This commit is contained in:
Nikolay Degterinsky 2023-01-04 02:20:45 +00:00
parent 9146dd3636
commit 3a20fbdbf6
3 changed files with 16 additions and 6 deletions

View File

@ -805,8 +805,13 @@ void ClientBase::processTextAsSingleQuery(const String & full_query)
/// But for asynchronous inserts we don't extract data, because it's needed
/// to be done on server side in that case (for coalescing the data from multiple inserts on server side).
const auto * insert = parsed_query->as<ASTInsertQuery>();
/// In the case of a CREATE USER query, we should serialize the parsed AST to send
/// the hash of the password, if applicable, to the server instead of the actual password.
const auto * create_user_query = parsed_query->as<ASTCreateUserQuery>();
if (insert && isSyncInsertWithData(*insert, global_context))
query_to_execute = full_query.substr(0, insert->data - full_query.data());
else if (create_user_query)
query_to_execute = serializeAST(*parsed_query);
else
query_to_execute = full_query;
@ -1786,6 +1791,11 @@ MultiQueryProcessingStage ClientBase::analyzeMultiQueryText(
query_to_execute_end = isSyncInsertWithData(*insert_ast, global_context) ? insert_ast->data : this_query_end;
}
/// In the case of a CREATE USER query, we should serialize the parsed AST to send
/// the hash of the password, if applicable, to the server instead of the actual password.
if (const auto * create_user_query = parsed_query->as<ASTCreateUserQuery>())
query_to_execute = serializeAST(*parsed_query);
else
query_to_execute = all_queries_text.substr(this_query_begin - all_queries_text.data(), query_to_execute_end - this_query_begin);
// Try to include the trailing comment with test hints. It is just

View File

@ -110,15 +110,12 @@ BlockIO InterpreterCreateUserQuery::execute()
"Authentication type NO_PASSWORD must be explicitly specified, check the setting allow_implicit_no_password in the server configuration");
if (query.auth_data->getType() == AuthenticationType::NO_PASSWORD && query.temporary_password)
{
query.auth_data = AuthenticationData::makePasswordAuthenticationData(default_password_type, query.temporary_password.value());
}
if (!query.attach && query.temporary_password)
{
access_control.checkPasswordComplexityRules(query.temporary_password.value());
query.temporary_password.reset();
}
std::optional<RolesOrUsersSet> default_roles_from_query;
if (query.default_roles)

View File

@ -157,7 +157,10 @@ namespace
temporary_password = value;
if (!type)
{
auth_data = AuthenticationData{AuthenticationType::NO_PASSWORD};
return true;
}
if (expect_password)
{