Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit91102da

Browse files
committed
In SSL tests, don't scribble on permissions of a repo file.
Modifying the permissions of a persistent file isn't really much nicerthan modifying its contents, even if git doesn't currently notice it.Adjust the test script to make a copy and set the permissions of thatinstead.Michael Paquier, per a gripe from me. Back-patch to 9.5 where thesetests were introduced.Discussion:https://postgr.es/m/14836.1494885946@sss.pgh.pa.us
1 parent6accefd commit91102da

File tree

2 files changed

+13
-9
lines changed

2 files changed

+13
-9
lines changed

‎src/test/ssl/ssl/.gitignore

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,2 +1,3 @@
1-
*.old
2-
new_certs_dir
1+
/*.old
2+
/new_certs_dir/
3+
/client_tmp.key

‎src/test/ssl/t/001_ssltests.pl

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -66,10 +66,10 @@ sub test_connect_fails
6666
ok(!$result,"$connstr (should fail)");
6767
}
6868

69-
# The client's private key must not be world-readable. Git doesn't track
70-
#permissions (except for the executable bit), so they might be wrong after
71-
# a checkout.
72-
chmod 0600,"ssl/client.key";
69+
# The client's private key must not be world-readable, so take a copy
70+
#of the key stored in the code tree and update its permissions.
71+
copy("ssl/client.key","ssl/client_tmp.key");
72+
chmod 0600,"ssl/client_tmp.key";
7373

7474
#### Part 0. Set up the server.
7575

@@ -229,11 +229,11 @@ sub test_connect_fails
229229

230230
# correct client cert
231231
test_connect_ok(
232-
"user=ssltestuser sslcert=ssl/client.crt sslkey=ssl/client.key");
232+
"user=ssltestuser sslcert=ssl/client.crt sslkey=ssl/client_tmp.key");
233233

234234
# client cert belonging to another user
235235
test_connect_fails(
236-
"user=anotheruser sslcert=ssl/client.crt sslkey=ssl/client.key");
236+
"user=anotheruser sslcert=ssl/client.crt sslkey=ssl/client_tmp.key");
237237

238238
# revoked client cert
239239
test_connect_fails(
@@ -243,7 +243,10 @@ sub test_connect_fails
243243
# intermediate client_ca.crt is provided by client, and isn't in server's ssl_ca_file
244244
switch_server_cert($node,'server-cn-only','root_ca');
245245
$common_connstr =
246-
"user=ssltestuser dbname=certdb sslkey=ssl/client.key sslrootcert=ssl/root+server_ca.crt hostaddr=$SERVERHOSTADDR";
246+
"user=ssltestuser dbname=certdb sslkey=ssl/client_tmp.key sslrootcert=ssl/root+server_ca.crt hostaddr=$SERVERHOSTADDR";
247247

248248
test_connect_ok("sslmode=require sslcert=ssl/client+client_ca.crt");
249249
test_connect_fails("sslmode=require sslcert=ssl/client.crt");
250+
251+
# clean up
252+
unlink"ssl/client_tmp.key";

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp