mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-12-03 13:02:00 +00:00
Clear password from command line #11624
This commit is contained in:
parent
561d4b5b01
commit
07ba7ffea5
@ -18,6 +18,7 @@
|
||||
#include <Common/ConcurrentBoundedQueue.h>
|
||||
#include <Common/Exception.h>
|
||||
#include <Common/randomSeed.h>
|
||||
#include <Common/clearPasswordFromCommandLine.h>
|
||||
#include <Core/Types.h>
|
||||
#include <IO/ReadBufferFromFileDescriptor.h>
|
||||
#include <IO/WriteBufferFromFileDescriptor.h>
|
||||
@ -539,7 +540,7 @@ int mainEntryClickHouseBenchmark(int argc, char ** argv)
|
||||
("password", value<std::string>()->default_value(""), "")
|
||||
("database", value<std::string>()->default_value("default"), "")
|
||||
("stacktrace", "print stack traces of exceptions")
|
||||
("confidence", value<size_t>()->default_value(5), "set the level of confidence for T-test [0=80%, 1=90%, 2=95%, 3=98%, 4=99%, 5=99.5%(default)")
|
||||
("confidence", value<size_t>()->default_value(5), "set the level of confidence for T-test [0=80%, 1=90%, 2=95%, 3=98%, 4=99%, 5=99.5%(default)")
|
||||
("query_id", value<std::string>()->default_value(""), "")
|
||||
;
|
||||
|
||||
@ -550,6 +551,8 @@ int mainEntryClickHouseBenchmark(int argc, char ** argv)
|
||||
boost::program_options::store(boost::program_options::parse_command_line(argc, argv, desc), options);
|
||||
boost::program_options::notify(options);
|
||||
|
||||
clearPasswordFromCommandLine(argc, argv);
|
||||
|
||||
if (options.count("help"))
|
||||
{
|
||||
std::cout << "Usage: " << argv[0] << " [options] < queries.txt\n";
|
||||
|
@ -38,6 +38,7 @@
|
||||
#include <Common/Throttler.h>
|
||||
#include <Common/StringUtils/StringUtils.h>
|
||||
#include <Common/typeid_cast.h>
|
||||
#include <Common/clearPasswordFromCommandLine.h>
|
||||
#include <Common/Config/ConfigProcessor.h>
|
||||
#include <Core/Types.h>
|
||||
#include <Core/QueryProcessingStage.h>
|
||||
@ -2006,6 +2007,7 @@ public:
|
||||
|
||||
argsToConfig(common_arguments, config(), 100);
|
||||
|
||||
clearPasswordFromCommandLine(argc, argv);
|
||||
}
|
||||
};
|
||||
|
||||
|
18
src/Common/clearPasswordFromCommandLine.cpp
Normal file
18
src/Common/clearPasswordFromCommandLine.cpp
Normal file
@ -0,0 +1,18 @@
|
||||
#include <string.h>
|
||||
#include "clearPasswordFromCommandLine.h"
|
||||
|
||||
void clearPasswordFromCommandLine(int argc, char ** argv)
|
||||
{
|
||||
for (int arg = 1; arg < argc; ++arg)
|
||||
{
|
||||
if (arg + 1 < argc && 0 == strcmp(argv[arg], "--password"))
|
||||
{
|
||||
++arg;
|
||||
memset(argv[arg], 0, strlen(argv[arg]));
|
||||
}
|
||||
else if (0 == strncmp(argv[arg], "--password=", strlen("--password=")))
|
||||
{
|
||||
memset(argv[arg] + strlen("--password="), 0, strlen(argv[arg]) - strlen("--password="));
|
||||
}
|
||||
}
|
||||
}
|
6
src/Common/clearPasswordFromCommandLine.h
Normal file
6
src/Common/clearPasswordFromCommandLine.h
Normal file
@ -0,0 +1,6 @@
|
||||
#pragma once
|
||||
|
||||
/** If there are --password=... or --password ... arguments in command line, replace their values with zero bytes.
|
||||
* This is needed to prevent password exposure in 'ps' and similar tools.
|
||||
*/
|
||||
void clearPasswordFromCommandLine(int argc, char ** argv);
|
@ -30,6 +30,7 @@ SRCS(
|
||||
Config/configReadClient.cpp
|
||||
Config/ConfigReloader.cpp
|
||||
createHardLink.cpp
|
||||
clearPasswordFromCommandLine.cpp
|
||||
CurrentMetrics.cpp
|
||||
CurrentThread.cpp
|
||||
DNSResolver.cpp
|
||||
|
Loading…
Reference in New Issue
Block a user