Commit 18059543 authored by Peter Eisentraut's avatar Peter Eisentraut
parent bdd6e9ba
...@@ -8,7 +8,7 @@ use File::Copy; ...@@ -8,7 +8,7 @@ use File::Copy;
if ($ENV{with_openssl} eq 'yes') if ($ENV{with_openssl} eq 'yes')
{ {
plan tests => 65; plan tests => 71;
} }
else else
{ {
...@@ -309,6 +309,16 @@ test_connect_fails( ...@@ -309,6 +309,16 @@ test_connect_fails(
qr/SSL error/, qr/SSL error/,
"does not connect with client-side CRL"); "does not connect with client-side CRL");
# pg_stat_ssl
command_like([
'psql', '-X', '-A', '-F', ',', '-P', 'null=_null_',
'-d', "$common_connstr sslrootcert=invalid",
'-c', "SELECT * FROM pg_stat_ssl WHERE pid = pg_backend_pid()"
],
qr{^pid,ssl,version,cipher,bits,compression,clientdn\n
^\d+,t,TLSv[\d.]+,[\w-]+,\d+,f,$}mx,
'pg_stat_ssl view without client certificate');
### Server-side tests. ### Server-side tests.
### ###
### Test certificate authorization. ### Test certificate authorization.
...@@ -331,6 +341,16 @@ test_connect_ok( ...@@ -331,6 +341,16 @@ test_connect_ok(
"user=ssltestuser sslcert=ssl/client.crt sslkey=ssl/client_tmp.key", "user=ssltestuser sslcert=ssl/client.crt sslkey=ssl/client_tmp.key",
"certificate authorization succeeds with correct client cert"); "certificate authorization succeeds with correct client cert");
# pg_stat_ssl
command_like([
'psql', '-X', '-A', '-F', ',', '-P', 'null=_null_',
'-d', "$common_connstr user=ssltestuser sslcert=ssl/client.crt sslkey=ssl/client_tmp.key",
'-c', "SELECT * FROM pg_stat_ssl WHERE pid = pg_backend_pid()"
],
qr{^pid,ssl,version,cipher,bits,compression,clientdn\n
^\d+,t,TLSv[\d.]+,[\w-]+,\d+,f,/CN=ssltestuser$}mx,
'pg_stat_ssl with client certificate');
# client key with wrong permissions # client key with wrong permissions
test_connect_fails( test_connect_fails(
$common_connstr, $common_connstr,
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment