diff --git a/src/Access/Authentication.cpp b/src/Access/Authentication.cpp index 3acf8a89b70..90c82b466db 100644 --- a/src/Access/Authentication.cpp +++ b/src/Access/Authentication.cpp @@ -248,7 +248,7 @@ bool Authentication::areCredentialsValid( return true; // Wildcard support (1 only) - if (subject.contains('*')) + if (subject.contains('*')) { auto prefix = std::string_view(subject).substr(0, subject.find('*')); auto suffix = std::string_view(subject).substr(subject.find('*') + 1); diff --git a/tests/integration/test_ssl_cert_authentication/configs/ssl_config.xml b/tests/integration/test_ssl_cert_authentication/configs/ssl_config.xml old mode 100755 new mode 100644 diff --git a/tests/integration/test_ssl_cert_authentication/configs/users_with_ssl_auth.xml b/tests/integration/test_ssl_cert_authentication/configs/users_with_ssl_auth.xml old mode 100755 new mode 100644 diff --git a/tests/integration/test_ssl_cert_authentication/test.py b/tests/integration/test_ssl_cert_authentication/test.py index 1adfa4855f1..26ee33f3f6f 100644 --- a/tests/integration/test_ssl_cert_authentication/test.py +++ b/tests/integration/test_ssl_cert_authentication/test.py @@ -370,14 +370,19 @@ def test_x509_san_support(): == "CREATE USER jemma IDENTIFIED WITH ssl_certificate SAN \\'URI:spiffe://foo.com/bar\\', \\'URI:spiffe://foo.com/baz\\'\n" ) + def test_x509_san_wildcard_support(): assert ( - execute_query_native(instance, "SELECT currentUser()", user="stewie", cert_name="client5") + execute_query_native( + instance, "SELECT currentUser()", user="stewie", cert_name="client5" + ) == "stewie\n" ) assert ( - instance.query("SELECT name, auth_type, auth_params FROM system.users WHERE name='stewie'") + instance.query( + "SELECT name, auth_type, auth_params FROM system.users WHERE name='stewie'" + ) == 'stewie\tssl_certificate\t{"subject_alt_names":["URI:spiffe:\\\\/\\\\/bar.com\\\\/foo\\\\/*\\\\/far"]}\n' )