When we introduced module based authentication, we provided a way for the module to own the authentication and fail it in case needed.
for this we do not write error reply in case the auth identify there are existing replies in the client reply list:
/* If `err` is provided, this is added as an error reply to the client.
* Otherwise, the standard Auth error is added as a reply. */
void addAuthErrReply(client *c, robj *err) {
if (clientHasPendingReplies(c)) return; <---------- here
if (!err) {
addReplyError(c, "-WRONGPASS invalid username-password pair or user is disabled.");
return;
}
addReplyError(c, err->ptr);
}
However this introduces an issue as the auth might be used inside a transaction or pipeline which already has some pending replies in the client reply list.
example using valkey-cli:
multi
auth no-user 123
exec
Credits to @uriyage for locating this
When we introduced module based authentication, we provided a way for the module to own the authentication and fail it in case needed.
for this we do not write error reply in case the auth identify there are existing replies in the client reply list:
However this introduces an issue as the auth might be used inside a transaction or pipeline which already has some pending replies in the client reply list.
example using valkey-cli:
Credits to @uriyage for locating this