From a1b394bcb04a47a7441888891ec7c7cf8ff014ae Mon Sep 17 00:00:00 2001
From: Zoran Regvart <zoran@regvart.com>
Date: Thu, 5 Jun 2025 15:06:04 +0200
Subject: [PATCH] Test for `sslinline=true` feature

I've found no test for the `sslinline=true` feature, so I added one.
---
 ssl_test.go | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/ssl_test.go b/ssl_test.go
index 4c631b81..65c222f1 100644
--- a/ssl_test.go
+++ b/ssl_test.go
@@ -300,6 +300,45 @@ func TestSSLClientCertificates(t *testing.T) {
 	}
 }
 
+// Authenticate over SSL using inline client certificates
+func TestSSLInlineClientCertificates(t *testing.T) {
+	maybeSkipSSLTests(t)
+	// Environment sanity check: should fail without SSL
+	checkSSLSetup(t, "sslmode=disable user=pqgossltest")
+
+	certpath, ok := os.LookupEnv("PQSSLCERTTEST_PATH")
+	if !ok {
+		t.Fatalf("PQSSLCERTTEST_PATH not present in environment")
+	}
+
+	sslcertBytes, err := os.ReadFile(filepath.Join(certpath, "postgresql.crt"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	sslcert := string(sslcertBytes)
+
+	sslkeyBytes, err := os.ReadFile(filepath.Join(certpath, "postgresql.key"))
+	if err != nil {
+		t.Fatal(err)
+	}
+	sslkey := string(sslkeyBytes)
+
+	if db, err := openSSLConn(t, "sslmode=require user=pqgosslcert sslinline=true sslcert='"+sslcert+"' sslkey='"+sslkey+"'"); err != nil {
+		t.Fatal(err)
+	} else {
+		rows, err := db.Query("SELECT 1")
+		if err != nil {
+			t.Fatal(err)
+		}
+		if err := rows.Close(); err != nil {
+			t.Fatal(err)
+		}
+		if err := db.Close(); err != nil {
+			t.Fatal(err)
+		}
+	}
+}
+
 // Check that clint sends SNI data when `sslsni` is not disabled
 func TestSNISupport(t *testing.T) {
 	t.Parallel()