NotificationsYou must be signed in to change notification settings
Fork6
Star31

Commit91102da

committed

In SSL tests, don't scribble on permissions of a repo file.

Modifying the permissions of a persistent file isn't really much nicerthan modifying its contents, even if git doesn't currently notice it.Adjust the test script to make a copy and set the permissions of thatinstead.Michael Paquier, per a gripe from me. Back-patch to 9.5 where thesetests were introduced.Discussion:https://postgr.es/m/14836.1494885946@sss.pgh.pa.us

1 parent6accefd commit91102daCopy full SHA for 91102da

File tree

2 files changed

+13

-9

lines changed

src/test/ssl
- ssl
  - .gitignore
- t
  - 001_ssltests.pl

2 files changed

+13

-9

lines changed

`‎src/test/ssl/ssl/.gitignore`

Lines changed: 3 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
`1`		`-*.old`
`2`		`-new_certs_dir`
	`1`	`+/*.old`
	`2`	`+/new_certs_dir/`
	`3`	`+/client_tmp.key`

`‎src/test/ssl/t/001_ssltests.pl`

Lines changed: 10 additions & 7 deletions

Original file line number	Diff line number	Diff line change
`@@ -66,10 +66,10 @@ sub test_connect_fails`
`66`	`66`	`ok(!$result,"$connstr (should fail)");`
`67`	`67`	`}`
`68`	`68`
`69`		`-# The client's private key must not be world-readable. Git doesn't track`
`70`		`-#permissions (except for the executable bit), so they might be wrong after`
`71`		`-# a checkout.`
`72`		`-chmod 0600,"ssl/client.key";`
	`69`	`+# The client's private key must not be world-readable, so take a copy`
	`70`	`+#of the key stored in the code tree and update its permissions.`
	`71`	`+copy("ssl/client.key","ssl/client_tmp.key");`
	`72`	`+chmod 0600,"ssl/client_tmp.key";`
`73`	`73`
`74`	`74`	`#### Part 0. Set up the server.`
`75`	`75`
`@@ -229,11 +229,11 @@ sub test_connect_fails`
`229`	`229`
`230`	`230`	`# correct client cert`
`231`	`231`	`test_connect_ok(`
`232`		`-"user=ssltestuser sslcert=ssl/client.crt sslkey=ssl/client.key");`
	`232`	`+"user=ssltestuser sslcert=ssl/client.crt sslkey=ssl/client_tmp.key");`
`233`	`233`
`234`	`234`	`# client cert belonging to another user`
`235`	`235`	`test_connect_fails(`
`236`		`-"user=anotheruser sslcert=ssl/client.crt sslkey=ssl/client.key");`
	`236`	`+"user=anotheruser sslcert=ssl/client.crt sslkey=ssl/client_tmp.key");`
`237`	`237`
`238`	`238`	`# revoked client cert`
`239`	`239`	`test_connect_fails(`
`@@ -243,7 +243,10 @@ sub test_connect_fails`
`243`	`243`	`# intermediate client_ca.crt is provided by client, and isn't in server's ssl_ca_file`
`244`	`244`	`switch_server_cert($node,'server-cn-only','root_ca');`
`245`	`245`	`$common_connstr =`
`246`		`-"user=ssltestuser dbname=certdb sslkey=ssl/client.key sslrootcert=ssl/root+server_ca.crt hostaddr=$SERVERHOSTADDR";`
	`246`	`+"user=ssltestuser dbname=certdb sslkey=ssl/client_tmp.key sslrootcert=ssl/root+server_ca.crt hostaddr=$SERVERHOSTADDR";`
`247`	`247`
`248`	`248`	`test_connect_ok("sslmode=require sslcert=ssl/client+client_ca.crt");`
`249`	`249`	`test_connect_fails("sslmode=require sslcert=ssl/client.crt");`
	`250`	`+`
	`251`	`+# clean up`
	`252`	`+unlink"ssl/client_tmp.key";`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit91102da

File tree

2 files changed

2 files changed

`‎src/test/ssl/ssl/.gitignore`

`‎src/test/ssl/t/001_ssltests.pl`

0 commit comments