Use a better way of skipping all subscription tests on Windows
This way we only need to specify the number of tests in one place, and the output is also less verbose.
This commit is contained in:
Andrew Dunstan
parent
d99d58cdc8
commit
8d9f060977
|
|
@ -10,7 +10,16 @@ use strict;
|
|||
use warnings;
|
||||
use PostgresNode;
|
||||
use TestLib;
|
||||
use Test::More tests => 8;
|
||||
use Test::More;
|
||||
if ($windows_os)
|
||||
{
|
||||
plan skip_all => "authentication tests cannot run on Windows";
|
||||
}
|
||||
else
|
||||
{
|
||||
plan tests => 8;
|
||||
}
|
||||
|
||||
|
||||
# Delete pg_hba.conf from the given node, add a new entry to it
|
||||
# and then execute a reload to refresh it.
|
||||
|
|
@ -40,39 +49,34 @@ sub test_role
|
|||
"authentication $status_string for method $method, role $role");
|
||||
}
|
||||
|
||||
SKIP:
|
||||
{
|
||||
skip "authentication tests cannot run on Windows", 12 if ($windows_os);
|
||||
# Initialize master node
|
||||
my $node = get_new_node('master');
|
||||
$node->init;
|
||||
$node->start;
|
||||
|
||||
# Initialize master node
|
||||
my $node = get_new_node('master');
|
||||
$node->init;
|
||||
$node->start;
|
||||
# Create 3 roles with different password methods for each one. The same
|
||||
# password is used for all of them.
|
||||
$node->safe_psql('postgres', "SET password_encryption='scram-sha-256'; CREATE ROLE scram_role LOGIN PASSWORD 'pass';");
|
||||
$node->safe_psql('postgres', "SET password_encryption='md5'; CREATE ROLE md5_role LOGIN PASSWORD 'pass';");
|
||||
$ENV{"PGPASSWORD"} = 'pass';
|
||||
|
||||
# Create 3 roles with different password methods for each one. The same
|
||||
# password is used for all of them.
|
||||
$node->safe_psql('postgres', "SET password_encryption='scram-sha-256'; CREATE ROLE scram_role LOGIN PASSWORD 'pass';");
|
||||
$node->safe_psql('postgres', "SET password_encryption='md5'; CREATE ROLE md5_role LOGIN PASSWORD 'pass';");
|
||||
$ENV{"PGPASSWORD"} = 'pass';
|
||||
# For "trust" method, all users should be able to connect.
|
||||
reset_pg_hba($node, 'trust');
|
||||
test_role($node, 'scram_role', 'trust', 0);
|
||||
test_role($node, 'md5_role', 'trust', 0);
|
||||
|
||||
# For "trust" method, all users should be able to connect.
|
||||
reset_pg_hba($node, 'trust');
|
||||
test_role($node, 'scram_role', 'trust', 0);
|
||||
test_role($node, 'md5_role', 'trust', 0);
|
||||
# For plain "password" method, all users should also be able to connect.
|
||||
reset_pg_hba($node, 'password');
|
||||
test_role($node, 'scram_role', 'password', 0);
|
||||
test_role($node, 'md5_role', 'password', 0);
|
||||
|
||||
# For plain "password" method, all users should also be able to connect.
|
||||
reset_pg_hba($node, 'password');
|
||||
test_role($node, 'scram_role', 'password', 0);
|
||||
test_role($node, 'md5_role', 'password', 0);
|
||||
# For "scram-sha-256" method, user "scram_role" should be able to connect.
|
||||
reset_pg_hba($node, 'scram-sha-256');
|
||||
test_role($node, 'scram_role', 'scram-sha-256', 0);
|
||||
test_role($node, 'md5_role', 'scram-sha-256', 2);
|
||||
|
||||
# For "scram-sha-256" method, user "scram_role" should be able to connect.
|
||||
reset_pg_hba($node, 'scram-sha-256');
|
||||
test_role($node, 'scram_role', 'scram-sha-256', 0);
|
||||
test_role($node, 'md5_role', 'scram-sha-256', 2);
|
||||
|
||||
# For "md5" method, all users should be able to connect (SCRAM
|
||||
# authentication will be performed for the user with a scram verifier.)
|
||||
reset_pg_hba($node, 'md5');
|
||||
test_role($node, 'scram_role', 'md5', 0);
|
||||
test_role($node, 'md5_role', 'md5', 0);
|
||||
}
|
||||
# For "md5" method, all users should be able to connect (SCRAM
|
||||
# authentication will be performed for the user with a scram verifier.)
|
||||
reset_pg_hba($node, 'md5');
|
||||
test_role($node, 'scram_role', 'md5', 0);
|
||||
test_role($node, 'md5_role', 'md5', 0);
|
||||
|
|
|
|||
|
|
@ -7,7 +7,15 @@ use strict;
|
|||
use warnings;
|
||||
use PostgresNode;
|
||||
use TestLib;
|
||||
use Test::More tests => 12;
|
||||
use Test::More;
|
||||
if ($windows_os)
|
||||
{
|
||||
plan skip_all => "authentication tests cannot run on Windows";
|
||||
}
|
||||
else
|
||||
{
|
||||
plan tests => 12;
|
||||
}
|
||||
|
||||
# Delete pg_hba.conf from the given node, add a new entry to it
|
||||
# and then execute a reload to refresh it.
|
||||
|
|
@ -38,62 +46,57 @@ sub test_login
|
|||
"authentication $status_string for role $role with password $password");
|
||||
}
|
||||
|
||||
SKIP:
|
||||
{
|
||||
skip "authentication tests cannot run on Windows", 12 if ($windows_os);
|
||||
# Initialize master node. Force UTF-8 encoding, so that we can use non-ASCII
|
||||
# characters in the passwords below.
|
||||
my $node = get_new_node('master');
|
||||
$node->init(extra => ['--locale=C', '--encoding=UTF8']);
|
||||
$node->start;
|
||||
|
||||
# Initialize master node. Force UTF-8 encoding, so that we can use non-ASCII
|
||||
# characters in the passwords below.
|
||||
my $node = get_new_node('master');
|
||||
$node->init(extra => ['--locale=C', '--encoding=UTF8']);
|
||||
$node->start;
|
||||
# These tests are based on the example strings from RFC4013.txt,
|
||||
# Section "3. Examples":
|
||||
#
|
||||
# # Input Output Comments
|
||||
# - ----- ------ --------
|
||||
# 1 I<U+00AD>X IX SOFT HYPHEN mapped to nothing
|
||||
# 2 user user no transformation
|
||||
# 3 USER USER case preserved, will not match #2
|
||||
# 4 <U+00AA> a output is NFKC, input in ISO 8859-1
|
||||
# 5 <U+2168> IX output is NFKC, will match #1
|
||||
# 6 <U+0007> Error - prohibited character
|
||||
# 7 <U+0627><U+0031> Error - bidirectional check
|
||||
|
||||
# These tests are based on the example strings from RFC4013.txt,
|
||||
# Section "3. Examples":
|
||||
#
|
||||
# # Input Output Comments
|
||||
# - ----- ------ --------
|
||||
# 1 I<U+00AD>X IX SOFT HYPHEN mapped to nothing
|
||||
# 2 user user no transformation
|
||||
# 3 USER USER case preserved, will not match #2
|
||||
# 4 <U+00AA> a output is NFKC, input in ISO 8859-1
|
||||
# 5 <U+2168> IX output is NFKC, will match #1
|
||||
# 6 <U+0007> Error - prohibited character
|
||||
# 7 <U+0627><U+0031> Error - bidirectional check
|
||||
|
||||
# Create test roles.
|
||||
$node->safe_psql('postgres',
|
||||
# Create test roles.
|
||||
$node->safe_psql('postgres',
|
||||
"SET password_encryption='scram-sha-256';
|
||||
SET client_encoding='utf8';
|
||||
CREATE ROLE saslpreptest1_role LOGIN PASSWORD 'IX';
|
||||
CREATE ROLE saslpreptest4a_role LOGIN PASSWORD 'a';
|
||||
CREATE ROLE saslpreptest4b_role LOGIN PASSWORD E'\\xc2\\xaa';
|
||||
CREATE ROLE saslpreptest6_role LOGIN PASSWORD E'foo\\x07bar';
|
||||
CREATE ROLE saslpreptest7_role LOGIN PASSWORD E'foo\\u0627\\u0031bar';
|
||||
SET client_encoding='utf8';
|
||||
CREATE ROLE saslpreptest1_role LOGIN PASSWORD 'IX';
|
||||
CREATE ROLE saslpreptest4a_role LOGIN PASSWORD 'a';
|
||||
CREATE ROLE saslpreptest4b_role LOGIN PASSWORD E'\\xc2\\xaa';
|
||||
CREATE ROLE saslpreptest6_role LOGIN PASSWORD E'foo\\x07bar';
|
||||
CREATE ROLE saslpreptest7_role LOGIN PASSWORD E'foo\\u0627\\u0031bar';
|
||||
");
|
||||
|
||||
# Require password from now on.
|
||||
reset_pg_hba($node, 'scram-sha-256');
|
||||
# Require password from now on.
|
||||
reset_pg_hba($node, 'scram-sha-256');
|
||||
|
||||
# Check that #1 and #5 are treated the same as just 'IX'
|
||||
test_login($node, 'saslpreptest1_role', "I\xc2\xadX", 0);
|
||||
test_login($node, 'saslpreptest1_role', "\xe2\x85\xa8", 0);
|
||||
# Check that #1 and #5 are treated the same as just 'IX'
|
||||
test_login($node, 'saslpreptest1_role', "I\xc2\xadX", 0);
|
||||
test_login($node, 'saslpreptest1_role', "\xe2\x85\xa8", 0);
|
||||
|
||||
# but different from lower case 'ix'
|
||||
test_login($node, 'saslpreptest1_role', "ix", 2);
|
||||
# but different from lower case 'ix'
|
||||
test_login($node, 'saslpreptest1_role', "ix", 2);
|
||||
|
||||
# Check #4
|
||||
test_login($node, 'saslpreptest4a_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4a_role', "\xc2\xaa", 0);
|
||||
test_login($node, 'saslpreptest4b_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4b_role', "\xc2\xaa", 0);
|
||||
# Check #4
|
||||
test_login($node, 'saslpreptest4a_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4a_role', "\xc2\xaa", 0);
|
||||
test_login($node, 'saslpreptest4b_role', "a", 0);
|
||||
test_login($node, 'saslpreptest4b_role', "\xc2\xaa", 0);
|
||||
|
||||
# Check #6 and #7 - In PostgreSQL, contrary to the spec, if the password
|
||||
# contains prohibited characters, we use it as is, without normalization.
|
||||
test_login($node, 'saslpreptest6_role', "foo\x07bar", 0);
|
||||
test_login($node, 'saslpreptest6_role', "foobar", 2);
|
||||
# Check #6 and #7 - In PostgreSQL, contrary to the spec, if the password
|
||||
# contains prohibited characters, we use it as is, without normalization.
|
||||
test_login($node, 'saslpreptest6_role', "foo\x07bar", 0);
|
||||
test_login($node, 'saslpreptest6_role', "foobar", 2);
|
||||
|
||||
test_login($node, 'saslpreptest7_role', "foo\xd8\xa71bar", 0);
|
||||
test_login($node, 'saslpreptest7_role', "foo1\xd8\xa7bar", 2);
|
||||
test_login($node, 'saslpreptest7_role', "foobar", 2);
|
||||
}
|
||||
test_login($node, 'saslpreptest7_role', "foo\xd8\xa71bar", 0);
|
||||
test_login($node, 'saslpreptest7_role', "foo1\xd8\xa7bar", 2);
|
||||
test_login($node, 'saslpreptest7_role', "foobar", 2);
|
||||
|
|
|
|||
Loading…
Reference in New Issue