimal) endif ifeq ($(MALLOC),jemalloc) - DEPENDENCY_TARGETS+= jemalloc - FINAL_CFLAGS+= -DUSE_JEMALLOC -I../deps/jemalloc/include - FINAL_LIBS+= ../deps/jemalloc/lib/libjemalloc.a -ldl + FINAL_CFLAGS+= -DUSE_JEMALLOC -I/usr/include/jemalloc/include + FINAL_LIBS+= -ljemalloc endif REDIS_CC=$(QUIET_CC)$(CC) $(FINAL_CFLAGS) --- redis-2.4.2.orig/src/zmalloc.c +++ redis-2.4.2/src/zmalloc.c @@ -61,10 +61,10 @@ #define realloc(ptr,size) tc_realloc(ptr,size) #define free(ptr) tc_free(ptr) #elif defined(USE_JEMALLOC) -#define malloc(size) je_malloc(size) -#define calloc(count,size) je_calloc(count,size) -#define realloc(ptr,size) je_realloc(ptr,size) -#define free(ptr) je_free(ptr) +#define malloc(size) malloc(size) +#define calloc(count,size) calloc(count,size) +#define realloc(ptr,size) realloc(ptr,size) +#define free(ptr) free(ptr) #endif #ifdef HAVE_ATOMIC --- a/src/zmalloc.h.orig 2012-10-23 14:56:21.272493961 +0100 +++ b/src/zmalloc.h 2012-10-23 14:56:29.008474117 +0100 @@ -50,7 +50,7 @@ #include #if (JEMALLOC_VERSION_MAJOR == 2 && JEMALLOC_VERSION_MINOR >= 1) || (JEMALLOC_VERSION_MAJOR > 2) #define HAVE_MALLOC_SIZE 1 -#define zmalloc_size(p) je_malloc_usable_size(p) +#define zmalloc_size(p) malloc_usable_size(p) #else #error "Newer version of jemalloc required" #endif debian/patches/CVE-2018-11219-1.patch0000664000000000000000000001415113314505371013462 0ustar From 1eb08bcd4634ae42ec45e8284923ac048beaa4c3 Mon Sep 17 00:00:00 2001 From: antirez Date: Mon, 14 May 2018 17:49:06 +0200 Subject: [PATCH] Security: update Lua struct package for security. During an auditing Apple found that the "struct" Lua package we ship with Redis (http://www.inf.puc-rio.br/~roberto/struct/) contains a security problem. A bound-checking statement fails because of integer overflow. The bug exists since we initially integrated this package with Lua, when scripting was introduced, so every version of Redis with EVAL/EVALSHA capabilities exposed is affected. Instead of just fixing the bug, the library was updated to the latest version shipped by the author. diff --git a/deps/lua/src/lua_struct.c b/deps/lua/src/lua_struct.c index a602bb4..b03a002 100644 --- a/deps/lua/src/lua_struct.c +++ b/deps/lua/src/lua_struct.c @@ -1,7 +1,7 @@ /* ** {====================================================== ** Library for packing/unpacking structures. -** $Id: struct.c,v 1.4 2012/07/04 18:54:29 roberto Exp $ +** $Id: struct.c,v 1.7 2018/05/11 22:04:31 roberto Exp $ ** See Copyright Notice at the end of this file ** ======================================================= */ @@ -15,8 +15,8 @@ ** h/H - signed/unsigned short ** l/L - signed/unsigned long ** T - size_t -** i/In - signed/unsigned integer with size `n' (default is size of int) -** cn - sequence of `n' chars (from/to a string); when packing, n==0 means +** i/In - signed/unsigned integer with size 'n' (default is size of int) +** cn - sequence of 'n' chars (from/to a string); when packing, n==0 means the whole string; when unpacking, n==0 means use the previous read number as the string length ** s - zero-terminated string @@ -89,14 +89,12 @@ typedef struct Header { } Header; -static int getnum (lua_State *L, const char **fmt, int df) { +static int getnum (const char **fmt, int df) { if (!isdigit(**fmt)) /* no number? */ return df; /* return default value */ else { int a = 0; do { - if (a > (INT_MAX / 10) || a * 10 > (INT_MAX - (**fmt - '0'))) - luaL_error(L, "integral size overflow"); a = a*10 + *((*fmt)++) - '0'; } while (isdigit(**fmt)); return a; @@ -117,9 +115,9 @@ static size_t optsize (lua_State *L, char opt, const char **fmt) { case 'f': return sizeof(float); case 'd': return sizeof(double); case 'x': return 1; - case 'c': return getnum(L, fmt, 1); + case 'c': return getnum(fmt, 1); case 'i': case 'I': { - int sz = getnum(L, fmt, sizeof(int)); + int sz = getnum(fmt, sizeof(int)); if (sz > MAXINTSIZE) luaL_error(L, "integral size %d is larger than limit of %d", sz, MAXINTSIZE); @@ -152,7 +150,7 @@ static void controloptions (lua_State *L, int opt, const char **fmt, case '>': h->endian = BIG; return; case '<': h->endian = LITTLE; return; case '!': { - int a = getnum(L, fmt, MAXALIGN); + int a = getnum(fmt, MAXALIGN); if (!isp2(a)) luaL_error(L, "alignment %d is not a power of 2", a); h->align = a; @@ -296,20 +294,21 @@ static int b_unpack (lua_State *L) { size_t ld; const char *data = luaL_checklstring(L, 2, &ld); size_t pos = luaL_optinteger(L, 3, 1) - 1; + int n = 0; /* number of results */ defaultoptions(&h); - lua_settop(L, 2); while (*fmt) { int opt = *fmt++; size_t size = optsize(L, opt, &fmt); pos += gettoalign(pos, &h, opt, size); luaL_argcheck(L, pos+size <= ld, 2, "data string too short"); - luaL_checkstack(L, 1, "too many results"); + /* stack space for item + next position */ + luaL_checkstack(L, 2, "too many results"); switch (opt) { case 'b': case 'B': case 'h': case 'H': case 'l': case 'L': case 'T': case 'i': case 'I': { /* integer types */ int issigned = islower(opt); lua_Number res = getinteger(data+pos, h.endian, issigned, size); - lua_pushnumber(L, res); + lua_pushnumber(L, res); n++; break; } case 'x': { @@ -319,25 +318,26 @@ static int b_unpack (lua_State *L) { float f; memcpy(&f, data+pos, size); correctbytes((char *)&f, sizeof(f), h.endian); - lua_pushnumber(L, f); + lua_pushnumber(L, f); n++; break; } case 'd': { double d; memcpy(&d, data+pos, size); correctbytes((char *)&d, sizeof(d), h.endian); - lua_pushnumber(L, d); + lua_pushnumber(L, d); n++; break; } case 'c': { if (size == 0) { - if (!lua_isnumber(L, -1)) - luaL_error(L, "format `c0' needs a previous size"); + if (n == 0 || !lua_isnumber(L, -1)) + luaL_error(L, "format 'c0' needs a previous size"); size = lua_tonumber(L, -1); - lua_pop(L, 1); - luaL_argcheck(L, pos+size <= ld, 2, "data string too short"); + lua_pop(L, 1); n--; + luaL_argcheck(L, size <= ld && pos <= ld - size, + 2, "data string too short"); } - lua_pushlstring(L, data+pos, size); + lua_pushlstring(L, data+pos, size); n++; break; } case 's': { @@ -345,15 +345,15 @@ static int b_unpack (lua_State *L) { if (e == NULL) luaL_error(L, "unfinished string in data"); size = (e - (data+pos)) + 1; - lua_pushlstring(L, data+pos, size - 1); + lua_pushlstring(L, data+pos, size - 1); n++; break; } default: controloptions(L, opt, &fmt, &h); } pos += size; } - lua_pushinteger(L, pos + 1); - return lua_gettop(L) - 2; + lua_pushinteger(L, pos + 1); /* next position */ + return n + 1; } @@ -399,7 +399,7 @@ LUALIB_API int luaopen_struct (lua_State *L) { /****************************************************************************** -* Copyright (C) 2010-2012 Lua.org, PUC-Rio. All rights reserved. +* Copyright (C) 2010-2018 Lua.org, PUC-Rio. All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining * a copy of this software and associated documentation files (the debian/patches/CVE-2018-11219-2.patch0000664000000000000000000000300713314505375013465 0ustar From e89086e09a38cc6713bcd4b9c29abf92cf393936 Mon Sep 17 00:00:00 2001 From: antirez Date: Tue, 15 May 2018 13:13:49 +0200 Subject: [PATCH] Security: fix Lua struct package offset handling. After the first fix to the struct package I found another similar problem, which is fixed by this patch. It could be reproduced easily by running the following script: return struct.unpack('f', "xxxxxxxxxxxxx",-3) The above will access bytes before the 'data' pointer. diff --git a/deps/lua/src/lua_struct.c b/deps/lua/src/lua_struct.c index b03a002..4d5f027 100644 --- a/deps/lua/src/lua_struct.c +++ b/deps/lua/src/lua_struct.c @@ -293,14 +293,18 @@ static int b_unpack (lua_State *L) { const char *fmt = luaL_checkstring(L, 1); size_t ld; const char *data = luaL_checklstring(L, 2, &ld); - size_t pos = luaL_optinteger(L, 3, 1) - 1; + size_t pos = luaL_optinteger(L, 3, 1); + luaL_argcheck(L, pos > 0, 3, "offset must be 1 or greater"); + pos--; /* Lua indexes are 1-based, but here we want 0-based for C + * pointer math. */ int n = 0; /* number of results */ defaultoptions(&h); while (*fmt) { int opt = *fmt++; size_t size = optsize(L, opt, &fmt); pos += gettoalign(pos, &h, opt, size); - luaL_argcheck(L, pos+size <= ld, 2, "data string too short"); + luaL_argcheck(L, size <= ld && pos <= ld - size, + 2, "data string too short"); /* stack space for item + next position */ luaL_checkstack(L, 2, "too many results"); switch (opt) { debian/patches/CVE-2015-4335.patch0000664000000000000000000000151713314505324013242 0ustar From fdf9d455098f54f7666c702ae464e6ea21e25411 Mon Sep 17 00:00:00 2001 From: Ben Murphy Date: Mon, 11 May 2015 23:24:24 +0100 Subject: [PATCH] disable loading lua bytecode --- deps/lua/src/ldo.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deps/lua/src/ldo.c b/deps/lua/src/ldo.c index d1bf786..514f7a2 100644 --- a/deps/lua/src/ldo.c +++ b/deps/lua/src/ldo.c @@ -495,7 +495,7 @@ static void f_parser (lua_State *L, void *ud) { struct SParser *p = cast(struct SParser *, ud); int c = luaZ_lookahead(p->z); luaC_checkGC(L); - tf = ((c == LUA_SIGNATURE[0]) ? luaU_undump : luaY_parser)(L, p->z, + tf = (luaY_parser)(L, p->z, &p->buff, p->name); cl = luaF_newLclosure(L, tf->nups, hvalue(gt(L))); cl->l.p = tf; -- 2.7.4 debian/patches/CVE-2018-11218.patch0000664000000000000000000000341513314505362013324 0ustar Backported of: From 5ccb6f7a791bf3490357b00a898885759d98bab0 Mon Sep 17 00:00:00 2001 From: antirez Date: Tue, 15 May 2018 12:29:56 +0200 Subject: [PATCH] Security: more cmsgpack fixes by @soloestoy. @soloestoy sent me this additional fixes, after searching for similar problems to the one reported in mp_pack(). I'm committing the changes because it was not possible during to make a public PR to protect Redis users and give Redis providers some time to patch their systems. diff --git a/deps/lua/src/lua_cmsgpack.c b/deps/lua/src/lua_cmsgpack.c index 53dc1cf..65b432b 100644 --- a/deps/lua/src/lua_cmsgpack.c +++ b/deps/lua/src/lua_cmsgpack.c @@ -331,6 +331,7 @@ static void mp_encode_lua_table_as_array(lua_State *L, mp_buf *buf, int level) { size_t len = lua_objlen(L,-1), j; mp_encode_array(buf,len); + luaL_checkstack(L, 1, "in function mp_encode_lua_table_as_array"); for (j = 1; j <= len; j++) { lua_pushnumber(L,j); lua_gettable(L,-2); @@ -346,6 +347,7 @@ static void mp_encode_lua_table_as_map(lua_State *L, mp_buf *buf, int level) { * Lua API, we need to iterate a first time. Note that an alternative * would be to do a single run, and then hack the buffer to insert the * map opcodes for message pack. Too hachish for this lib. */ + luaL_checkstack(L, 3, "in function mp_encode_lua_table_as_map"); lua_pushnil(L); while(lua_next(L,-2)) { lua_pop(L,1); /* remove value, keep key for next iteration. */ @@ -443,6 +445,7 @@ void mp_decode_to_lua_array(lua_State *L, mp_cur *c, size_t len) { int index = 1; lua_newtable(L); + luaL_checkstack(L, 1, "in function mp_decode_to_lua_array"); while(len--) { lua_pushnumber(L,index++); mp_decode_to_lua_type(L,c); debian/patches/CVE-2016-10517.patch0000664000000000000000000000631113314505343013320 0ustar Backported of: From 874804da0c014a7d704b3d285aa500098a931f50 Mon Sep 17 00:00:00 2001 From: antirez Date: Wed, 3 Aug 2016 11:12:13 +0200 Subject: [PATCH] Security: Cross Protocol Scripting protection. This is an attempt at mitigating problems due to cross protocol scripting, an attack targeting services using line oriented protocols like Redis that can accept HTTP requests as valid protocol, by discarding the invalid parts and accepting the payloads sent, for example, via a POST request. For this to be effective, when we detect POST and Host: and terminate the connection asynchronously, the networking code was modified in order to never process further input. It was later verified that in a pipelined request containing a POST command, the successive commands are not executed. --- src/redis.c | 23 +++++++++++++++++++++++ src/redis.h | 1 + 2 files changed, 24 insertions(+) diff --git a/src/redis.c b/src/redis.c index 0ad08e8..7eff348 100644 --- a/src/redis.c +++ b/src/redis.c @@ -254,6 +254,8 @@ struct redisCommand redisCommandTable[] = { {"eval",evalCommand,-3,"s",0,zunionInterGetKeys,0,0,0,0,0}, {"evalsha",evalShaCommand,-3,"s",0,zunionInterGetKeys,0,0,0,0,0}, {"slowlog",slowlogCommand,-2,"r",0,NULL,0,0,0,0,0}, + {"post",securityWarningCommand,-1,"lt",0,NULL,0,0,0,0,0}, + {"host:",securityWarningCommand,-1,"lt",0,NULL,0,0,0,0,0}, {"script",scriptCommand,-2,"ras",0,NULL,0,0,0,0,0}, {"time",timeCommand,1,"rR",0,NULL,0,0,0,0,0}, {"bitop",bitopCommand,-4,"wm",0,NULL,2,-1,1,0,0}, @@ -2142,6 +2144,27 @@ void echoCommand(redisClient *c) { addReplyBulk(c,c->argv[1]); } +/* This callback is bound to POST and "Host:" command names. Those are not + * really commands, but are used in security attacks in order to talk to + * Redis instances via HTTP, with a technique called "cross protocol scripting" + * which exploits the fact that services like Redis will discard invalid + * HTTP headers and will process what follows. + * + * As a protection against this attack, Redis will terminate the connection + * when a POST or "Host:" header is seen, and will log the event from + * time to time (to avoid creating a DOS as a result of too many logs). */ +void securityWarningCommand(redisClient *c) { + static time_t logged_time; + time_t now = time(NULL); + + if (labs(now-logged_time) > 60) { + redisLog(REDIS_WARNING,"Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection aborted."); + logged_time = now; + } + c->flags |= REDIS_CLOSE_AFTER_REPLY; + addReply(c,createStringObject("",0)); +} + void timeCommand(redisClient *c) { struct timeval tv; diff --git a/src/redis.h b/src/redis.h index 39ee45a..9938e6b 100644 --- a/src/redis.h +++ b/src/redis.h @@ -1203,6 +1203,7 @@ uint64_t redisBuildId(void); void authCommand(redisClient *c); void pingCommand(redisClient *c); void echoCommand(redisClient *c); +void securityWarningCommand(redisClient *c); void setCommand(redisClient *c); void setnxCommand(redisClient *c); void setexCommand(redisClient *c); -- 2.7.4 debian/patches/CVE-2015-8080.patch0000664000000000000000000000353713314505333013247 0ustar From 6356668828674ab17c5f00b7a2a8963d9ca5eb39 Mon Sep 17 00:00:00 2001 From: Sun He Date: Sun, 13 Dec 2015 13:47:22 +0800 Subject: [PATCH] lua_struct.c/getnum: throw error if overflow happen Fix issue #2855 --- deps/lua/src/lua_struct.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/deps/lua/src/lua_struct.c b/deps/lua/src/lua_struct.c index ec78bcb..a602bb4 100644 --- a/deps/lua/src/lua_struct.c +++ b/deps/lua/src/lua_struct.c @@ -89,12 +89,14 @@ typedef struct Header { } Header; -static int getnum (const char **fmt, int df) { +static int getnum (lua_State *L, const char **fmt, int df) { if (!isdigit(**fmt)) /* no number? */ return df; /* return default value */ else { int a = 0; do { + if (a > (INT_MAX / 10) || a * 10 > (INT_MAX - (**fmt - '0'))) + luaL_error(L, "integral size overflow"); a = a*10 + *((*fmt)++) - '0'; } while (isdigit(**fmt)); return a; @@ -115,9 +117,9 @@ static size_t optsize (lua_State *L, char opt, const char **fmt) { case 'f': return sizeof(float); case 'd': return sizeof(double); case 'x': return 1; - case 'c': return getnum(fmt, 1); + case 'c': return getnum(L, fmt, 1); case 'i': case 'I': { - int sz = getnum(fmt, sizeof(int)); + int sz = getnum(L, fmt, sizeof(int)); if (sz > MAXINTSIZE) luaL_error(L, "integral size %d is larger than limit of %d", sz, MAXINTSIZE); @@ -150,7 +152,7 @@ static void controloptions (lua_State *L, int opt, const char **fmt, case '>': h->endian = BIG; return; case '<': h->endian = LITTLE; return; case '!': { - int a = getnum(fmt, MAXALIGN); + int a = getnum(L, fmt, MAXALIGN); if (!isp2(a)) luaL_error(L, "alignment %d is not a power of 2", a); h->align = a; -- 2.7.4 debian/patches/02-fix-ftbfs-on-kfreebsd0000664000000000000000000000107612265227024015054 0ustar # Description: Fix FTBFS on kfreebsd # Bug: https://github.com/antirez/redis/pull/67 # Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632499 # Author: Christoph Egger diff --git a/src/fmacros.h b/src/fmacros.h index c16f5e2..d8e2703 100644 --- a/src/fmacros.h +++ b/src/fmacros.h @@ -36,7 +36,7 @@ #define _GNU_SOURCE #endif -#if defined(__linux__) || defined(__OpenBSD__) +#if defined(__linux__) || defined(__OpenBSD__) || defined(__GLIBC__) #define _XOPEN_SOURCE 700 /* * On NetBSD, _XOPEN_SOURCE undefines _NETBSD_SOURCE and debian/patches/CVE-2018-12326.patch0000664000000000000000000001672613314733417013342 0ustar diff --git a/src/redis-cli.c b/src/redis-cli.c index 265cea0..b0605d4 100644 --- a/src/redis-cli.c +++ b/src/redis-cli.c @@ -110,20 +110,23 @@ static long long mstime(void) { } static void cliRefreshPrompt(void) { - int len; - - if (config.hostsocket != NULL) - len = snprintf(config.prompt,sizeof(config.prompt),"redis %s", - config.hostsocket); - else - len = snprintf(config.prompt,sizeof(config.prompt), - strchr(config.hostip,':') ? "[%s]:%d" : "%s:%d", - config.hostip, config.hostport); + sds prompt = sdsempty(); + if (config.hostsocket != NULL) { + sdscatfmt(prompt,"redis %s",config.hostsocket); + } else { + char addr[256]; + snprintf(addr, sizeof(addr), strchr(config.hostip,':') ? + "[%s]:%d" : "%s:%d", config.hostip, config.hostport); + prompt = sdscatlen(prompt,addr,strlen(addr)); + } /* Add [dbnum] if needed */ if (config.dbnum != 0) - len += snprintf(config.prompt+len,sizeof(config.prompt)-len,"[%d]", - config.dbnum); - snprintf(config.prompt+len,sizeof(config.prompt)-len,"> "); + prompt = sdscatfmt(prompt,"[%i]",config.dbnum); + + /* Copy the prompt in the static buffer. */ + prompt = sdscatlen(prompt,"> ",2); + snprintf(config.prompt,sizeof(config.prompt),"%s",prompt); + sdsfree(prompt); } /*------------------------------------------------------------------------------ diff --git a/src/sds.c b/src/sds.c index 64c9a96..d671524 100644 --- a/src/sds.c +++ b/src/sds.c @@ -289,6 +289,72 @@ sds sdscpy(sds s, const char *t) { return sdscpylen(s, t, strlen(t)); } +/* Helper for sdscatlonglong() doing the actual number -> string + * conversion. 's' must point to a string with room for at least + * SDS_LLSTR_SIZE bytes. + * + * The function returns the lenght of the null-terminated string + * representation stored at 's'. */ +#define SDS_LLSTR_SIZE 21 +int sdsll2str(char *s, long long value) { + char *p, aux; + unsigned long long v; + size_t l; + + /* Generate the string representation, this method produces + * an reversed string. */ + v = (value < 0) ? -value : value; + p = s; + do { + *p++ = '0'+(v%10); + v /= 10; + } while(v); + if (value < 0) *p++ = '-'; + + /* Compute length and add null term. */ + l = p-s; + *p = '\0'; + + /* Reverse the string. */ + p--; + while(s < p) { + aux = *s; + *s = *p; + *p = aux; + s++; + p--; + } + return l; +} + +/* Identical sdsll2str(), but for unsigned long long type. */ +int sdsull2str(char *s, unsigned long long v) { + char *p, aux; + size_t l; + + /* Generate the string representation, this method produces + * an reversed string. */ + p = s; + do { + *p++ = '0'+(v%10); + v /= 10; + } while(v); + + /* Compute length and add null term. */ + l = p-s; + *p = '\0'; + + /* Reverse the string. */ + p--; + while(s < p) { + aux = *s; + *s = *p; + *p = aux; + s++; + p--; + } + return l; +} /* Like sdscatpritf() but gets va_list instead of being variadic. */ sds sdscatvprintf(sds s, const char *fmt, va_list ap) { va_list cpy; @@ -338,6 +404,121 @@ sds sdscatprintf(sds s, const char *fmt, ...) { return t; } +/* This function is similar to sdscatprintf, but much faster as it does + * not rely on sprintf() family functions implemented by the libc that + * are often very slow. Moreover directly handling the sds string as + * new data is concatenated provides a performance improvement. + * + * However this function only handles an incompatible subset of printf-alike + * format specifiers: + * + * %s - C String + * %S - SDS string + * %i - signed int + * %I - 64 bit signed integer (long long, int64_t) + * %u - unsigned int + * %U - 64 bit unsigned integer (unsigned long long, uint64_t) + * %% - Verbatim "%" character. + */ +sds sdscatfmt(sds s, char const *fmt, ...) { + struct sdshdr *sh = (void*) (s-(sizeof(struct sdshdr))); + size_t initlen = sdslen(s); + const char *f = fmt; + int i; + va_list ap; + + va_start(ap,fmt); + f = fmt; /* Next format specifier byte to process. */ + i = initlen; /* Position of the next byte to write to dest str. */ + while(*f) { + char next, *str; + unsigned int l; + long long num; + unsigned long long unum; + + /* Make sure there is always space for at least 1 char. */ + if (sh->free == 0) { + s = sdsMakeRoomFor(s,1); + sh = (void*) (s-(sizeof(struct sdshdr))); + } + + switch(*f) { + case '%': + next = *(f+1); + f++; + switch(next) { + case 's': + case 'S': + str = va_arg(ap,char*); + l = (next == 's') ? strlen(str) : sdslen(str); + if (sh->free < l) { + s = sdsMakeRoomFor(s,l); + sh = (void*) (s-(sizeof(struct sdshdr))); + } + memcpy(s+i,str,l); + sh->len += l; + sh->free -= l; + i += l; + break; + case 'i': + case 'I': + if (next == 'i') + num = va_arg(ap,int); + else + num = va_arg(ap,long long); + { + char buf[SDS_LLSTR_SIZE]; + l = sdsll2str(buf,num); + if (sh->free < l) { + s = sdsMakeRoomFor(s,l); + sh = (void*) (s-(sizeof(struct sdshdr))); + } + memcpy(s+i,buf,l); + sh->len += l; + sh->free -= l; + i += l; + } + break; + case 'u': + case 'U': + if (next == 'u') + unum = va_arg(ap,unsigned int); + else + unum = va_arg(ap,unsigned long long); + { + char buf[SDS_LLSTR_SIZE]; + l = sdsull2str(buf,unum); + if (sh->free < l) { + s = sdsMakeRoomFor(s,l); + sh = (void*) (s-(sizeof(struct sdshdr))); + } + memcpy(s+i,buf,l); + sh->len += l; + sh->free -= l; + i += l; + } + break; + default: /* Handle %% and generally %. */ + s[i++] = next; + sh->len += 1; + sh->free -= 1; + break; + } + break; + default: + s[i++] = *f; + sh->len += 1; + sh->free -= 1; + break; + } + f++; + } + va_end(ap); + + /* Add null-term */ + s[i] = '\0'; + return s; +} /* Remove the part of the string from left and from right composed just of * contiguous characters found in 'cset', that is a null terminted C string. * diff --git a/src/sds.h b/src/sds.h index 615c751..9a60402 100644 --- a/src/sds.h +++ b/src/sds.h @@ -76,6 +76,7 @@ sds sdscatprintf(sds s, const char *fmt, ...) sds sdscatprintf(sds s, const char *fmt, ...); #endif +sds sdscatfmt(sds s, char const *fmt, ...); sds sdstrim(sds s, const char *cset); void sdsrange(sds s, int start, int end); void sdsupdatelen(sds s); debian/changelog0000664000000000000000000003724413314731055011056 0ustar redis (2:2.8.4-2ubuntu0.2) trusty-security; urgency=medium * SECURITY UPDATE: Permissions issue - debian/patches/CVE-2013-7458.patch: fix in deps/linenoise/linenoise.c. - CVE-2013-7458 * SECURITY UPDATE: Arbitrary code execution - debian/patches/CVE-2015-4335.patch: fix in deps/lua/src/ldo.c. - CVE-2015-4335 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2015-8080.patch: fix in deps/lua/src/lua_struct.c. - CVE-2015-8080 * SECURITY UPDATE: Cross protocol scripting - debian/patches/CVE-2016-10517.patch: fix in src/redis.c, src/redis.h. - CVE-2016-10517 * SECURITY UPDATE: Memory corruption - debian/patches/CVE-2018-11218.patch: fix in deps/lua/src/lua_cmsgpack.c. - CVE-2018-11218 * SECURITY UPDATE: Integer Overflow - debian/patches/CVE-2018-11219-*.patch: fix in deps/lua/src/lua_struct.c. - CVE-2018-11219 * SECURITY UPDATE: Buffer overflow in the redis-cli - debian/patches/CVE-2018-12326.patch: fix in redis-cli.c. - CVE-2018-12326 -- Leonidas S. Barbosa Tue, 26 Jun 2018 15:50:43 -0300 redis (2:2.8.4-2) unstable; urgency=low * Symlink redis-sentinel to redis-server as it's the same binary. * Install sentinel.conf. -- Chris Lamb Tue, 14 Jan 2014 12:31:14 +0000 redis (2:2.8.4-1) unstable; urgency=low * New upstream version. * Sync debian/redis.conf. * Also ship redis-sentinel (Closes: #735272) -- Chris Lamb Tue, 14 Jan 2014 10:42:09 +0000 redis (2:2.8.2-1) unstable; urgency=low * New upstream version. -- Chris Lamb Fri, 06 Dec 2013 14:37:54 +0000 redis (2:2.8.0-1) unstable; urgency=low * New upstream release. - Update debian/patches/02-fix-ftbfs-on-kfreebsd. - Update debian/patches/03-use-system-jemalloc.diff. - Update debian/redis.conf * Bump Standards-Version to 3.9.4. -- Chris Lamb Fri, 22 Nov 2013 16:51:55 +0000 redis (2:2.6.16-3) unstable; urgency=low * Add missing Replaces and Breaks to redis-tools. Thanks to Andreas Beckmann (anbe). (Closes: #723703) -- Chris Lamb Fri, 20 Sep 2013 14:35:24 +0100 redis (2:2.6.16-2) unstable; urgency=low * Completely rework and refresh debian/copyright. (Closes: #723162) * Update website in debian/copyright. * Drop client library references from debian/copyright (dropped in 2:1.1.90~beta-1). * Update main copyright year. -- Chris Lamb Tue, 17 Sep 2013 19:08:01 +0100 redis (2:2.6.16-1) unstable; urgency=low * New upstream release. * Split non-server binaries into redis-tools package. (Closes: #723006) * Update debian/watch. -- Chris Lamb Mon, 16 Sep 2013 09:53:49 +0100 redis (2:2.6.14-2) unstable; urgency=low * Source /lib/lsb/init-functions in initscript for systemd compatibility. -- Chris Lamb Mon, 12 Aug 2013 16:17:47 +0100 redis (2:2.6.14-1) unstable; urgency=low * New upstream release. -- Chris Lamb Tue, 06 Aug 2013 12:14:12 +0100 redis (2:2.6.13-1) unstable; urgency=low * New upstream release. - Sync debian/redis.conf. - Update 02-fix-ftbfs-on-kfreebsd.diff. -- Chris Lamb Mon, 17 Jun 2013 00:49:42 +0100 redis (2:2.6.7-1) unstable; urgency=low * New upstream release. * Add missing "status" command from usage. Thanks to Dererk . (Closes: #696339) * Enable building on kfreebsd-amd64 (and possibly kfreebsd-i386 and hurd-i386) by not depending on 'jemalloc' which would not be used anyway. Thanks to Jeff Epler . (Closes: #696618) -- Chris Lamb Fri, 28 Dec 2012 17:00:06 +0000 redis (2:2.6.0-1) unstable; urgency=low * New upstream release. * Update 02-fix-ftbfs-on-kfreebsd.diff. * Update 03-use-system-jemalloc.diff. * Update configuration file. -- Chris Lamb Tue, 23 Oct 2012 15:04:17 +0100 redis (2:2.4.17-1) unstable; urgency=low * New upstream release. * Bump Standards-Version to 3.9.3. -- Chris Lamb Wed, 10 Oct 2012 21:16:47 +0100 redis (2:2.4.15-1) unstable; urgency=low * New upstream release. -- Chris Lamb Mon, 02 Jul 2012 10:56:28 +0100 redis (2:2.4.14-1) unstable; urgency=low * New upstream release. -- Chris Lamb Fri, 08 Jun 2012 17:21:49 +0100 redis (2:2.4.13-1) unstable; urgency=low * New upstream release. (Closes: #673202) * Sync upstream redis.conf changes with debian/redis.conf. -- Chris Lamb Thu, 17 May 2012 10:32:33 +0100 redis (2:2.4.9-2) unstable; urgency=low * Add /etc/default/redis-server option to call ``ulimit -n'' before invoking Redis. (Closes: #672638) -- Chris Lamb Mon, 14 May 2012 10:34:21 +0000 redis (2:2.4.9-1) unstable; urgency=low * New upstream release. -- Chris Lamb Mon, 26 Mar 2012 12:21:29 +0100 redis (2:2.4.8-1) unstable; urgency=low * New upstream release. * Fix debian/watch (Closes: #661919) * Don't use jemalloc on archs not supporting it (Closes: #661354) -- Chris Lamb Sun, 11 Mar 2012 22:19:51 +0000 redis (2:2.4.5-1) unstable; urgency=low * New upstream version (Closes: #655416) * Use system jemalloc. (Closes: #654900, #654902) -- Chris Lamb Wed, 11 Jan 2012 12:30:27 +0000 redis (2:2.4.2-2) unstable; urgency=low * Fix test suite on sparc (Closes: #647627) -- Chris Lamb Wed, 07 Dec 2011 16:55:23 +0000 redis (2:2.4.2-1) unstable; urgency=low * New upstream release. * /etc/init.d/redis-server fixes: - Send TERM, not QUIT signal. - Sleep 1 second after exiting as although the process has disappeared the server socket is somehow still in use which causes the start to fail. * Drop 01-fix-link-ordering patch; fixed upstream. . * Update 02-fix-ftbfs-on-kfreebsd. * Drop redis-doc package now that upstream no longer ship documentation. -- Chris Lamb Wed, 16 Nov 2011 16:00:23 +0000 redis (2:2.2.12-1) unstable; urgency=low * New upstream release. * Move runtime files to /var/run/redis/ and set that as default location for socket file. Thanks to Sandro Tosi . (Closes: #632931) * Refresh fix-link-ordering patch. * Use "defined(__linux__) || defined(__GLIBC__)" for kfreebsd compatibility. Thanks to Robert Millan . (Closes: #632499) -- Chris Lamb Wed, 27 Jul 2011 19:20:26 +0200 redis (2:2.2.11-3) unstable; urgency=low * Change default loglevel to "notice". * Wait forever for redis to stop - only waiting 10 seconds could cause data loss. * Set a proper default location for socket file. (Closes: #632931) -- Chris Lamb Mon, 18 Jul 2011 13:25:16 +0100 redis (2:2.2.11-2) unstable; urgency=low * Fix FTBFS on kfreebsd. Thanks to Christoph Egger for the patch. (Closes: #632499) * Ship redis-check-aof and redis-check-dump. (Closes: #632858) -- Chris Lamb Wed, 06 Jul 2011 22:36:18 +0100 redis (2:2.2.11-1) unstable; urgency=low * New upstream release. * Correct spelling of "Description" in patch system. -- Chris Lamb Sat, 02 Jul 2011 00:43:37 +0100 redis (2:2.2.10-1) unstable; urgency=low * New upstream release. * Bump Standards-Version to 3.9.2. -- Chris Lamb Sat, 18 Jun 2011 14:53:41 +0100 redis (2:2.2.8-1) unstable; urgency=low * New upstream release. * Add patch from Ubuntu to fix FTBFS due to --as-needed linking. Thanks to Nigel Babu . (Closes: #628056) -- Chris Lamb Tue, 07 Jun 2011 16:43:58 +0100 redis (2:2.2.5-1) unstable; urgency=low * New upstream release. -- Chris Lamb Mon, 25 Apr 2011 14:04:29 +0100 redis (2:2.2.4-1) unstable; urgency=low * New upstream release. -- Chris Lamb Fri, 22 Apr 2011 14:05:43 +0100 redis (2:2.2.2-1) unstable; urgency=low * New upstream release. * Use userdel over deluser to prevent problems when purging package. (Closes: #618326) -- Chris Lamb Tue, 15 Mar 2011 11:13:21 +0000 redis (2:2.2.1-1) unstable; urgency=low * New upstream release. (Closes: #604076) * Update install paths. -- Chris Lamb Thu, 24 Feb 2011 19:39:43 +0000 redis (2:2.0.1-2) unstable; urgency=low * Upload to unstable. -- Chris Lamb Fri, 10 Sep 2010 14:49:30 +0100 redis (2:2.0.1-1) experimental; urgency=low * New upstream release. * Update debian/watch to not match old tarballs. * Upstream now ships an install target; let's just ignore it for now. -- Chris Lamb Fri, 10 Sep 2010 14:40:01 +0100 redis (2:2.0.0~rc4-1) experimental; urgency=low * New upstream RC release. * Bump Standards-Version to 3.9.1. * Remove mkreleasehdr.sh when building to avoid debian diff - it will regenerate release.h with different contents. -- Chris Lamb Thu, 29 Jul 2010 09:13:31 -0400 redis (2:2.0.0~rc3-1) experimental; urgency=low * New upstream RC release. * Bump Standards-Version to 3.9.0. -- Chris Lamb Fri, 23 Jul 2010 11:59:16 +0100 redis (2:2.0.0~rc2-1) experimental; urgency=low * New upstream RC release. -- Chris Lamb Thu, 01 Jul 2010 23:15:02 +0100 redis (2:2.0.0~rc1-2) experimental; urgency=low * Add 'status' command to initscript. * Add redis-benchmark (and manpage) to package. (Closes: #587395) -- Chris Lamb Mon, 28 Jun 2010 11:02:31 +0100 redis (2:2.0.0~rc1-1) experimental; urgency=low * New upstream release candidate. * Remove '01-dont-print-pid-on-startup.diff' patch. * Update local copy of redis.conf. -- Chris Lamb Tue, 01 Jun 2010 10:51:05 +0100 redis (2:1.2.6-1) unstable; urgency=low * New upstream release. -- Chris Lamb Tue, 30 Mar 2010 14:13:52 +0100 redis (2:1.2.5-1) unstable; urgency=low * New upstream release. * Drop 02-fix-segfault-indupClientReplyValue.diff; applied upstream via . -- Chris Lamb Thu, 11 Mar 2010 21:34:37 +0000 redis (2:1.2.4-1) unstable; urgency=low * New upstream release. -- Chris Lamb Tue, 09 Mar 2010 16:18:19 +0000 redis (2:1.2.3-1) unstable; urgency=low * New upstream release. -- Chris Lamb Tue, 02 Mar 2010 16:45:07 +0000 redis (2:1.2.2-2) unstable; urgency=low * Really fix segfault in dupClientReplyValue. (Closes: #570371) -- Chris Lamb Fri, 19 Feb 2010 09:16:48 +0000 redis (2:1.2.2-1) unstable; urgency=low * New upstream release. - Fixes segfault in dupClientReplyValue. Thanks to Hirling Endre (Closes: #570371) -- Chris Lamb Thu, 18 Feb 2010 22:02:10 +0000 redis (2:1.2.1-1) unstable; urgency=low * New upstream release. * Add Bash completion script for redis-cli by Steve Kemp . (Closes: #565358) * Bump Standards-Version to 3.8.4. * Add $remote_fs to LSB "Required-{Start,Stop}" initscript headers. -- Chris Lamb Tue, 09 Feb 2010 14:37:32 +0000 redis (2:1.2.0-1) unstable; urgency=low * New upstream stable release. * Switch to dpkg-source 3.0 (quilt) format. * Patch out printing of pid on startup. -- Chris Lamb Thu, 14 Jan 2010 15:50:36 +0000 redis (2:1.1.95~beta-2) unstable; urgency=low * Set source section to "database" from "misc". * Add redis-cli binary to "redis-server" package. -- Chris Lamb Wed, 13 Jan 2010 23:36:30 +0000 redis (2:1.1.95~beta-1) unstable; urgency=low * New upstream release. * Sync debian/redis.conf with upstream version (new "rdbcompression" and "masterauth" commands). -- Chris Lamb Sun, 10 Jan 2010 22:59:06 +0000 redis (2:1.1.90~beta-1) unstable; urgency=low * New upstream release: - Bump the epoch as dpkg considers 1.1.90 to be less than 1.02. - Sync redis.conf * Don't build client libraries anymore; not part of the upstream tarball anymore. * Don't export CFLAGS from debian/rules to prevent FTBFS when dpkg-provided CFLAGS does not include --std=c99. * Modify debian/watch to consider "-beta" the same as "~beta" for correct dpkg ordering. -- Chris Lamb Sat, 05 Dec 2009 22:10:32 +0000 redis (1:1.02-1) unstable; urgency=low * New upstream release. -- Chris Lamb Fri, 23 Oct 2009 16:26:45 +0100 redis (1:1.01-1) unstable; urgency=low * New upstream release. - "maxmemory now works well on 64bit systems with > 4GB of RAM" -- Chris Lamb Tue, 22 Sep 2009 21:53:48 +0100 redis (1:1.0-1) unstable; urgency=low * New upstream release. * Bump Standards-Version to 3.8.3. * Drop patch system: - 01-recommend-sysctl-conf.diff; applied upstream. - 02-warn-after-daemonising.diff; applied upstream. - 03-only-mangle-trace-on-ia64-and-x86.diff; applied upstream. - Drop quilt Build-Depends and remove patches/series. * Use "override_dh_auto_clean" instead of "clean" target. -- Chris Lamb Tue, 08 Sep 2009 22:09:19 +0100 redis (1:0.900-3) unstable; urgency=low * Actually add architecture patch introducted in 1:0.900-2 to quilt 'series' (Closes: #533763) * Correct "/proc/sys/vm/overcommit_memory" message to print the correct string to add to sysctl.conf. -- Chris Lamb Thu, 25 Jun 2009 12:13:02 +0100 redis (1:0.900-2) unstable; urgency=low * Add patch to avoid mangling the stacktrace on SIGSEGV using X86-specific ucontext struct, etc. (Closes: #533763) * Bump Standards-Version to 3.8.2. -- Chris Lamb Wed, 24 Jun 2009 23:54:42 +0100 redis (1:0.900-1) unstable; urgency=low * New upstream release. - Update debian/redis.conf * Update versionmangle in debian/watch. * "/proc/sys/vm/overcommit_memory" message: - Recommend modifying /etc/sysctl.conf instead of using "boot scripts" - Warn after daemonising to avoid message being spammed on every boot. -- Chris Lamb Wed, 17 Jun 2009 10:39:57 +0100 redis (1:0.100-1) unstable; urgency=low * New upstream release. - Update debian/redis.conf -- Chris Lamb Thu, 28 May 2009 00:31:37 +0100 redis (1:0.096-1) unstable; urgency=low * New upstream version. -- Chris Lamb Sat, 09 May 2009 22:16:13 +0100 redis (1:0.095-1) unstable; urgency=low * New upstream version. -- Chris Lamb Sat, 09 May 2009 12:50:26 +0100 redis (1:0.094-3) unstable; urgency=low * Really upload to unstable - I give "debchange -r" less credit than it deserves. -- Chris Lamb Thu, 07 May 2009 22:02:24 +0100 redis (1:0.094-2) experimental; urgency=low * Upload to unstable. * Add libredis-perl package. -- Chris Lamb Wed, 06 May 2009 00:19:35 +0100 redis (1:0.094-1) experimental; urgency=low * New upstream release. * Place libphp-redis package into 'php' section. * Update debian/copyright with new libraries. * Correct Vcs-Browser location. -- Chris Lamb Wed, 06 May 2009 00:08:26 +0100 redis (1.0~beta8-1) experimental; urgency=low * New upstream release. -- Chris Lamb Tue, 24 Mar 2009 22:30:02 +0000 redis (1.0~beta7-1) experimental; urgency=low * Initial release. (Closes: #518700) -- Chris Lamb Fri, 20 Mar 2009 00:37:15 +0000 debian/redis-server.postrm0000664000000000000000000000014412265227024013051 0ustar #!/bin/sh set -e if [ "$1" = "purge" ] then rm -rf /var/lib/redis userdel redis fi #DEBHELPER# debian/redis-server.links0000664000000000000000000000005412265227024012645 0ustar usr/bin/redis-server usr/bin/redis-sentinel