Describe the bug
Loopback address doesn't account for the whole 127.0.0.0/8 range.
This is a problem when protected mode is enabled as local clients can't connect anymore.
To reproduce
$ cat redis.conf
bind 127.0.1.8
protected-mode yes
…
# ifconfig lo1 # FreeBSD host
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 fe80::1%lo1 prefixlen 64 scopeid 0x3
inet 127.0.1.8 netmask 0xffffffff
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
$ redis-cli -h 127.0.1.8
127.0.1.8:6379> redis-cli keys \*
(error) DENIED Redis is running in protected mode because protected mode is enabled and no password is set for the default user…
Expected behavior
Local clients should be able to connect to all loopback interfaces in protected mode.
Additional information
- I haven't teste the setup on Linux but I expect
127.0.1.8to be a valid loopback address as well - I suspect the culprit to be
isLocalClient() - My workaround is to connect to a UNIX socket instead. But I need to set
unixsocketperm 777for other non-redis processes to connect.
Comment From: igxlin
Hi @foudfou , I created an PR to use the loopback address instead of fixed 127.0.0.1. Could you help check if it works for you?
Comment From: foudfou
Works like a charm @igxlin. Thx a lot for the quick fix and kudos for the patch!