Fixes empty password issue (#6417)

(cherry picked from commit 89aa9a015f)
2022-10-11 15:56:44 +03:00 · 2022-10-11 15:56:44 +03:00 · b1a72bb822
parent 39225963c7
commit b1a72bb822
3 changed files with 67 additions and 7 deletions
--- a/src/backend/distributed/commands/role.c
+++ b/src/backend/distributed/commands/role.c
@ -344,17 +344,23 @@ ExtractEncryptedPassword(Oid roleOid)
 	Datum passwordDatum = heap_getattr(tuple, Anum_pg_authid_rolpassword,
 									   pgAuthIdDescription, &isNull);
-	char *passwordCstring = TextDatumGetCString(passwordDatum);
+
 	/*
 	 * In PG, an empty password is treated the same as NULL.
 	 * So we propagate NULL password to the other nodes, even if
 	 * the user supplied an empty password
 	 */
 	char *passwordCstring = NULL;
 	if (!isNull)
 	{
 		passwordCstring = pstrdup(TextDatumGetCString(passwordDatum));
 	}
 	table_close(pgAuthId, AccessShareLock);
 	ReleaseSysCache(tuple);
-	if (isNull)
+	return passwordCstring;
 	{
 		return NULL;
 	}
 	return pstrdup(passwordCstring);
 }
--- a/src/test/regress/expected/alter_role_propagation.out
+++ b/src/test/regress/expected/alter_role_propagation.out
@ -319,5 +319,42 @@ SELECT COUNT(*) FROM public.test_search_path;
 (1 row)
 ALTER USER current_user RESET search_path;
 -- test empty/null password: it is treated the same as no password
 SET password_encryption TO md5;
 CREATE ROLE new_role;
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
 worker_password | coord_password
 ---------------------------------------------------------------------
                 |
                 |
 (2 rows)
 ALTER ROLE new_role PASSWORD '';
 NOTICE:  empty string is not a valid password, clearing password
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
 worker_password | coord_password
 ---------------------------------------------------------------------
                 |
                 |
 (2 rows)
 ALTER ROLE new_role PASSWORD 'new_password';
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password, workers.result = pg_authid.rolpassword AS password_is_same FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
           worker_password           |           coord_password            | password_is_same
 ---------------------------------------------------------------------
 md51a28da0f1a2416525eec435bdce8cbbe | md51a28da0f1a2416525eec435bdce8cbbe | t
 md51a28da0f1a2416525eec435bdce8cbbe | md51a28da0f1a2416525eec435bdce8cbbe | t
 (2 rows)
 ALTER ROLE new_role PASSWORD NULL;
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
 worker_password | coord_password
 ---------------------------------------------------------------------
                 |
                 |
 (2 rows)
 RESET password_encryption;
 DROP ROLE new_role;
 DROP TABLE test_search_path;
 DROP SCHEMA alter_role, ",CitUs,.TeeN!?", test_sp CASCADE;
--- a/src/test/regress/sql/alter_role_propagation.sql
+++ b/src/test/regress/sql/alter_role_propagation.sql
@ -102,5 +102,22 @@ ALTER USER current_user SET search_path TO test_sp;
 SELECT COUNT(*) FROM public.test_search_path;
 ALTER USER current_user RESET search_path;
 -- test empty/null password: it is treated the same as no password
 SET password_encryption TO md5;
 CREATE ROLE new_role;
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
 ALTER ROLE new_role PASSWORD '';
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
 ALTER ROLE new_role PASSWORD 'new_password';
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password, workers.result = pg_authid.rolpassword AS password_is_same FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
 ALTER ROLE new_role PASSWORD NULL;
 SELECT workers.result AS worker_password, pg_authid.rolpassword AS coord_password FROM run_command_on_workers($$SELECT rolpassword FROM pg_authid WHERE rolname = 'new_role'$$) workers, pg_authid WHERE pg_authid.rolname = 'new_role';
 RESET password_encryption;
 DROP ROLE new_role;
 DROP TABLE test_search_path;
 DROP SCHEMA alter_role, ",CitUs,.TeeN!?", test_sp CASCADE;