DCL: further test for empty authentication data

6 months ago · 4c11ac7b66
parent a1c55b2f16
commit 4c11ac7b66
2 changed files with 26 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -10,8 +10,14 @@ All changes in this project will be noted in this file.

 ### Fixes

+- **Server**:
  - Fixed migration from v1 SE (released with v0.8.0-beta) to v2 SE (released in v0.8.0)
  - Fixed health reporting
+  - Fixed a connection crash (not a server-wide crash) at the pre-connection stage when authentication data
+    was sent incorrectly
+- **CLI**:
+  - Fixed `--eval` output. All server errors are now correctly written to `stderr`
+  - Guard against empty passwords

 ## Version 0.8.0

--- a/server/src/engine/tests/client_misc/sec/mod.rs
+++ b/server/src/engine/tests/client_misc/sec/mod.rs
@ -64,3 +64,21 @@ fn ensure_empty_password_returns_hs_error_5() {
        Error::ConnectionSetupErr(ConnectionSetupError::HandshakeError(5))
    );
 }
+
+#[dbtest(username = "", password = "1234567890")]
+fn ensure_empty_username_returns_hs_error_5() {
+    let db = db_connect!();
+    assert_err_eq!(
+        db,
+        Error::ConnectionSetupErr(ConnectionSetupError::HandshakeError(5))
+    );
+}
+
+#[dbtest(username = "", password = "")]
+fn ensure_empty_username_and_password_returns_hs_error_5() {
+    let db = db_connect!();
+    assert_err_eq!(
+        db,
+        Error::ConnectionSetupErr(ConnectionSetupError::HandshakeError(5))
+    );
+}