thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-11-21 15:12:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #23008 from ClickHouse/add-test-2719

Browse Source 
Add a test for #2719
This commit is contained in:
alexey-milovidov 2021-04-14 13:54:36 +03:00 committed by GitHub
commit 86e20905e5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
programs/install/Install.cpp
View File

@ -71,6 +71,9 @@ namespace ErrorCodes
}
/// ANSI escape sequence for intense color in terminal.
#define HILITE "\033[1m"
#define END_HILITE "\033[0m"
using namespace DB;
namespace po = boost::program_options;
@ -563,12 +566,12 @@ int mainEntryClickHouseInstall(int argc, char ** argv)
if (has_password_for_default_user)
{
fmt::print("Password for default user is already specified. To remind or reset, see {} and {}.\n",
fmt::print(HILITE "Password for default user is already specified. To remind or reset, see {} and {}." END_HILITE,
users_config_file.string(), users_d.string());
}
else if (!is_interactive)
{
fmt::print("Password for default user is empty string. See {} and {} to change it.\n",
fmt::print(HILITE "Password for default user is empty string. See {} and {} to change it." END_HILITE,
users_config_file.string(), users_d.string());
}
else

0
tests/queries/0_stateless/01812_basic_auth_http_server.reference Normal file
View File

19
tests/queries/0_stateless/01812_basic_auth_http_server.sh Executable file
View File

@ -0,0 +1,19 @@
#!/usr/bin/env bash
# shellcheck disable=SC2046
# In very old (e.g. 1.1.54385) versions of ClickHouse there was a bug in Poco HTTP library:
# Basic HTTP authentication headers was not parsed if the size of URL is exactly 4077 + something bytes.
# So, the user may get authentication error if valid credentials are passed.
# This is a minor issue because it does not have security implications (at worse the user will be not allowed to access).
CUR_DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)
# shellcheck source=../shell_config.sh
. "$CUR_DIR"/../shell_config.sh
# In this test we do the opposite: passing the invalid credentials while server is accepting default user without a password.
# And if the bug exists, they will be ignored (treat as empty credentials) and query succeed.
for i in {3950..4100}; do ${CLICKHOUSE_CURL} --user default:12345 "${CLICKHOUSE_URL}&query=SELECT+1"$(perl -e "print '+'x$i") | grep -v -F 'password' ||:; done
# You can check that the bug exists in old version by running the old server in Docker:
# docker run --network host -it --rm yandex/clickhouse-server:1.1.54385