hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MXS-2414: Add test case

Browse Source 
Added a test that checks the host blocking is triggered and it blocks even
successful authentication attemps.
This commit is contained in:
Markus Mäkelä
2019-04-29 11:28:35 +03:00
parent 59be841939
commit 9e85389b80
3 changed files with 56 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
maxscale-system-test/CMakeLists.txt
View File

@ -952,6 +952,9 @@ add_test_executable(mxs1662_pam_admin.cpp mxs1662_pam_admin mxs1662_pam_admin LA
# MXS-2441: Add support for read-only slaves to galeramon # MXS-2441: Add support for read-only slaves to galeramon
add_test_executable(mxs2441_galera_slaves.cpp mxs2441_galera_slaves mxs2441_galera_slaves LABELS REPL_BACKEND GALERA_BACKEND) add_test_executable(mxs2441_galera_slaves.cpp mxs2441_galera_slaves mxs2441_galera_slaves LABELS REPL_BACKEND GALERA_BACKEND)
# MXS-2414: Block host after repeated authentication failures
add_test_executable(mxs2414_host_blocking.cpp mxs2414_host_blocking replication LABELS REPL_BACKEND)
############################################ ############################################
# BEGIN: binlogrouter and avrorouter tests # # BEGIN: binlogrouter and avrorouter tests #
############################################ ############################################

6
maxscale-system-test/mariadb_func.h
View File

@ -342,6 +342,12 @@ public:
return change_user(m_user, m_pw, m_db); return change_user(m_user, m_pw, m_db);
} }
void set_credentials(const std::string& user, const std::string pw)
{
m_user = user;
m_pw = pw;
}
private: private:
std::string m_host; std::string m_host;
int m_port; int m_port;

47
maxscale-system-test/mxs2414_host_blocking.cpp Normal file
View File

@ -0,0 +1,47 @@
/**
* MXS-2414: Block host after repeated authentication failures
* https://jira.mariadb.org/browse/MXS-2414
*/
#include "testconnections.h"
int main(int argc, char* argv[])
{
TestConnections test(argc, argv);
bool found = false;
for (int i = 0; i < 1000; i++)
{
test.set_timeout(30);
auto c = test.maxscales->rwsplit();
c.set_credentials("wrong-user", "wrong-pw");
test.expect(!c.connect(), "Connection should fail");
if (strstr(c.error(), "temporarily blocked due to too many authentication failures"))
{
test.tprintf("Got correct error: %s", c.error());
found = true;
// Make sure some valid logins are blocked. Note that this part is not fully deterministic which
// means we cannot interpret a lack of authentication failures as a sign of a problem. The only
// thing we can check is that, in case an authentication failure occurs, the correct error is
// returned.
for (int j = 0; j < 100; j++)
{
auto c2 = test.maxscales->rwsplit();
if (!c2.connect())
{
test.expect(strstr(c2.error(), "temporarily blocked due to too many authentication failures"),
"The same error should be returned: %s", c2.error());
break;
}
}
break;
}
}
test.expect(found, "Host should be blocked");
return test.global_result;
}