aboutsummaryrefslogtreecommitdiff
path: root/src/test
diff options
context:
space:
mode:
Diffstat (limited to 'src/test')
-rw-r--r--src/test/kerberos/t/001_auth.pl44
-rw-r--r--src/test/perl/PostgreSQL/Test/Utils.pm1
-rw-r--r--src/test/regress/pg_regress.c1
3 files changed, 24 insertions, 22 deletions
diff --git a/src/test/kerberos/t/001_auth.pl b/src/test/kerberos/t/001_auth.pl
index bff26fda0c9..0deb9bffc8d 100644
--- a/src/test/kerberos/t/001_auth.pl
+++ b/src/test/kerberos/t/001_auth.pl
@@ -381,7 +381,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND NOT credentials_delegated FROM pg_stat_gssapi WHERE pid = pg_backend_pid();',
0,
- 'gssencmode=prefer gssdelegation=enable',
+ 'gssencmode=prefer gssdelegation=1',
'succeeds with GSS-encrypted access preferred with host hba and credentials not delegated even though asked for (ticket not forwardable)',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=no, principal=test1\@$realm)"
@@ -391,7 +391,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND NOT credentials_delegated FROM pg_stat_gssapi WHERE pid = pg_backend_pid();',
0,
- 'gssencmode=require gssdelegation=enable',
+ 'gssencmode=require gssdelegation=1',
'succeeds with GSS-encrypted access required with host hba and credentials not delegated even though asked for (ticket not forwardable)',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=no, principal=test1\@$realm)"
@@ -480,7 +480,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND NOT credentials_delegated from pg_stat_gssapi where pid = pg_backend_pid();',
0,
- 'gssencmode=prefer gssdelegation=enable',
+ 'gssencmode=prefer gssdelegation=1',
'succeeds with GSS-encrypted access preferred and hostgssenc hba and credentials not forwarded (server does not accept them, default)',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=no, principal=test1\@$realm)"
@@ -490,7 +490,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND NOT credentials_delegated from pg_stat_gssapi where pid = pg_backend_pid();',
0,
- 'gssencmode=require gssdelegation=enable',
+ 'gssencmode=require gssdelegation=1',
'succeeds with GSS-encrypted access required and hostgssenc hba and credentials not forwarded (server does not accept them, default)',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=no, principal=test1\@$realm)"
@@ -504,7 +504,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND NOT credentials_delegated from pg_stat_gssapi where pid = pg_backend_pid();',
0,
- 'gssencmode=prefer gssdelegation=enable',
+ 'gssencmode=prefer gssdelegation=1',
'succeeds with GSS-encrypted access preferred and hostgssenc hba and credentials not forwarded (server does not accept them, explicitly disabled)',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=no, principal=test1\@$realm)"
@@ -514,7 +514,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND NOT credentials_delegated from pg_stat_gssapi where pid = pg_backend_pid();',
0,
- 'gssencmode=require gssdelegation=enable',
+ 'gssencmode=require gssdelegation=1',
'succeeds with GSS-encrypted access required and hostgssenc hba and credentials not forwarded (server does not accept them, explicitly disabled)',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=no, principal=test1\@$realm)"
@@ -528,7 +528,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND credentials_delegated from pg_stat_gssapi where pid = pg_backend_pid();',
0,
- 'gssencmode=prefer gssdelegation=enable',
+ 'gssencmode=prefer gssdelegation=1',
'succeeds with GSS-encrypted access preferred and hostgssenc hba and credentials forwarded',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=yes, principal=test1\@$realm)"
@@ -538,7 +538,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND credentials_delegated from pg_stat_gssapi where pid = pg_backend_pid();',
0,
- 'gssencmode=require gssdelegation=enable',
+ 'gssencmode=require gssdelegation=1',
'succeeds with GSS-encrypted access required and hostgssenc hba and credentials forwarded',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=yes, principal=test1\@$realm)"
@@ -558,7 +558,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND NOT credentials_delegated FROM pg_stat_gssapi WHERE pid = pg_backend_pid();',
0,
- 'gssencmode=require gssdelegation=disable',
+ 'gssencmode=require gssdelegation=0',
'succeeds with GSS-encrypted access required and hostgssenc hba and credentials explicitly not forwarded',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=no, principal=test1\@$realm)"
@@ -572,7 +572,7 @@ $psql_rc = $node->psql(
'postgres',
"SELECT * FROM dblink('user=test1 dbname=$dbname host=$host hostaddr=$hostaddr port=$port','select 1') as t1(c1 int);",
connstr =>
- "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=disable",
+ "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=0",
stdout => \$psql_out,
stderr => \$psql_stderr);
is($psql_rc, '3', 'dblink attempt fails without delegated credentials');
@@ -589,7 +589,7 @@ $psql_rc = $node->psql(
'postgres',
"SELECT * FROM dblink('user=test2 dbname=$dbname port=$port passfile=$pgpass','select 1') as t1(c1 int);",
connstr =>
- "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=disable",
+ "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=0",
stdout => \$psql_out,
stderr => \$psql_stderr);
is($psql_rc, '3',
@@ -608,7 +608,7 @@ $psql_rc = $node->psql(
'postgres',
"TABLE tf1;",
connstr =>
- "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=disable",
+ "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=0",
stdout => \$psql_out,
stderr => \$psql_stderr);
is($psql_rc, '3', 'postgres_fdw does not work without delegated credentials');
@@ -626,7 +626,7 @@ $psql_rc = $node->psql(
'postgres',
"TABLE tf2;",
connstr =>
- "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=disable",
+ "user=test1 host=$host hostaddr=$hostaddr gssencmode=require gssdelegation=0",
stdout => \$psql_out,
stderr => \$psql_stderr);
is($psql_rc, '3',
@@ -668,7 +668,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND NOT encrypted AND credentials_delegated FROM pg_stat_gssapi WHERE pid = pg_backend_pid();',
0,
- 'gssencmode=prefer gssdelegation=enable',
+ 'gssencmode=prefer gssdelegation=1',
'succeeds with GSS-encrypted access preferred and hostnogssenc hba, but no encryption',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=no, delegated_credentials=yes, principal=test1\@$realm)"
@@ -680,7 +680,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND NOT encrypted AND credentials_delegated FROM pg_stat_gssapi WHERE pid = pg_backend_pid();',
0,
- 'gssencmode=disable gssdelegation=enable',
+ 'gssencmode=disable gssdelegation=1',
'succeeds with GSS encryption disabled and hostnogssenc hba',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=no, delegated_credentials=yes, principal=test1\@$realm)"
@@ -691,7 +691,7 @@ test_query(
'test1',
"SELECT * FROM dblink('user=test1 dbname=$dbname host=$host hostaddr=$hostaddr port=$port','select 1') as t1(c1 int);",
qr/^1$/s,
- 'gssencmode=prefer gssdelegation=enable',
+ 'gssencmode=prefer gssdelegation=1',
'dblink works not-encrypted (server not configured to accept encrypted GSSAPI connections)'
);
@@ -700,7 +700,7 @@ test_query(
'test1',
"TABLE tf1;",
qr/^1$/s,
- 'gssencmode=prefer gssdelegation=enable',
+ 'gssencmode=prefer gssdelegation=1',
'postgres_fdw works not-encrypted (server not configured to accept encrypted GSSAPI connections)'
);
@@ -711,7 +711,7 @@ $psql_rc = $node->psql(
'postgres',
"SELECT * FROM dblink('user=test2 dbname=$dbname port=$port passfile=$pgpass','select 1') as t1(c1 int);",
connstr =>
- "user=test1 host=$host hostaddr=$hostaddr gssencmode=prefer gssdelegation=enable",
+ "user=test1 host=$host hostaddr=$hostaddr gssencmode=prefer gssdelegation=1",
stdout => \$psql_out,
stderr => \$psql_stderr);
is($psql_rc, '3',
@@ -730,7 +730,7 @@ $psql_rc = $node->psql(
'postgres',
"TABLE tf2;",
connstr =>
- "user=test1 host=$host hostaddr=$hostaddr gssencmode=prefer gssdelegation=enable",
+ "user=test1 host=$host hostaddr=$hostaddr gssencmode=prefer gssdelegation=1",
stdout => \$psql_out,
stderr => \$psql_stderr);
is($psql_rc, '3',
@@ -760,7 +760,7 @@ test_access(
'test1',
'SELECT gss_authenticated AND encrypted AND credentials_delegated FROM pg_stat_gssapi WHERE pid = pg_backend_pid();',
0,
- 'gssdelegation=enable',
+ 'gssdelegation=1',
'succeeds with include_realm=0 and defaults',
"connection authenticated: identity=\"test1\@$realm\" method=gss",
"connection authorized: user=$username database=$dbname application_name=$application GSS (authenticated=yes, encrypted=yes, delegated_credentials=yes, principal=test1\@$realm)"
@@ -771,12 +771,12 @@ test_query(
'test1',
"SELECT * FROM dblink('user=test1 dbname=$dbname host=$host hostaddr=$hostaddr port=$port password=1234','select 1') as t1(c1 int);",
qr/^1$/s,
- 'gssencmode=require gssdelegation=enable',
+ 'gssencmode=require gssdelegation=1',
'dblink works encrypted');
test_query(
$node, 'test1', "TABLE tf1;", qr/^1$/s,
- 'gssencmode=require gssdelegation=enable',
+ 'gssencmode=require gssdelegation=1',
'postgres_fdw works encrypted');
# Reset pg_hba.conf, and cause a usermap failure with an authentication
diff --git a/src/test/perl/PostgreSQL/Test/Utils.pm b/src/test/perl/PostgreSQL/Test/Utils.pm
index 38cd7d830d8..a27fac83d26 100644
--- a/src/test/perl/PostgreSQL/Test/Utils.pm
+++ b/src/test/perl/PostgreSQL/Test/Utils.pm
@@ -113,6 +113,7 @@ BEGIN
PGCONNECT_TIMEOUT
PGDATA
PGDATABASE
+ PGGSSDELEGATION
PGGSSENCMODE
PGGSSLIB
PGHOSTADDR
diff --git a/src/test/regress/pg_regress.c b/src/test/regress/pg_regress.c
index abf633dc085..a546fc3d34d 100644
--- a/src/test/regress/pg_regress.c
+++ b/src/test/regress/pg_regress.c
@@ -798,6 +798,7 @@ initialize_environment(void)
unsetenv("PGCONNECT_TIMEOUT");
unsetenv("PGDATA");
unsetenv("PGDATABASE");
+ unsetenv("PGGSSDELEGATION");
unsetenv("PGGSSENCMODE");
unsetenv("PGGSSLIB");
/* PGHOSTADDR, see below */
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 02:51:24 +0000