From: Peter Eisentraut Date: Thu, 1 Aug 2019 15:57:57 +0000 (+0200) Subject: Add tests for md5 authentication X-Git-Tag: pgbouncer_1_11_0~33 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c25c910f4f116fa240f1ca3a36ed4465c102739a;p=pgbouncer Add tests for md5 authentication --- diff --git a/test/test.ini b/test/test.ini index 7355d72..b45634a 100644 --- a/test/test.ini +++ b/test/test.ini @@ -4,6 +4,8 @@ p0 = port=6666 host=127.0.0.1 dbname=p0 user=bouncer pool_size=2 p1 = port=6666 host=127.0.0.1 dbname=p1 user=bouncer p3 = port=6666 host=127.0.0.1 dbname=p0 user=bouncer pool_mode=session +p5 = port=6666 host=127.0.0.1 dbname=p5 user=muser1 password=foo +p5x= port=6666 host=127.0.0.1 dbname=p5 user=muser1 password=wrong authdb = port=6666 host=127.0.0.1 dbname=p1 auth_user=pswcheck diff --git a/test/test.sh b/test/test.sh index 62bc749..dcba8c3 100755 --- a/test/test.sh +++ b/test/test.sh @@ -81,6 +81,17 @@ if [ ! -d $PGDATA ]; then mkdir $PGDATA initdb >> $PG_LOG 2>&1 sed $SED_ERE_OP -i "/unix_socket_director/s:.*(unix_socket_director.*=).*:\\1 '/tmp':" pgdata/postgresql.conf + cat >>pgdata/postgresql.conf <<-EOF + log_connections = on + EOF + cat >pgdata/pg_hba.conf <<-EOF + local p5 all md5 + host p5 all 127.0.0.1/32 md5 + host p5 all ::1/128 md5 + local all all trust + host all all 127.0.0.1/32 trust + host all all ::1/128 trust + EOF fi pgctl start @@ -88,15 +99,17 @@ sleep 5 echo "Creating databases" psql -X -p $PG_PORT -l | grep p0 > /dev/null || { - psql -X -o /dev/null -p $PG_PORT -c "create user bouncer" template1 - createdb -p $PG_PORT p0 - createdb -p $PG_PORT p1 - createdb -p $PG_PORT p3 + psql -X -o /dev/null -p $PG_PORT -c "create user bouncer" template1 || exit 1 + for dbname in p0 p1 p3 p5; do + createdb -p $PG_PORT $dbname || exit 1 + done } psql -X -p $PG_PORT -d p0 -c "select * from pg_user" | grep pswcheck > /dev/null || { + echo "Creating users" psql -X -o /dev/null -p $PG_PORT -c "create user pswcheck with superuser createdb password 'pgbouncer-check';" p0 || exit 1 psql -X -o /dev/null -p $PG_PORT -c "create user someuser with password 'anypasswd';" p0 || exit 1 + psql -X -o /dev/null -p $PG_PORT -c "create user muser1 password 'foo';" p0 || exit 1 } echo "Starting bouncer" @@ -572,6 +585,32 @@ test_auth_user() { return 0 } +# test md5 authentication from PgBouncer to PostgreSQL server +test_md5_server() { + admin "set auth_type='trust'" + + # good password + psql -X -c "select 1" p5 || return 1 + # bad password + psql -X -c "select 2" p5x && return 1 + + return 0 +} + +# test md5 authentication from client to PgBouncer +test_md5_client() { + admin "set auth_type='md5'" + + # good password + PGPASSWORD=foo psql -X -U muser1 -c "select 1" p1 || return 1 + # bad password + PGPASSWORD=wrong psql -X -U muser2 -c "select 2" p1 && return 1 + + admin "set auth_type='trust'" + + return 0 +} + testlist=" test_server_login_retry test_auth_user @@ -594,6 +633,8 @@ test_database_change test_reconnect test_fast_close test_wait_close +test_md5_server +test_md5_client " if [ $# -gt 0 ]; then diff --git a/test/userlist.txt b/test/userlist.txt index da2c707..7a735a6 100644 --- a/test/userlist.txt +++ b/test/userlist.txt @@ -3,3 +3,8 @@ ;Commented out line should be ignored. "pgbouncer" "fake" "pswcheck" "pgbouncer-check" + +;the following pairs of passwords are "foo" and "bar" + +"muser1" "md5ab8b744ff66bee42dc47bae34ca17959" +"muser2" "md598455b3585818e23c2653a59f6d84551"