Skip to content

Commit af7211e

Browse files
peterepetere
committed
passwordcheck: Add test suite
Also improve one error message. Reviewed-by: David Steele <david@pgmasters.net>
1 parent 8423bf4 commit af7211e

File tree

6 files changed

+50
-1
lines changed

6 files changed

+50
-1
lines changed

contrib/passwordcheck/.gitignore

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
# Generated subdirectories
2+
/log/
3+
/results/
4+
/tmp_check/

contrib/passwordcheck/Makefile

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,11 @@ PGFILEDESC = "passwordcheck - strengthen user password checks"
88
# PG_CPPFLAGS = -DUSE_CRACKLIB '-DCRACKLIB_DICTPATH="/usr/lib/cracklib_dict"'
99
# SHLIB_LINK = -lcrack
1010

11+
REGRESS_OPTS = --temp-config $(srcdir)/passwordcheck.conf
12+
REGRESS = passwordcheck
13+
# disabled because these tests require setting shared_preload_libraries
14+
NO_INSTALLCHECK = 1
15+
1116
ifdef USE_PGXS
1217
PG_CONFIG = pg_config
1318
PGXS := $(shell $(PG_CONFIG) --pgxs)

contrib/passwordcheck/expected/passwordcheck.out

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
CREATE USER regress_user1;
2+
-- ok
3+
ALTER USER regress_user1 PASSWORD 'a_nice_long_password';
4+
-- error: too short
5+
ALTER USER regress_user1 PASSWORD 'tooshrt';
6+
ERROR: password is too short
7+
-- error: contains user name
8+
ALTER USER regress_user1 PASSWORD 'xyzregress_user1';
9+
ERROR: password must not contain user name
10+
-- error: contains only letters
11+
ALTER USER regress_user1 PASSWORD 'alessnicelongpassword';
12+
ERROR: password must contain both letters and nonletters
13+
-- encrypted ok (password is "secret")
14+
ALTER USER regress_user1 PASSWORD 'md51a44d829a20a23eac686d9f0d258af13';
15+
-- error: password is user name
16+
ALTER USER regress_user1 PASSWORD 'md5e589150ae7d28f93333afae92b36ef48';
17+
ERROR: password must not equal user name
18+
DROP USER regress_user1;

contrib/passwordcheck/passwordcheck.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ check_password(const char *username,
7070
if (plain_crypt_verify(username, shadow_pass, username, &logdetail) == STATUS_OK)
7171
ereport(ERROR,
7272
(errcode(ERRCODE_INVALID_PARAMETER_VALUE),
73-
errmsg("password must not contain user name")));
73+
errmsg("password must not equal user name")));
7474
}
7575
else
7676
{

contrib/passwordcheck/passwordcheck.conf

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
shared_preload_libraries = 'passwordcheck'

contrib/passwordcheck/sql/passwordcheck.sql

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
CREATE USER regress_user1;
2+
3+
-- ok
4+
ALTER USER regress_user1 PASSWORD 'a_nice_long_password';
5+
6+
-- error: too short
7+
ALTER USER regress_user1 PASSWORD 'tooshrt';
8+
9+
-- error: contains user name
10+
ALTER USER regress_user1 PASSWORD 'xyzregress_user1';
11+
12+
-- error: contains only letters
13+
ALTER USER regress_user1 PASSWORD 'alessnicelongpassword';
14+
15+
-- encrypted ok (password is "secret")
16+
ALTER USER regress_user1 PASSWORD 'md51a44d829a20a23eac686d9f0d258af13';
17+
18+
-- error: password is user name
19+
ALTER USER regress_user1 PASSWORD 'md5e589150ae7d28f93333afae92b36ef48';
20+
21+
DROP USER regress_user1;

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy