From: Daniel Gustafsson Date: Fri, 7 Apr 2023 20:14:23 +0000 (+0200) Subject: Test SCRAM iteration changes with psql \password X-Git-Url: http://git.postgresql.org/gitweb/-?a=commitdiff_plain;h=bf5a894c557179b85500a307104b36e846e24f48;p=users%2Frhaas%2Fpostgres.git Test SCRAM iteration changes with psql \password A version of this test was included in the original patch for altering SCRAM iteration count, but was omitted due to how interactive psql TAP sessions worked before being refactored. Discussion: https://postgr.es/m/20230130194350.zj5v467x4jgqt3d6@awork3.anarazel.de Discussion: https://postgr.es/m/F72E7BC7-189F-4B17-BF47-9735EB72C364@yesql.se --- diff --git a/src/test/authentication/t/001_password.pl b/src/test/authentication/t/001_password.pl index 00857fdae5..f414a8ba90 100644 --- a/src/test/authentication/t/001_password.pl +++ b/src/test/authentication/t/001_password.pl @@ -101,6 +101,32 @@ my $res = $node->safe_psql('postgres', WHERE rolname = 'scram_role_iter'"); is($res, 'SCRAM-SHA-256$1024:', 'scram_iterations in server side ROLE'); +# If we don't have IO::Pty, forget it, because IPC::Run depends on that +# to support pty connections +SKIP: +{ + skip "IO::Pty required", 1 unless eval { require IO::Pty; }; + + # Alter the password on the created role using \password in psql to ensure + # that clientside password changes use the scram_iterations value when + # calculating SCRAM secrets. + my $session = $node->interactive_psql('postgres'); + + $session->set_query_timer_restart(); + $session->query("SET password_encryption='scram-sha-256';"); + $session->query("SET scram_iterations=42;"); + $session->query_until(qr/Enter new password/, "\\password scram_role_iter\n"); + $session->query_until(qr/Enter it again/, "pass\n"); + $session->query_until(qr/postgres=# /, "pass\n"); + $session->quit; + + $res = $node->safe_psql('postgres', + "SELECT substr(rolpassword,1,17) + FROM pg_authid + WHERE rolname = 'scram_role_iter'"); + is($res, 'SCRAM-SHA-256$42:', 'scram_iterations in psql \password command'); +} + # Create a database to test regular expression. $node->safe_psql('postgres', "CREATE database regex_testdb;");