Add a user that must use ssl for tests

Author: sfackler

.travis/pg_hba.conf

@@ -4,6 +4,11 @@ host    all             md5_user        127.0.0.1/32            md5
 host    all             pass_user       ::1/128                 password
 host    all             md5_user        ::1/128                 md5
 
+hostssl all             ssl_user        127.0.0.1/32            trust
+hostssl all             ssl_user        ::1/128                 trust
+host    all             ssl_user        127.0.0.1/32            reject
+host    all             ssl_user        ::1/128                 reject
+
 # IPv4 local connections:
 host    all             postgres        127.0.0.1/32            trust
 # IPv6 local connections:

.travis/setup.sql

@@ -1,4 +1,5 @@
 CREATE ROLE pass_user PASSWORD 'password' LOGIN;
 CREATE ROLE md5_user PASSWORD 'password' LOGIN;
+CREATE ROLE ssl_user LOGIN;
 CREATE EXTENSION hstore;
 CREATE EXTENSION citext;

postgres-tokio/src/test.rs

@@ -199,6 +199,20 @@ fn unix_socket() {
     l.run(done).unwrap();
 }
 
+#[test]
+fn ssl_user_ssl_required() {
+    let mut l = Core::new().unwrap();
+    let handle = l.handle();
+
+    let done = Connection::connect("postgres://ssl_user@localhost/postgres", TlsMode::None, &handle);
+
+    match l.run(done) {
+        Err(ConnectError::Db(e)) => assert!(e.code == SqlState::InvalidAuthorizationSpecification),
+        Err(e) => panic!("unexpected error {}", e),
+        Ok(_) => panic!("unexpected success"),
+    }
+}
+
 #[cfg(feature = "with-openssl")]
 #[test]
 fn openssl_required() {
@@ -210,7 +224,7 @@ fn openssl_required() {
     let negotiator = OpenSsl::from(builder.build());
 
     let mut l = Core::new().unwrap();
-    let done = Connection::connect("postgres://postgres@localhost",
+    let done = Connection::connect("postgres://ssl_user@localhost/postgres",
                                    TlsMode::Require(Box::new(negotiator)),
                                    &l.handle())
         .then(|c| c.unwrap().prepare("SELECT 1"))