Generate new LOG for "trust" connections under log_connections

Adding an extra LOG for connections that have not set an authn ID, like when the "trust" authentication method is used, is useful for audit purposes. A couple of TAP tests for SSL and authentication need to be tweaked to adapt to this new LOG generated, as some scenarios expected no logs but they now get a hit. Reported-by: Shaun Thomas Author: Jacob Champion Reviewed-by: Robert Haas, Michael Paquier Discussion: https://postgr.es/m/CAFdbL1N7-GF-ZXKaB3XuGA+CkSmnjFvqb8hgjMnDfd+uhL2u-A@mail.gmail.com
2025-09-09 13:09:39 +03:00 · 2023-08-26 20:11:19 +09:00
parent 1a4fd77db8
commit e48b19c5db
3 changed files with 24 additions and 8 deletions
--- a/src/test/authentication/t/001_password.pl
+++ b/src/test/authentication/t/001_password.pl
@@ -136,13 +136,13 @@ SKIP:
 # Create a database to test regular expression.
 $node->safe_psql('postgres', "CREATE database regex_testdb;");

-# For "trust" method, all users should be able to connect. These users are not
-# considered to be authenticated.
+# For "trust" method, all users should be able to connect.
 reset_pg_hba($node, 'all', 'all', 'trust');
 test_conn($node, 'user=scram_role', 'trust', 0,
-	log_unlike => [qr/connection authenticated:/]);
+	log_like =>
+	  [qr/connection authenticated: user="scram_role" method=trust/]);
 test_conn($node, 'user=md5_role', 'trust', 0,
-	log_unlike => [qr/connection authenticated:/]);
+	log_like => [qr/connection authenticated: user="md5_role" method=trust/]);

 # SYSTEM_USER is null when not authenticated.
 $res = $node->safe_psql('postgres', "SELECT SYSTEM_USER IS NULL;");