From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
---|---|
To: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Refactoring SSL tests |
Date: | 2022-02-02 13:26:02 |
Message-ID: | AA18A362-CA65-4F9A-AF61-76AE318FE97C@yesql.se |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
As part of the NSS patchset (and Secure Transport before that), I had to
refactor the SSL tests to handle different SSL libraries. The current tests
and test module is quite tied to how OpenSSL works wrt setting up the server,
the attached refactors this and abstracts the OpenSSL specifics more like how
the rest of the codebase is set up.
The tight coupling is of course not a problem right now, but I think this patch
has more benefits making it a candidate for going in regardless of the fate of
the NSS patchset. This is essentially the 0002 patch from that patchset with
additional cleanup and documentation:
* switch_server_cert takes a set of named parameters rather than a fixed set
with defaults depending on each other, which made adding ssl_passphrase to it
cumbersome. It also adds readability IMO.
* SSLServer is renamed SSL::Server, which in turn use SSL::Backend::X where X
is the backend pointed to by with_ssl. Each backend will implement its own
module which is responsible for setting up keys/certs and to resolve sslkey
values to their full paths. The idea is that the namespace will also allow for
an SSL::Client in the future when we implment running client tests against
different servers etc.
* The modules are POD documented.
* While not related to the refactor per se, the hardcoded number of planned
tests is removed in favor of calling done_testing().
With this, adding a new SSL library is quite straightforward, I've done the
legwork to test that =)
I opted for avoiding too invasive changes leaving the tests somewhat easy to
compare to back branches.
Thoughts? I'm fairly sure there are many crimes against Perl in this patch,
I'm happy to take pointers on how to improve that.
--
Daniel Gustafsson https://vmware.com/
Attachment | Content-Type | Size |
---|---|---|
0001-Refactor-SSL-tests.patch | application/octet-stream | 35.4 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2022-02-02 13:27:28 | Re: Make relfile tombstone files conditional on WAL level |
Previous Message | Robert Haas | 2022-02-02 13:15:02 | Re: make MaxBackends available in _PG_init |