diff options
| author | Michael Paquier | 2021-04-05 01:13:57 +0000 |
|---|---|---|
| committer | Michael Paquier | 2021-04-05 01:13:57 +0000 |
| commit | c50624cdd248c13b4ba199f95e24c88d2cc8a097 (patch) | |
| tree | 6fb036a55f9ad4f15b63cc64c23127d24759de6c /src/test/ssl/t/002_scram.pl | |
| parent | dfc843d465689d2c2af8b0e01c66c51ccaae2343 (diff) | |
Refactor all TAP test suites doing connection checks
This commit refactors more TAP tests to adapt with the recent
introduction of connect_ok() and connect_fails() in PostgresNode,
introduced by 0d1a3343. This changes the following test suites to use
the same code paths for connection checks:
- Kerberos
- LDAP
- SSL
- Authentication
Those routines are extended to be able to handle optional parameters
that are set depending on each suite's needs, as of:
- custom SQL query.
- expected stderr matching pattern.
- expected stdout matching pattern.
The new design is extensible with more parameters, and there are some
plans for those routines in the future with checks based on the contents
of the backend logs.
Author: Jacob Champion, Michael Paquier
Discussion: https://postgr.es/m/[email protected]
Diffstat (limited to 'src/test/ssl/t/002_scram.pl')
| -rw-r--r-- | src/test/ssl/t/002_scram.pl | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/src/test/ssl/t/002_scram.pl b/src/test/ssl/t/002_scram.pl index e31650b931f..583b62b3a18 100644 --- a/src/test/ssl/t/002_scram.pl +++ b/src/test/ssl/t/002_scram.pl @@ -60,8 +60,8 @@ $node->connect_ok( # Test channel_binding $node->connect_fails( "$common_connstr user=ssltestuser channel_binding=invalid_value", - qr/invalid channel_binding value: "invalid_value"/, - "SCRAM with SSL and channel_binding=invalid_value"); + "SCRAM with SSL and channel_binding=invalid_value", + expected_stderr => qr/invalid channel_binding value: "invalid_value"/); $node->connect_ok("$common_connstr user=ssltestuser channel_binding=disable", "SCRAM with SSL and channel_binding=disable"); if ($supports_tls_server_end_point) @@ -74,15 +74,19 @@ else { $node->connect_fails( "$common_connstr user=ssltestuser channel_binding=require", - qr/channel binding is required, but server did not offer an authentication method that supports channel binding/, - "SCRAM with SSL and channel_binding=require"); + "SCRAM with SSL and channel_binding=require", + expected_stderr => + qr/channel binding is required, but server did not offer an authentication method that supports channel binding/ + ); } # Now test when the user has an MD5-encrypted password; should fail $node->connect_fails( "$common_connstr user=md5testuser channel_binding=require", - qr/channel binding required but not supported by server's authentication request/, - "MD5 with SSL and channel_binding=require"); + "MD5 with SSL and channel_binding=require", + expected_stderr => + qr/channel binding required but not supported by server's authentication request/ +); # Now test with auth method 'cert' by connecting to 'certdb'. Should fail, # because channel binding is not performed. Note that ssl/client.key may @@ -93,8 +97,10 @@ copy("ssl/client.key", $client_tmp_key); chmod 0600, $client_tmp_key; $node->connect_fails( "sslcert=ssl/client.crt sslkey=$client_tmp_key sslrootcert=invalid hostaddr=$SERVERHOSTADDR dbname=certdb user=ssltestuser channel_binding=require", - qr/channel binding required, but server authenticated client without channel binding/, - "Cert authentication and channel_binding=require"); + "Cert authentication and channel_binding=require", + expected_stderr => + qr/channel binding required, but server authenticated client without channel binding/ +); # clean up unlink($client_tmp_key); |