pgsql: Add TAP tests for password-based authentication methods.
Add TAP tests for password-based authentication methods.
Tests all combinations of users with MD5, plaintext and SCRAM verifiers
stored in pg_authid, with plain 'password', 'md5' and 'scram'
authentication methods.
Michael Paquier
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/aa7464d949bf69ce1e8697f77400ff6b7ebb2d18
Modified Files
--------------
src/test/Makefile | 2 +-
src/test/README | 3 ++
src/test/authentication/Makefile | 20 ++++++++
src/test/authentication/README | 16 ++++++
src/test/authentication/t/001_password.pl | 84 +++++++++++++++++++++++++++++++
5 files changed, 124 insertions(+), 1 deletion(-)
--
Sent via pgsql-committers mailing list (pgsql-committers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-committers
On Fri, Mar 17, 2017 at 6:37 PM, Heikki Linnakangas
<heikki.linnakangas@iki.fi> wrote:
Add TAP tests for password-based authentication methods.
Tests all combinations of users with MD5, plaintext and SCRAM verifiers
stored in pg_authid, with plain 'password', 'md5' and 'scram'
authentication methods.
This patch has forgotten two things:
1) src/test/authentication/.gitignore.
2) A refresh of vcregress.pl to run this test suite on Windows.
Please find attached a patch to address both issues.
--
Michael
Attachments:
auth-test-fixes.patchtext/x-patch; charset=US-ASCII; name=auth-test-fixes.patchDownload
diff --git a/doc/src/sgml/install-windows.sgml b/doc/src/sgml/install-windows.sgml
index ecec0a60c7..4ef8d31f8e 100644
--- a/doc/src/sgml/install-windows.sgml
+++ b/doc/src/sgml/install-windows.sgml
@@ -451,6 +451,7 @@ $ENV{CONFIG}="Debug";
<userinput>vcregress ecpgcheck</userinput>
<userinput>vcregress isolationcheck</userinput>
<userinput>vcregress bincheck</userinput>
+<userinput>vcregress authcheck</userinput>
<userinput>vcregress recoverycheck</userinput>
<userinput>vcregress upgradecheck</userinput>
</screen>
@@ -467,8 +468,9 @@ $ENV{CONFIG}="Debug";
<para>
Running the regression tests on client programs, with
- <command>vcregress bincheck</>, or on recovery tests, with
- <command>vcregress recoverycheck</>, requires an additional Perl module
+ <command>vcregress bincheck</>, on recovery tests, with
+ <command>vcregress recoverycheck</>, or on authentication tests with
+ <command>vcregress authcheck</> requires an additional Perl module
to be installed:
<variablelist>
<varlistentry>
diff --git a/src/test/authentication/.gitignore b/src/test/authentication/.gitignore
new file mode 100644
index 0000000000..871e943d50
--- /dev/null
+++ b/src/test/authentication/.gitignore
@@ -0,0 +1,2 @@
+# Generated by test suite
+/tmp_check/
diff --git a/src/tools/msvc/vcregress.pl b/src/tools/msvc/vcregress.pl
index f1b9819cd2..c3cb4d0c74 100644
--- a/src/tools/msvc/vcregress.pl
+++ b/src/tools/msvc/vcregress.pl
@@ -34,7 +34,7 @@ if (-e "src/tools/msvc/buildenv.pl")
my $what = shift || "";
if ($what =~
-/^(check|installcheck|plcheck|contribcheck|modulescheck|ecpgcheck|isolationcheck|upgradecheck|bincheck|recoverycheck)$/i
+/^(check|installcheck|plcheck|contribcheck|modulescheck|ecpgcheck|isolationcheck|upgradecheck|bincheck|recoverycheck|authcheck)$/i
)
{
$what = uc $what;
@@ -90,6 +90,7 @@ my %command = (
ISOLATIONCHECK => \&isolationcheck,
BINCHECK => \&bincheck,
RECOVERYCHECK => \&recoverycheck,
+ AUTHCHECK => \&authcheck,
UPGRADECHECK => \&upgradecheck,);
my $proc = $command{$what};
@@ -373,6 +374,16 @@ sub recoverycheck
exit $status if $status;
}
+sub authcheck
+{
+ InstallTemp();
+
+ my $mstat = 0;
+ my $dir = "$topdir/src/test/authentication";
+ my $status = tap_check($dir);
+ exit $status if $status;
+}
+
# Run "initdb", then reconfigure authentication.
sub standard_initdb
{
@@ -599,6 +610,7 @@ sub usage
print STDERR
"Usage: vcregress.pl <mode> [ <schedule> ]\n\n",
"Options for <mode>:\n",
+ " authcheck run authentication test suite\n",
" bincheck run tests of utilities in src/bin/\n",
" check deploy instance and run regression tests on it\n",
" contribcheck run tests of modules in contrib/\n",
On 3/17/17 05:37, Heikki Linnakangas wrote:
Add TAP tests for password-based authentication methods.
Tests all combinations of users with MD5, plaintext and SCRAM verifiers
stored in pg_authid, with plain 'password', 'md5' and 'scram'
authentication methods.
This is missing an entry for tmp_check/ in .gitignore. But maybe we can
do that globally instead of repeating it in every directory?
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
On 03/18/2017 02:55 PM, Michael Paquier wrote:
On Fri, Mar 17, 2017 at 6:37 PM, Heikki Linnakangas
<heikki.linnakangas@iki.fi> wrote:Add TAP tests for password-based authentication methods.
Tests all combinations of users with MD5, plaintext and SCRAM verifiers
stored in pg_authid, with plain 'password', 'md5' and 'scram'
authentication methods.This patch has forgotten two things:
1) src/test/authentication/.gitignore.
2) A refresh of vcregress.pl to run this test suite on Windows.
Please find attached a patch to address both issues.
The tests don't actually work on Windows, and will all be skipped if
try. So "vcregress authcheck" as in this patch is pretty useless.
With some effort, we could make it work on Windows. It currently assumes
unix domain sockets, when it rewrites pg_hba.conf - that would need to
use TCP instead. And to make it secure, use a long-enough random
password instead of a hard-coded constant. I'm not volunteering to do
that, though.
- Heikki
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
On 03/20/2017 02:32 AM, Peter Eisentraut wrote:
On 3/17/17 05:37, Heikki Linnakangas wrote:
Add TAP tests for password-based authentication methods.
Tests all combinations of users with MD5, plaintext and SCRAM verifiers
stored in pg_authid, with plain 'password', 'md5' and 'scram'
authentication methods.This is missing an entry for tmp_check/ in .gitignore. But maybe we can
do that globally instead of repeating it in every directory?
Hmm. That would be nice. However, many of the test suites have other
files and directories in their .gitignores, so handling tmp_check
globally wouldn't move the needle much. And handling some generated
subdirectories globally and others locally seems confusing. For example,
src/test/regress/.gitignore currently looks like this:
# Local binaries
/pg_regress# Generated subdirectories
/tmp_check/
/results/
/log/# Note: regreesion.* are only left behind on a failure; that's why they're not ignored
#/regression.diffs
#/regression.out
Not having /tmp_check/ in the above would look like an omission, when
/results/ and /log/ are still listed.
If we could also handle results and log globally, that would be nice.
But IMHO those names are too generic to put to a global .gitignore. We
could rename them, but this starts to feel like more trouble than it's
worth. I'll just go and create a .gitignore for /tmp_check/ to
src/test/authentication.
- Heikki
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
Heikki Linnakangas <hlinnaka@iki.fi> writes:
On 03/20/2017 02:32 AM, Peter Eisentraut wrote:
This is missing an entry for tmp_check/ in .gitignore. But maybe we can
do that globally instead of repeating it in every directory?
If we could also handle results and log globally, that would be nice.
But IMHO those names are too generic to put to a global .gitignore. We
could rename them, but this starts to feel like more trouble than it's
worth. I'll just go and create a .gitignore for /tmp_check/ to
src/test/authentication.
FWIW, that was my thought about it as well. Handling tmp_check
differently from those other two just seems confusing.
regards, tom lane
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers