On 22/06/18 12:07오후, Michael Paquier wrote:
> On Sat, Jun 18, 2022 at 11:06:02AM +0900, Dong Wook Lee wrote:
> > I have written a test for the auth_delay extension before,
> > but if it is okay, can you review it?
>
> +# check enter wrong password
> +my $t0 = [gettimeofday];
> +test_login($node, 'user_role', "wrongpass", 2);
> +my $elapsed = tv_interval($t0, [gettimeofday]);
> +ok($elapsed >= $delay_milliseconds / 1000, "auth_delay $elapsed seconds");
> +
> +# check enter correct password
> +my $t0 = [gettimeofday];
> +test_login($node, 'user_role', "pass", 0);
> +my $elapsed = tv_interval($t0, [gettimeofday]);
> +ok($elapsed < $delay_milliseconds / 1000, "auth_delay $elapsed seconds");
>
> On a slow machine, I suspect that the second test is going to be
> unstable as it would fail if the login attempt (that succeeds) takes
> more than $delay_milliseconds. You could increase more
> delay_milliseconds to leverage that, but it would make the first test
> slower for nothing on faster machines in the case where the
> authentication attempt has failed. I guess that you could leverage
> that by using a large value for delay_milliseconds in the second test,
> because we are never going to wait. For the first test, you could on
> the contrary use a much lower value, still on slow machines it may not
> test what the code path of auth_delay you are willing to test.
>
Thank you for your valuable advice I didn't think about the slow system.
Therefore, in the case of the second test, the time was extended a little.
> As a whole, I am not sure that this is really worth spending cycles on
> when running check-world or similar, and the code of the extension is
> trivial.
Even though it is trivial, I think it would be better if there was a test.
> --
> Michael