From bc678533050a3812dc502b33fb43a68239d6e90c Mon Sep 17 00:00:00 2001 From: Tatsuo Ishii Date: Wed, 27 Aug 2025 10:14:53 +0900 Subject: [PATCH] Test: add ssl_ecdh_curve test to 023.ssl_connection. 023.ssl_connection did not cover the test for ssl_ecdh_curve. This commit tests it using bad ssl_ecdh_curve parameter to see if connection between frontend and pgpool fails. Author: Tatsuo Ishii Backpatch-through: v4.2 --- .../tests/023.ssl_connection/test.sh | 45 +++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/src/test/regression/tests/023.ssl_connection/test.sh b/src/test/regression/tests/023.ssl_connection/test.sh index 17e375339..6b1dbb8af 100755 --- a/src/test/regression/tests/023.ssl_connection/test.sh +++ b/src/test/regression/tests/023.ssl_connection/test.sh @@ -99,4 +99,49 @@ fi echo "Checking SSL connection between Pgpool-II and backend was ok." ./shutdownall + +# Checking ssl_ecdh_curve. Set bad value to see if SSL connection fails. +echo "ssl_ecdh_curve = 'badcurve'" >> etc/pgpool.conf + +./startall +wait_for_pgpool_startup + +$PSQL -h localhost test < result +\conninfo +\q +EOF + +grep SSL result + +if [ $? = 0 ];then + echo "Checking SSL connection between frontend and Pgpool-II succeeded despite bad ssl_ecdh_curve." + ./shutdownall + exit 1 +fi + +echo "Checking SSL connection between frontend and Pgpool-II failed due to bad ssl_ecdh_curve as expected." +./shutdownall + +# Make sure that SSL connection succeeds with good ssl_ecdh_curve +echo "ssl_ecdh_curve = 'prime256v1'" >> etc/pgpool.conf + +./startall +wait_for_pgpool_startup + +$PSQL -h localhost test < result +\conninfo +\q +EOF + +grep SSL result + +if [ $? = 0 ];then + echo "Checking SSL connection between frontend and Pgpool-II succeeded with good ssl_ecdh_curve." + ./shutdownall +else + echo "Checking SSL connection between frontend and Pgpool-II failed with good ssl_ecdh_curve." + ./shutdownall + exit 1 +fi + exit 0 -- 2.39.5