mirror of
https://github.com/ClickHouse/ClickHouse.git
synced 2024-11-26 17:41:59 +00:00
Merge pull request #31557 from vitlibar/better-exception-message-wrong-user-hash
Better exception message wrong user hash
This commit is contained in:
commit
9a0d98fa6d
@ -888,7 +888,15 @@ if (ThreadFuzzer::instance().isEffective())
|
||||
access_control.setCustomSettingsPrefixes(config().getString("custom_settings_prefixes"));
|
||||
|
||||
/// Initialize access storages.
|
||||
access_control.addStoragesFromMainConfig(config(), config_path, [&] { return global_context->getZooKeeper(); });
|
||||
try
|
||||
{
|
||||
access_control.addStoragesFromMainConfig(config(), config_path, [&] { return global_context->getZooKeeper(); });
|
||||
}
|
||||
catch (...)
|
||||
{
|
||||
tryLogCurrentException(log);
|
||||
throw;
|
||||
}
|
||||
|
||||
/// Reload config in SYSTEM RELOAD CONFIG query.
|
||||
global_context->setConfigReloadCallback([&]()
|
||||
|
@ -172,7 +172,8 @@ void AccessControl::addUsersConfigStorage(const String & storage_name_, const Po
|
||||
auto new_storage = std::make_shared<UsersConfigAccessStorage>(storage_name_, check_setting_name_function);
|
||||
new_storage->setConfig(users_config_);
|
||||
addStorage(new_storage);
|
||||
LOG_DEBUG(getLogger(), "Added {} access storage '{}', path: {}", String(new_storage->getStorageType()), new_storage->getStorageName(), new_storage->getPath());
|
||||
LOG_DEBUG(getLogger(), "Added {} access storage '{}', path: {}",
|
||||
String(new_storage->getStorageType()), new_storage->getStorageName(), new_storage->getPath());
|
||||
}
|
||||
|
||||
void AccessControl::addUsersConfigStorage(
|
||||
|
@ -133,7 +133,16 @@ void AuthenticationData::setPasswordHashHex(const String & hash)
|
||||
{
|
||||
Digest digest;
|
||||
digest.resize(hash.size() / 2);
|
||||
boost::algorithm::unhex(hash.begin(), hash.end(), digest.data());
|
||||
|
||||
try
|
||||
{
|
||||
boost::algorithm::unhex(hash.begin(), hash.end(), digest.data());
|
||||
}
|
||||
catch (const std::exception &)
|
||||
{
|
||||
throw Exception(ErrorCodes::BAD_ARGUMENTS, "Cannot read password hash in hex, check for valid characters [0-9a-fA-F] and length");
|
||||
}
|
||||
|
||||
setPasswordHashBinary(digest);
|
||||
}
|
||||
|
||||
|
@ -18,7 +18,7 @@ namespace ErrorCodes
|
||||
extern const int KERBEROS_ERROR;
|
||||
}
|
||||
|
||||
GSSAcceptorContext::GSSAcceptorContext(const GSSAcceptorContext::Params& params_)
|
||||
GSSAcceptorContext::GSSAcceptorContext(const GSSAcceptorContext::Params & params_)
|
||||
: params(params_)
|
||||
{
|
||||
}
|
||||
@ -50,7 +50,6 @@ std::recursive_mutex gss_global_mutex;
|
||||
struct PrincipalName
|
||||
{
|
||||
explicit PrincipalName(String principal);
|
||||
// operator String() const;
|
||||
|
||||
String name;
|
||||
std::vector<String> instances;
|
||||
@ -75,24 +74,6 @@ PrincipalName::PrincipalName(String principal)
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
PrincipalName::operator String() const
|
||||
{
|
||||
String principal = name;
|
||||
|
||||
for (const auto & instance : instances)
|
||||
{
|
||||
principal += '/';
|
||||
principal += instance;
|
||||
}
|
||||
|
||||
principal += '@';
|
||||
principal += realm;
|
||||
|
||||
return principal;
|
||||
}
|
||||
*/
|
||||
|
||||
String bufferToString(const gss_buffer_desc & buf)
|
||||
{
|
||||
String str;
|
||||
|
@ -30,7 +30,7 @@ public:
|
||||
String realm;
|
||||
};
|
||||
|
||||
explicit GSSAcceptorContext(const Params& params_);
|
||||
explicit GSSAcceptorContext(const Params & params_);
|
||||
virtual ~GSSAcceptorContext() override;
|
||||
|
||||
GSSAcceptorContext(const GSSAcceptorContext &) = delete;
|
||||
|
@ -208,8 +208,19 @@ namespace
|
||||
|
||||
std::vector<AccessEntityPtr> users;
|
||||
users.reserve(user_names.size());
|
||||
|
||||
for (const auto & user_name : user_names)
|
||||
users.push_back(parseUser(config, user_name));
|
||||
{
|
||||
try
|
||||
{
|
||||
users.push_back(parseUser(config, user_name));
|
||||
}
|
||||
catch (Exception & e)
|
||||
{
|
||||
e.addMessage(fmt::format("while parsing user '{}' in users configuration file", user_name));
|
||||
throw;
|
||||
}
|
||||
}
|
||||
|
||||
return users;
|
||||
}
|
||||
@ -275,14 +286,25 @@ namespace
|
||||
|
||||
Poco::Util::AbstractConfiguration::Keys quota_names;
|
||||
config.keys("quotas", quota_names);
|
||||
|
||||
std::vector<AccessEntityPtr> quotas;
|
||||
quotas.reserve(quota_names.size());
|
||||
|
||||
for (const auto & quota_name : quota_names)
|
||||
{
|
||||
auto it = quota_to_user_ids.find(quota_name);
|
||||
const std::vector<UUID> & quota_users = (it != quota_to_user_ids.end()) ? std::move(it->second) : std::vector<UUID>{};
|
||||
quotas.push_back(parseQuota(config, quota_name, quota_users));
|
||||
try
|
||||
{
|
||||
auto it = quota_to_user_ids.find(quota_name);
|
||||
const std::vector<UUID> & quota_users = (it != quota_to_user_ids.end()) ? std::move(it->second) : std::vector<UUID>{};
|
||||
quotas.push_back(parseQuota(config, quota_name, quota_users));
|
||||
}
|
||||
catch (Exception & e)
|
||||
{
|
||||
e.addMessage(fmt::format("while parsing quota '{}' in users configuration file", quota_name));
|
||||
throw;
|
||||
}
|
||||
}
|
||||
|
||||
return quotas;
|
||||
}
|
||||
|
||||
@ -440,11 +462,24 @@ namespace
|
||||
const Poco::Util::AbstractConfiguration & config,
|
||||
Fn<void(std::string_view)> auto && check_setting_name_function)
|
||||
{
|
||||
std::vector<AccessEntityPtr> profiles;
|
||||
Poco::Util::AbstractConfiguration::Keys profile_names;
|
||||
config.keys("profiles", profile_names);
|
||||
|
||||
std::vector<AccessEntityPtr> profiles;
|
||||
profiles.reserve(profile_names.size());
|
||||
|
||||
for (const auto & profile_name : profile_names)
|
||||
profiles.push_back(parseSettingsProfile(config, profile_name, check_setting_name_function));
|
||||
{
|
||||
try
|
||||
{
|
||||
profiles.push_back(parseSettingsProfile(config, profile_name, check_setting_name_function));
|
||||
}
|
||||
catch (Exception & e)
|
||||
{
|
||||
e.addMessage(fmt::format("while parsing profile '{}' in users configuration file", profile_name));
|
||||
throw;
|
||||
}
|
||||
}
|
||||
|
||||
return profiles;
|
||||
}
|
||||
@ -499,16 +534,24 @@ void UsersConfigAccessStorage::setConfig(const Poco::Util::AbstractConfiguration
|
||||
|
||||
void UsersConfigAccessStorage::parseFromConfig(const Poco::Util::AbstractConfiguration & config)
|
||||
{
|
||||
std::vector<std::pair<UUID, AccessEntityPtr>> all_entities;
|
||||
for (const auto & entity : parseUsers(config))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
for (const auto & entity : parseQuotas(config))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
for (const auto & entity : parseRowPolicies(config))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
for (const auto & entity : parseSettingsProfiles(config, check_setting_name_function))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
memory_storage.setAll(all_entities);
|
||||
try
|
||||
{
|
||||
std::vector<std::pair<UUID, AccessEntityPtr>> all_entities;
|
||||
for (const auto & entity : parseUsers(config))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
for (const auto & entity : parseQuotas(config))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
for (const auto & entity : parseRowPolicies(config))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
for (const auto & entity : parseSettingsProfiles(config, check_setting_name_function))
|
||||
all_entities.emplace_back(generateID(*entity), entity);
|
||||
memory_storage.setAll(all_entities);
|
||||
}
|
||||
catch (Exception & e)
|
||||
{
|
||||
e.addMessage(fmt::format("while loading {}", path.empty() ? "configuration" : ("configuration file " + quoteString(path))));
|
||||
throw;
|
||||
}
|
||||
}
|
||||
|
||||
void UsersConfigAccessStorage::load(
|
||||
|
Loading…
Reference in New Issue
Block a user