mirror of
https://github.com/postgres/postgres.git
synced 2025-08-21 10:42:50 +03:00
Post-PG 10 beta1 pgperltidy run
This commit is contained in:
Bruce Momjian
@@ -11,7 +11,7 @@ use warnings;
|
||||
use PostgresNode;
|
||||
use TestLib;
|
||||
use Test::More;
|
||||
if ($windows_os)
|
||||
if ($windows_os)
|
||||
{
|
||||
plan skip_all => "authentication tests cannot run on Windows";
|
||||
}
|
||||
@@ -25,7 +25,7 @@ else
|
||||
# and then execute a reload to refresh it.
|
||||
sub reset_pg_hba
|
||||
{
|
||||
my $node = shift;
|
||||
my $node = shift;
|
||||
my $hba_method = shift;
|
||||
|
||||
unlink($node->data_dir . '/pg_hba.conf');
|
||||
@@ -36,17 +36,18 @@ sub reset_pg_hba
|
||||
# Test access for a single role, useful to wrap all tests into one.
|
||||
sub test_role
|
||||
{
|
||||
my $node = shift;
|
||||
my $role = shift;
|
||||
my $method = shift;
|
||||
my $expected_res = shift;
|
||||
my $node = shift;
|
||||
my $role = shift;
|
||||
my $method = shift;
|
||||
my $expected_res = shift;
|
||||
my $status_string = 'failed';
|
||||
|
||||
$status_string = 'success' if ($expected_res eq 0);
|
||||
|
||||
my $res = $node->psql('postgres', 'SELECT 1', extra_params => ['-U', $role]);
|
||||
my $res =
|
||||
$node->psql('postgres', 'SELECT 1', extra_params => [ '-U', $role ]);
|
||||
is($res, $expected_res,
|
||||
"authentication $status_string for method $method, role $role");
|
||||
"authentication $status_string for method $method, role $role");
|
||||
}
|
||||
|
||||
# Initialize master node
|
||||
@@ -56,27 +57,30 @@ $node->start;
|
||||
|
||||
# Create 3 roles with different password methods for each one. The same
|
||||
# password is used for all of them.
|
||||
$node->safe_psql('postgres', "SET password_encryption='scram-sha-256'; CREATE ROLE scram_role LOGIN PASSWORD 'pass';");
|
||||
$node->safe_psql('postgres', "SET password_encryption='md5'; CREATE ROLE md5_role LOGIN PASSWORD 'pass';");
|
||||
$node->safe_psql('postgres',
|
||||
"SET password_encryption='scram-sha-256'; CREATE ROLE scram_role LOGIN PASSWORD 'pass';"
|
||||
);
|
||||
$node->safe_psql('postgres',
|
||||
"SET password_encryption='md5'; CREATE ROLE md5_role LOGIN PASSWORD 'pass';");
|
||||
$ENV{"PGPASSWORD"} = 'pass';
|
||||
|
||||
# For "trust" method, all users should be able to connect.
|
||||
reset_pg_hba($node, 'trust');
|
||||
test_role($node, 'scram_role', 'trust', 0);
|
||||
test_role($node, 'md5_role', 'trust', 0);
|
||||
test_role($node, 'md5_role', 'trust', 0);
|
||||
|
||||
# For plain "password" method, all users should also be able to connect.
|
||||
reset_pg_hba($node, 'password');
|
||||
test_role($node, 'scram_role', 'password', 0);
|
||||
test_role($node, 'md5_role', 'password', 0);
|
||||
test_role($node, 'md5_role', 'password', 0);
|
||||
|
||||
# For "scram-sha-256" method, user "scram_role" should be able to connect.
|
||||
reset_pg_hba($node, 'scram-sha-256');
|
||||
test_role($node, 'scram_role', 'scram-sha-256', 0);
|
||||
test_role($node, 'md5_role', 'scram-sha-256', 2);
|
||||
test_role($node, 'md5_role', 'scram-sha-256', 2);
|
||||
|
||||
# For "md5" method, all users should be able to connect (SCRAM
|
||||
# authentication will be performed for the user with a scram verifier.)
|
||||
reset_pg_hba($node, 'md5');
|
||||
test_role($node, 'scram_role', 'md5', 0);
|
||||
test_role($node, 'md5_role', 'md5', 0);
|
||||
test_role($node, 'md5_role', 'md5', 0);
|
||||
|
||||
@@ -8,7 +8,7 @@ use warnings;
|
||||
use PostgresNode;
|
||||
use TestLib;
|
||||
use Test::More;
|
||||
if ($windows_os)
|
||||
if ($windows_os)
|
||||
{
|
||||
plan skip_all => "authentication tests cannot run on Windows";
|
||||
}
|
||||
@@ -21,7 +21,7 @@ else
|
||||
# and then execute a reload to refresh it.
|
||||
sub reset_pg_hba
|
||||
{
|
||||
my $node = shift;
|
||||
my $node = shift;
|
||||
my $hba_method = shift;
|
||||
|
||||
unlink($node->data_dir . '/pg_hba.conf');
|
||||
@@ -32,24 +32,26 @@ sub reset_pg_hba
|
||||
# Test access for a single role, useful to wrap all tests into one.
|
||||
sub test_login
|
||||
{
|
||||
my $node = shift;
|
||||
my $role = shift;
|
||||
my $password = shift;
|
||||
my $expected_res = shift;
|
||||
my $node = shift;
|
||||
my $role = shift;
|
||||
my $password = shift;
|
||||
my $expected_res = shift;
|
||||
my $status_string = 'failed';
|
||||
|
||||
$status_string = 'success' if ($expected_res eq 0);
|
||||
|
||||
$ENV{"PGPASSWORD"} = $password;
|
||||
my $res = $node->psql('postgres', 'SELECT 1', extra_params => ['-U', $role]);
|
||||
my $res =
|
||||
$node->psql('postgres', 'SELECT 1', extra_params => [ '-U', $role ]);
|
||||
is($res, $expected_res,
|
||||
"authentication $status_string for role $role with password $password");
|
||||
"authentication $status_string for role $role with password $password"
|
||||
);
|
||||
}
|
||||
|
||||
# Initialize master node. Force UTF-8 encoding, so that we can use non-ASCII
|
||||
# characters in the passwords below.
|
||||
my $node = get_new_node('master');
|
||||
$node->init(extra => ['--locale=C', '--encoding=UTF8']);
|
||||
$node->init(extra => [ '--locale=C', '--encoding=UTF8' ]);
|
||||
$node->start;
|
||||
|
||||
# These tests are based on the example strings from RFC4013.txt,
|
||||
@@ -66,8 +68,9 @@ $node->start;
|
||||
# 7 <U+0627><U+0031> Error - bidirectional check
|
||||
|
||||
# Create test roles.
|
||||
$node->safe_psql('postgres',
|
||||
"SET password_encryption='scram-sha-256';
|
||||
$node->safe_psql(
|
||||
'postgres',
|
||||
"SET password_encryption='scram-sha-256';
|
||||
SET client_encoding='utf8';
|
||||
CREATE ROLE saslpreptest1_role LOGIN PASSWORD 'IX';
|
||||
CREATE ROLE saslpreptest4a_role LOGIN PASSWORD 'a';
|
||||
@@ -80,23 +83,23 @@ CREATE ROLE saslpreptest7_role LOGIN PASSWORD E'foo\\u0627\\u0031bar';
|
||||
reset_pg_hba($node, 'scram-sha-256');
|
||||
|
||||
# Check that #1 and #5 are treated the same as just 'IX'
|
||||
test_login($node, 'saslpreptest1_role', "I\xc2\xadX", 0);
|
||||
test_login($node, 'saslpreptest1_role', "I\xc2\xadX", 0);
|
||||
test_login($node, 'saslpreptest1_role', "\xe2\x85\xa8", 0);
|
||||
|
||||
# but different from lower case 'ix'
|
||||
test_login($node, 'saslpreptest1_role', "ix", 2);
|
||||
|
||||
# Check #4
|
||||
test_login($node, 'saslpreptest4a_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4a_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4a_role', "\xc2\xaa", 0);
|
||||
test_login($node, 'saslpreptest4b_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4b_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4b_role', "\xc2\xaa", 0);
|
||||
|
||||
# Check #6 and #7 - In PostgreSQL, contrary to the spec, if the password
|
||||
# contains prohibited characters, we use it as is, without normalization.
|
||||
test_login($node, 'saslpreptest6_role', "foo\x07bar", 0);
|
||||
test_login($node, 'saslpreptest6_role', "foobar", 2);
|
||||
test_login($node, 'saslpreptest6_role', "foobar", 2);
|
||||
|
||||
test_login($node, 'saslpreptest7_role', "foo\xd8\xa71bar", 0);
|
||||
test_login($node, 'saslpreptest7_role', "foo1\xd8\xa7bar", 2);
|
||||
test_login($node, 'saslpreptest7_role', "foobar", 2);
|
||||
test_login($node, 'saslpreptest7_role', "foobar", 2);
|
||||
|
||||
Reference in New Issue
Block a user