Fix bogus authentication error for unquoted user name in remote() table function by alexey-milovidov · Pull Request #104465 · ClickHouse/ClickHouse · GitHub
Skip to content

Fix bogus authentication error for unquoted user name in remote() table function#104465

Merged
alexey-milovidov merged 7 commits into
masterfrom
fix-remote-unquoted-username
May 11, 2026
Merged

Fix bogus authentication error for unquoted user name in remote() table function#104465
alexey-milovidov merged 7 commits into
masterfrom
fix-remote-unquoted-username

Conversation

@alexey-milovidov

@alexey-milovidov alexey-milovidov commented May 9, 2026

Copy link
Copy Markdown
Member

Closes #33816.

Previously a bare identifier in the user-name position of remote and remoteSecure was silently treated as a sharding key, so a query like

SELECT count() FROM remoteSecure('host', default, github_events, explorer)

attempted to authenticate as default (with no password) and failed with the misleading

Code: 516. DB::Exception: default: Authentication failed: password is incorrect, or there is no user with such name.

The user name now also accepts unquoted identifiers, consistent with how the database and table arguments work. The password still must be a string literal.

Changelog category (leave one):

  • Bug Fix (user-visible misbehavior in an official stable release)

Changelog entry (a user-readable short description of the changes that goes into CHANGELOG.md):

Allow an unquoted identifier as the user name in the remote and remoteSecure table functions, mirroring how the database and table arguments accept unquoted identifiers. Previously such a query failed with a misleading authentication error referring to the default user.

Documentation entry for user-facing changes

  • Documentation is written (mandatory for new features)

Version info

  • Merged into: 26.5.1.540

Previously a bare identifier in the user-name position of `remote` and
`remoteSecure` was silently treated as a sharding key, so a query like

    SELECT count() FROM remoteSecure('host', default, github_events, explorer)

attempted to authenticate as `default` (with no password) and failed
with the misleading error

    default: Authentication failed: password is incorrect, or there is
    no user with such name.

The user name now also accepts unquoted identifiers, consistent with
how the database and table arguments work. The password still must be
a string literal.

Closes #33816.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@clickhouse-gh

clickhouse-gh Bot commented May 9, 2026

Copy link
Copy Markdown
Contributor

@clickhouse-gh clickhouse-gh Bot added the pr-bugfix Pull request with bugfix, not backported by default label May 9, 2026
Comment thread src/TableFunctions/TableFunctionRemote.cpp Outdated
alexey-milovidov and others added 4 commits May 9, 2026 22:24
The previous commit changes parsing in the `remote` and `remoteSecure`
table functions so that a bare identifier in the user-name position is
interpreted as the user name (rather than silently treated as a sharding
key). Existing tests that relied on the old behaviour were passing a
bare column name as the sharding key, which now collides with that
position and causes `AUTHENTICATION_FAILED`.

Wrap those sharding-key arguments in `identity` to match the convention
already used in `01932_remote_sharding_key_column.sql`.

Affected fast-test failures:
  https://s3.amazonaws.com/clickhouse-test-reports/json.html?PR=104465&sha=87611b6c25445b8e512ed7f863bfb69b357c845d&name_0=PR&name_1=Fast%20test

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Master picked up another `04212_*` test, so rename ours to `04213_*` to
keep test numbering unique.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@alexey-milovidov

Copy link
Copy Markdown
Member Author

Let's not break the compatibility.
Instead, accept username as an identifier only if there is a subsequent argument with a password.

alexey-milovidov and others added 2 commits May 10, 2026 17:30
Per review feedback, accept an unquoted identifier as the user name only
when it is followed by a string-literal password. This preserves the
historical behavior of `remote('host', db.table, sharding_key)`, where a
bare identifier at the same position is silently treated as a sharding
key (e.g. `remote('127.1', system.one, identity(dummy))` or, more
importantly, code passing a column reference there).

The previous version of this PR accepted a bare identifier as the user
name unconditionally, which would have changed the meaning of existing
queries that relied on a single trailing identifier being parsed as a
sharding key.

With this change:
- `remote('host', db.table, 'user', 'password')` -- unchanged
- `remote('host', db.table, user, 'password')`   -- now also valid
- `remote('host', db.table, sharding_key_ident)` -- unchanged (identifier
  with no subsequent literal password still falls through to the
  sharding-key slot)

This reverts the unrelated `identity(...)` wrappings introduced in the
previous revision of this PR, since they are no longer required.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@clickhouse-gh

clickhouse-gh Bot commented May 11, 2026

Copy link
Copy Markdown
Contributor

LLVM Coverage Report

Metric Baseline Current Δ
Lines 84.10% 84.10% +0.00%
Functions 91.10% 91.10% +0.00%
Branches 76.60% 76.60% +0.00%

Changed lines: 100.00% (15/15) · Uncovered code

Full report · Diff report

@alexey-milovidov alexey-milovidov requested a review from pufit May 11, 2026 15:27

@alexey-milovidov alexey-milovidov left a comment

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok.

@alexey-milovidov alexey-milovidov self-assigned this May 11, 2026
@alexey-milovidov alexey-milovidov added this pull request to the merge queue May 11, 2026
Merged via the queue into master with commit 480d2af May 11, 2026
165 checks passed
@alexey-milovidov alexey-milovidov deleted the fix-remote-unquoted-username branch May 11, 2026 22:12
@robot-clickhouse robot-clickhouse added the pr-synced-to-cloud The PR is synced to the cloud repo label May 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

pr-bugfix Pull request with bugfix, not backported by default pr-synced-to-cloud The PR is synced to the cloud repo

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Bogus exception if user name is specified without quotes in table function remote

2 participants