Test: add ssl_ecdh_curve test to 023.ssl_connection.

023.ssl_connection did not cover the test for ssl_ecdh_curve.  This
commit tests it using bad ssl_ecdh_curve parameter to see if connection
between frontend and pgpool fails.

Author: Tatsuo Ishii <[email protected]>
Backpatch-through: v4.2

diff --git a/src/test/regression/tests/023.ssl_connection/test.sh b/src/test/regression/tests/023.ssl_connection/test.sh
index 5c65a33458225b29b8a40693a00478802f30e3b2..9bb40e2ed9f4b3d9e56715dd652a4f6d79e3c55c 100755 (executable)
--- a/src/test/regression/tests/023.ssl_connection/test.sh
+++ b/src/test/regression/tests/023.ssl_connection/test.sh
@@ -99,4 +99,49 @@ fi
 echo "Checking SSL connection between Pgpool-II and backend was ok."
 
 ./shutdownall
+
+# Checking ssl_ecdh_curve. Set bad value to see if SSL connection fails.
+echo "ssl_ecdh_curve = 'badcurve'" >> etc/pgpool.conf
+
+./startall
+wait_for_pgpool_startup
+
+$PSQL -h localhost test <<EOF > result
+\conninfo
+\q
+EOF
+
+grep SSL result
+
+if [ $? = 0 ];then
+    echo "Checking SSL connection between frontend and Pgpool-II succeeded despite bad ssl_ecdh_curve."
+    ./shutdownall
+    exit 1
+fi
+
+echo "Checking SSL connection between frontend and Pgpool-II failed due to bad ssl_ecdh_curve as expected."
+./shutdownall
+
+# Make sure that SSL connection succeeds with good ssl_ecdh_curve
+echo "ssl_ecdh_curve = 'prime256v1'" >> etc/pgpool.conf
+
+./startall
+wait_for_pgpool_startup
+
+$PSQL -h localhost test <<EOF > result
+\conninfo
+\q
+EOF
+
+grep SSL result
+
+if [ $? = 0 ];then
+    echo "Checking SSL connection between frontend and Pgpool-II succeeded with good ssl_ecdh_curve."
+    ./shutdownall
+else
+    echo "Checking SSL connection between frontend and Pgpool-II failed with good ssl_ecdh_curve."
+    ./shutdownall
+    exit 1
+fi
+
 exit 0