Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit ef7fa90

Browse files
hlinnakahlinnaka
committed
Add tests for errors during SSL or GSSAPI handshake
These test that libpq correctly falls back to a plaintext connection on handshake error, in the "prefer" modes. Reviewed-by: Michael Paquier Discussion: https://www.postgresql.org/message-id/CAOYmi%2Bnwvu21mJ4DYKUa98HdfM_KZJi7B1MhyXtnsyOO-PB6Ww%40mail.gmail.com
1 parent 20e0e7d commit ef7fa90

File tree

3 files changed

+26
-0
lines changed

3 files changed

+26
-0
lines changed

src/backend/libpq/be-secure-gssapi.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@
2121
#include "libpq/pqformat.h"
2222
#include "miscadmin.h"
2323
#include "pgstat.h"
24+
#include "utils/injection_point.h"
2425
#include "utils/memutils.h"
2526

2627

@@ -499,6 +500,8 @@ secure_open_gssapi(Port *port)
499500
minor;
500501
gss_cred_id_t delegated_creds;
501502

503+
INJECTION_POINT("backend-gssapi-startup");
504+
502505
/*
503506
* Allocate subsidiary Port data for GSSAPI operations.
504507
*/

src/backend/libpq/be-secure.c

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,6 +30,7 @@
3030
#include "libpq/libpq.h"
3131
#include "miscadmin.h"
3232
#include "tcop/tcopprot.h"
33+
#include "utils/injection_point.h"
3334
#include "utils/wait_event.h"
3435

3536
char *ssl_library;
@@ -129,6 +130,8 @@ secure_open_server(Port *port)
129130
}
130131
Assert(pq_buffer_remaining_data() == 0);
131132

133+
INJECTION_POINT("backend-ssl-startup");
134+
132135
r = be_tls_open_server(port);
133136

134137
if (port->raw_buf_remaining > 0)

src/interfaces/libpq/t/005_negotiate_encryption.pl

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -339,6 +339,16 @@ BEGIN
339339
"user=testuser sslmode=prefer",
340340
'connect, v2error -> fail');
341341
$node->restart;
342+
343+
$node->safe_psql(
344+
'postgres',
345+
"SELECT injection_points_attach('backend-ssl-startup', 'error');",
346+
connstr => "user=localuser host=$unixdir");
347+
connect_test(
348+
$node,
349+
"user=testuser sslmode=prefer",
350+
'connect, sslaccept, backenderror, reconnect, authok -> plain');
351+
$node->restart;
342352
}
343353

344354
# Disable SSL again
@@ -444,6 +454,16 @@ BEGIN
444454
"user=testuser gssencmode=prefer sslmode=disable",
445455
'connect, v2error -> fail');
446456
$node->restart;
457+
458+
$node->safe_psql(
459+
'postgres',
460+
"SELECT injection_points_attach('backend-gssapi-startup', 'error');",
461+
connstr => "user=localuser host=$unixdir");
462+
connect_test(
463+
$node,
464+
"user=testuser gssencmode=prefer sslmode=disable",
465+
'connect, gssaccept, backenderror, reconnect, authok -> plain');
466+
$node->restart;
447467
}
448468
}
449469

0 commit comments

Comments
 (0)