#include <asiolink/io_service.h>
#include <asiolink/process_spawn.h>
+#include <cc/default_credentials.h>
#include <database/database_connection.h>
#include <database/db_log.h>
#include <exceptions/exceptions.h>
using namespace isc;
using namespace isc::asiolink;
+using namespace isc::data;
using namespace std;
namespace isc {
} catch (...) {
// No password. Fine, we'll use NULL
}
+ if (password) {
+ // Refuse default password.
+ DefaultCredentials::check(spassword);
+ }
const char* name = NULL;
string sname;
#include <config.h>
+#include <cc/default_credentials.h>
#include <database/database_connection.h>
#include <exceptions/exceptions.h>
#include <mysql/mysql_connection.h>
}
}
+/// @brief Check the SSL/TLS protected connection refuse default passwords.
+TEST_F(MySqlSecureConnectionTest, TlsDefaultPassword) {
+ SKIP_IF(!hasMySQLTls());
+ std::string conn_str = connectionString(MYSQL_VALID_TYPE, VALID_NAME,
+ VALID_HOST_TCP, VALID_SECURE_USER,
+ DEFAULT_PASSWORD, 0, 0,
+ VALID_CERT, VALID_KEY, VALID_CA,
+ VALID_CIPHER);
+ MySqlConnection conn(DatabaseConnection::parse(conn_str));
+
+ try {
+ conn.openDatabase();
+ } catch (isc::data::DefaultCredential const& exception) {
+ string const message(exception.what());
+ if (message == "illegal use of a default value as credential") {
+ return;
+ }
+ ADD_FAILURE() << "Unexpected exception message '" << message << "'";
+ } catch (exception const& exception) {
+ ADD_FAILURE() << exception.what();
+ }
+}
+
+/// @brief Check the SSL/TLS protected connection refuse default passwords.
+TEST_F(MySqlSecureConnectionTest, noTlsDefaultPassword) {
+ SKIP_IF(hasMySQLTls());
+ std::string conn_str = connectionString(MYSQL_VALID_TYPE, VALID_NAME,
+ VALID_HOST_TCP, VALID_USER,
+ DEFAULT_PASSWORD);
+ MySqlConnection conn(DatabaseConnection::parse(conn_str));
+
+ try {
+ conn.openDatabase();
+ } catch (isc::data::DefaultCredential const& exception) {
+ string const message(exception.what());
+ if (message == "illegal use of a default value as credential") {
+ return;
+ }
+ ADD_FAILURE() << "Unexpected exception message '" << message << "'";
+ } catch (exception const& exception) {
+ ADD_FAILURE() << exception.what();
+ }
+}
+
/// @brief Check the SSL/TLS protected connection requires crypto parameters.
TEST_F(MySqlSecureConnectionTest, TlsNoCrypto) {
SKIP_IF(!hasMySQLTls());
#include <asiolink/io_service.h>
#include <asiolink/process_spawn.h>
+#include <cc/default_credentials.h>
#include <database/database_connection.h>
#include <database/db_exceptions.h>
#include <database/db_log.h>
#include <sstream>
using namespace isc::asiolink;
+using namespace isc::data;
using namespace std;
namespace isc {
} catch(...) {
// No password. Fine, we'll use NULL
}
+ if (!spassword.empty()) {
+ // Refuse default password.
+ DefaultCredentials::check(spassword);
+ }
string sname;
try {
#include <config.h>
+#include <cc/default_credentials.h>
#include <database/db_exceptions.h>
#include <pgsql/pgsql_connection.h>
#include <pgsql/pgsql_exchange.h>
EXPECT_THROW(conn.getConnParameters(), DbInvalidPort);
}
+// Tests that default password causes an error.
+TEST_F(PgSqlConnectionTest, defaultPassword) {
+ std::string conn_str = connectionString(PGSQL_VALID_TYPE, VALID_NAME,
+ VALID_USER, DEFAULT_PASSWORD);
+ PgSqlConnection conn(DatabaseConnection::parse(conn_str));
+ EXPECT_THROW(conn.getConnParameters(), isc::data::DefaultCredential);
+}
+
// Tests that valid connection timeout is accepted.
TEST_F(PgSqlConnectionTest, connectionTimeout) {
std::string conn_str = connectionString(PGSQL_VALID_TYPE, VALID_NAME,
projects / thirdparty / kea.git / commitdiff
