Caching: Fix race #1259

eloycoto · 2021-02-12T12:40:54Z

When caching is disabled with none, the cache key can be in there, and a
race condition can be happend with this.

To test this:

Strict caching mode
Made a request, 200 OK cache.set("$KEY", 200)
Update config to none
apicast/proxy:authorize -> cache.get($KEY) is 200
request go to the API
Authrep, cache for $KEY is deleted.

Next request will return 403.

Fixed behaviour:

Strict caching mode
Made a request, 200 OK cache.set("$KEY", 200)
Update config to none
apicast/proxy:authorize -> cache.get($KEY) is 200
cache_is_disabled = true -> execute backend call.
request go to the API, and fails
Authrep, cache for $KEY is deleted.

Fix THREESCALE-4464

Signed-off-by: Eloy Coto eloy.coto@acalustra.com

davidor · 2021-03-22T09:29:09Z

gateway/src/apicast/policy/caching/caching.lua

@@ -101,17 +101,29 @@ local function handler(config)
  return res
 end

+local function is_disabled(config)
+  if config.caching_type and config.caching_type == "none" then


This can be simplified:

return config.caching_type and config.caching_type == "none"

When caching is disabled with none, the cache key can be in there, and a race condition can be happend with this. To test this: 1) Strict caching mode 2) Made a request, 200 OK cache.set("$KEY", 200) 3) Update config to none 4) apicast/proxy:authorize -> cache.get($KEY) is 200 5) request go to the API 6) Authrep, cache for $KEY is deleted. Next request will return 403. Fixed behaviour: 1) Strict caching mode 2) Made a request, 200 OK cache.set("$KEY", 200) 3) Update config to none 4) apicast/proxy:authorize -> cache.get($KEY) is 200 5) cache_is_disabled = true -> execute backend call. 5) request go to the API, and fails 6) Authrep, cache for $KEY is deleted. Fix THREESCALE-4464 Signed-off-by: Eloy Coto <eloy.coto@acalustra.com>

unleashed

This looks ok if the expectation is that caching will be enabled by default and only disabled when explicitly set to none. Is this assumption correct? Other than that, LGTM.

eloycoto · 2021-08-17T14:56:07Z

This looks ok if the expectation is that caching will be enabled by default and only disabled when explicitly set to none. Is this assumption correct? Other than that, LGTM.

YUP

eloycoto requested a review from a team as a code owner February 12, 2021 12:40

eloycoto force-pushed the THREESCALE-4464b branch 2 times, most recently from 1292bbf to 79f07b6 Compare February 12, 2021 14:39

davidor reviewed Mar 22, 2021

View reviewed changes

eloycoto force-pushed the THREESCALE-4464b branch 2 times, most recently from 20a6a46 to b7ee759 Compare August 17, 2021 13:41

eloycoto force-pushed the THREESCALE-4464b branch from b7ee759 to 85c0f78 Compare August 17, 2021 13:47

unleashed approved these changes Aug 17, 2021

View reviewed changes

eloycoto merged commit f35033e into master Aug 17, 2021

eguzki deleted the THREESCALE-4464b branch August 17, 2022 11:13

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Caching: Fix race #1259

Caching: Fix race #1259

eloycoto commented Feb 12, 2021

davidor Mar 22, 2021

unleashed left a comment

eloycoto commented Aug 17, 2021

Caching: Fix race #1259

Caching: Fix race #1259

Conversation

eloycoto commented Feb 12, 2021

davidor Mar 22, 2021

Choose a reason for hiding this comment

unleashed left a comment

Choose a reason for hiding this comment

eloycoto commented Aug 17, 2021