(t *testing.T)
| 150 | } |
| 151 | |
| 152 | func TestConnectChannelBinding(t *testing.T) { |
| 153 | t.Parallel() |
| 154 | |
| 155 | t.Run("RequireFailsWithoutTLS", func(t *testing.T) { |
| 156 | t.Parallel() |
| 157 | |
| 158 | script := &pgmock.Script{ |
| 159 | Steps: []pgmock.Step{ |
| 160 | pgmock.ExpectAnyMessage(&pgproto3.StartupMessage{ProtocolVersion: pgproto3.ProtocolVersion30, Parameters: map[string]string{}}), |
| 161 | pgmock.SendMessage(&pgproto3.AuthenticationSASL{AuthMechanisms: []string{"SCRAM-SHA-256", "SCRAM-SHA-256-PLUS"}}), |
| 162 | pgmock.WaitForClose(), |
| 163 | }, |
| 164 | } |
| 165 | |
| 166 | ln, err := net.Listen("tcp", "127.0.0.1:") |
| 167 | require.NoError(t, err) |
| 168 | defer ln.Close() |
| 169 | |
| 170 | serverErrChan := make(chan error, 1) |
| 171 | go func() { |
| 172 | defer close(serverErrChan) |
| 173 | |
| 174 | conn, err := ln.Accept() |
| 175 | if err != nil { |
| 176 | serverErrChan <- err |
| 177 | return |
| 178 | } |
| 179 | defer conn.Close() |
| 180 | |
| 181 | err = conn.SetDeadline(time.Now().Add(time.Second * 5)) |
| 182 | if err != nil { |
| 183 | serverErrChan <- err |
| 184 | return |
| 185 | } |
| 186 | |
| 187 | err = script.Run(pgproto3.NewBackend(conn, conn)) |
| 188 | if err != nil { |
| 189 | serverErrChan <- err |
| 190 | return |
| 191 | } |
| 192 | }() |
| 193 | |
| 194 | host, port, _ := strings.Cut(ln.Addr().String(), ":") |
| 195 | connStr := fmt.Sprintf("sslmode=disable host=%s port=%s channel_binding=require", host, port) |
| 196 | |
| 197 | ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) |
| 198 | defer cancel() |
| 199 | |
| 200 | _, err = pgconn.Connect(ctx, connStr) |
| 201 | require.ErrorContains(t, err, "channel binding required but channel binding data is not available") |
| 202 | }) |
| 203 | |
| 204 | t.Run("RequireFailsWithoutServerPlus", func(t *testing.T) { |
| 205 | t.Parallel() |
| 206 | |
| 207 | script := &pgmock.Script{ |
| 208 | Steps: []pgmock.Step{ |
| 209 | pgmock.ExpectAnyMessage(&pgproto3.StartupMessage{ProtocolVersion: pgproto3.ProtocolVersion30, Parameters: map[string]string{}}), |
nothing calls this directly
no test coverage detected