Refactoring SSL tests

From: Daniel Gustafsson <daniel(at)yesql(dot)se>
To: PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Refactoring SSL tests
Date: 2022-02-02 13:26:02
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

As part of the NSS patchset (and Secure Transport before that), I had to
refactor the SSL tests to handle different SSL libraries. The current tests
and test module is quite tied to how OpenSSL works wrt setting up the server,
the attached refactors this and abstracts the OpenSSL specifics more like how
the rest of the codebase is set up.

The tight coupling is of course not a problem right now, but I think this patch
has more benefits making it a candidate for going in regardless of the fate of
the NSS patchset. This is essentially the 0002 patch from that patchset with
additional cleanup and documentation:

* switch_server_cert takes a set of named parameters rather than a fixed set
with defaults depending on each other, which made adding ssl_passphrase to it
cumbersome. It also adds readability IMO.

* SSLServer is renamed SSL::Server, which in turn use SSL::Backend::X where X
is the backend pointed to by with_ssl. Each backend will implement its own
module which is responsible for setting up keys/certs and to resolve sslkey
values to their full paths. The idea is that the namespace will also allow for
an SSL::Client in the future when we implment running client tests against
different servers etc.

* The modules are POD documented.

* While not related to the refactor per se, the hardcoded number of planned
tests is removed in favor of calling done_testing().

With this, adding a new SSL library is quite straightforward, I've done the
legwork to test that =)

I opted for avoiding too invasive changes leaving the tests somewhat easy to
compare to back branches.

Thoughts? I'm fairly sure there are many crimes against Perl in this patch,
I'm happy to take pointers on how to improve that.

Daniel Gustafsson

Attachment Content-Type Size
0001-Refactor-SSL-tests.patch application/octet-stream 35.4 KB


Browse pgsql-hackers by date

  From Date Subject
Next Message Robert Haas 2022-02-02 13:27:28 Re: Make relfile tombstone files conditional on WAL level
Previous Message Robert Haas 2022-02-02 13:15:02 Re: make MaxBackends available in _PG_init