Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content

Commit b4e2ada

Browse files
committed
In LDAP test, restart after pg_hba.conf changes
Instead of issuing a reload after pg_hba.conf changes between test cases, run a full restart. With a reload, an error in the new pg_hba.conf is ignored and the tests will continue to run with the old settings, invalidating the subsequent test cases. With a restart, a faulty pg_hba.conf will lead to the test being aborted, which is what we'd rather want.
1 parent ebdb42a commit b4e2ada

File tree

1 file changed

+11
-11
lines changed

1 file changed

+11
-11
lines changed

src/test/ldap/t/001_auth.pl

+11-11
Original file line numberDiff line numberDiff line change
@@ -130,7 +130,7 @@ sub test_access
130130

131131
unlink($node->data_dir . '/pg_hba.conf');
132132
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapserver=$ldap_server ldapport=$ldap_port ldapprefix="uid=" ldapsuffix=",dc=example,dc=net"});
133-
$node->reload;
133+
$node->restart;
134134

135135
$ENV{"PGPASSWORD"} = 'wrong';
136136
test_access($node, 'test0', 2, 'simple bind authentication fails if user not found in LDAP');
@@ -142,7 +142,7 @@ sub test_access
142142

143143
unlink($node->data_dir . '/pg_hba.conf');
144144
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapserver=$ldap_server ldapport=$ldap_port ldapbasedn="$ldap_basedn"});
145-
$node->reload;
145+
$node->restart;
146146

147147
$ENV{"PGPASSWORD"} = 'wrong';
148148
test_access($node, 'test0', 2, 'search+bind authentication fails if user not found in LDAP');
@@ -154,7 +154,7 @@ sub test_access
154154

155155
unlink($node->data_dir . '/pg_hba.conf');
156156
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapurl="$ldap_url/$ldap_basedn?uid?sub"});
157-
$node->reload;
157+
$node->restart;
158158

159159
$ENV{"PGPASSWORD"} = 'wrong';
160160
test_access($node, 'test0', 2, 'search+bind with LDAP URL authentication fails if user not found in LDAP');
@@ -166,7 +166,7 @@ sub test_access
166166

167167
unlink($node->data_dir . '/pg_hba.conf');
168168
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapserver=$ldap_server ldapport=$ldap_port ldapbasedn="$ldap_basedn" ldapsearchfilter="(|(uid=\$username)(mail=\$username))"});
169-
$node->reload;
169+
$node->restart;
170170

171171
$ENV{"PGPASSWORD"} = 'secret1';
172172
test_access($node, 'test1', 0, 'search filter finds by uid');
@@ -177,7 +177,7 @@ sub test_access
177177

178178
unlink($node->data_dir . '/pg_hba.conf');
179179
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapurl="$ldap_url/$ldap_basedn??sub?(|(uid=\$username)(mail=\$username))"});
180-
$node->reload;
180+
$node->restart;
181181

182182
$ENV{"PGPASSWORD"} = 'secret1';
183183
test_access($node, 'test1', 0, 'search filter finds by uid');
@@ -189,7 +189,7 @@ sub test_access
189189
# override. It might be useful in a case like this.
190190
unlink($node->data_dir . '/pg_hba.conf');
191191
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapurl="$ldap_url/$ldap_basedn??sub" ldapsearchfilter="(|(uid=\$username)(mail=\$username))"});
192-
$node->reload;
192+
$node->restart;
193193

194194
$ENV{"PGPASSWORD"} = 'secret1';
195195
test_access($node, 'test1', 0, 'combined LDAP URL and search filter');
@@ -199,7 +199,7 @@ sub test_access
199199
# note bad ldapprefix with a question mark that triggers a diagnostic message
200200
unlink($node->data_dir . '/pg_hba.conf');
201201
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapserver=$ldap_server ldapport=$ldap_port ldapprefix="?uid=" ldapsuffix=""});
202-
$node->reload;
202+
$node->restart;
203203

204204
$ENV{"PGPASSWORD"} = 'secret1';
205205
test_access($node, 'test1', 2, 'any attempt fails due to bad search pattern');
@@ -209,31 +209,31 @@ sub test_access
209209
# request StartTLS with ldaptls=1
210210
unlink($node->data_dir . '/pg_hba.conf');
211211
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapserver=$ldap_server ldapport=$ldap_port ldapbasedn="$ldap_basedn" ldapsearchfilter="(uid=\$username)" ldaptls=1});
212-
$node->reload;
212+
$node->restart;
213213

214214
$ENV{"PGPASSWORD"} = 'secret1';
215215
test_access($node, 'test1', 0, 'StartTLS');
216216

217217
# request LDAPS with ldapscheme=ldaps
218218
unlink($node->data_dir . '/pg_hba.conf');
219219
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapserver=$ldap_server ldapscheme=ldaps ldapport=$ldaps_port ldapbasedn="$ldap_basedn" ldapsearchfilter="(uid=\$username)"});
220-
$node->reload;
220+
$node->restart;
221221

222222
$ENV{"PGPASSWORD"} = 'secret1';
223223
test_access($node, 'test1', 0, 'LDAPS');
224224

225225
# request LDAPS with ldapurl=ldaps://...
226226
unlink($node->data_dir . '/pg_hba.conf');
227227
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapurl="$ldaps_url/$ldap_basedn??sub?(uid=\$username)"});
228-
$node->reload;
228+
$node->restart;
229229

230230
$ENV{"PGPASSWORD"} = 'secret1';
231231
test_access($node, 'test1', 0, 'LDAPS with URL');
232232

233233
# bad combination of LDAPS and StartTLS
234234
unlink($node->data_dir . '/pg_hba.conf');
235235
$node->append_conf('pg_hba.conf', qq{local all all ldap ldapurl="$ldaps_url/$ldap_basedn??sub?(uid=\$username)" ldaptls=1});
236-
$node->reload;
236+
$node->restart;
237237

238238
$ENV{"PGPASSWORD"} = 'secret1';
239239
test_access($node, 'test1', 2, 'bad combination of LDAPS and StartTLS');

0 commit comments

Comments
 (0)