Clickhouse server crash in IAccessStorage::authenticateImpl #84425
Description
Company or project name
Clickhouse Server
Describe what's wrong
A user is created identified with no_password when the server setting allow_no_password was True. If the server setting is changed to False, attempting to login as the same user could crash the Clickhouse server.
Does it reproduce on the most recent release?
Yes
How to reproduce
Check above
Expected behavior
No crash
Error message and/or stacktrace
25.6.2.5671
2. ./ci/tmp/build/./src/Access/IAccessStorage.cpp:570: DB::IAccessStorage::authenticateImpl(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ExternalAuthenticators const&, DB::ClientInfo const&, bool, bool, bool) const
3. ./ci/tmp/build/./src/Access/MultipleAccessStorage.cpp:452: DB::MultipleAccessStorage::authenticateImpl(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ExternalAuthenticators const&, DB::ClientInfo const&, bool, bool, bool) const
4. ./ci/tmp/build/./src/Access/IAccessStorage.cpp:515: DB::IAccessStorage::authenticate(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ExternalAuthenticators const&, DB::ClientInfo const&, bool, bool) const
5. ./ci/tmp/build/./src/Access/AccessControl.cpp:632: DB::AccessControl::authenticate(DB::Credentials const&, Poco::Net::IPAddress const&, DB::ClientInfo const&) const
6. ./ci/tmp/build/./src/Interpreters/Session.cpp:384: DB::Session::authenticate(DB::Credentials const&, Poco::Net::SocketAddress const&, std::vector<String, std::allocator<String>> const&)
7. ./ci/tmp/build/./src/Server/HTTP/authenticateUserByHTTP.cpp:275: DB::authenticateUserByHTTP(DB::HTTPServerRequest const&, DB::HTMLForm const&, DB::HTTPServerResponse&, DB::Session&, std::unique_ptr<DB::Credentials, std::default_delete<DB::Credentials>>&, DB::HTTPHandlerConnectionConfig const&, std::shared_ptr<DB::Context const>, std::shared_ptr<Poco::Logger>)
8. ./ci/tmp/build/./src/Server/HTTPHandler.cpp:208: DB::HTTPHandler::authenticateUser(DB::HTTPServerRequest&, DB::HTMLForm&, DB::HTTPServerResponse&)
9. ./ci/tmp/build/./src/Server/HTTPHandler.cpp:224: DB::HTTPHandler::processQuery(DB::HTTPServerRequest&, DB::HTMLForm&, DB::HTTPServerResponse&, DB::HTTPHandler::Output&, std::optional<DB::CurrentThread::QueryScope>&, StrongTypedef<unsigned long, ProfileEvents::EventTag> const&)
10. ./ci/tmp/build/./src/Server/HTTPHandler.cpp:759: DB::HTTPHandler::handleRequest(DB::HTTPServerRequest&, DB::HTTPServerResponse&, StrongTypedef<unsigned long, ProfileEvents::EventTag> const&)
11. ./ci/tmp/build/./src/Server/HTTP/HTTPServerConnection.cpp:104: DB::HTTPServerConnection::run()
12. ./src/Server/TCPProtocolStackHandler.h:38: DB::TCPProtocolStackHandler::run()
13. ./ci/tmp/build/./base/poco/Net/src/TCPServerConnection.cpp:40: Poco::Net::TCPServerConnection::start()
14. ./ci/tmp/build/./base/poco/Net/src/TCPServerDispatcher.cpp:115: Poco::Net::TCPServerDispatcher::run()
15. ./ci/tmp/build/./base/poco/Foundation/src/ThreadPool.cpp:205: Poco::PooledThread::run()
16. ./base/poco/Foundation/src/Thread_POSIX.cpp:335: Poco::ThreadImpl::runnableEntry(void*)
17. ?
18. ?
Additional context
No response