0001-fix-ssl-test-on-openssl-4.0.patch
application/octet-stream
Filename: 0001-fix-ssl-test-on-openssl-4.0.patch
Type: application/octet-stream
Part: 0
Message:
Re: PostgreSQL and OpenSSL 4.0.0
Patch
Same data as JSON:
GET /api/v1/attachments/:id/patch
the parsed metadata as JSON — format, series position, per-file stats; never the diff bytes.
API reference →
Format: format-patch
Series: patch 0001
Subject: support OpenSSL 4.0.0 style revocation message:
| File | + | − |
|---|---|---|
| src/test/ssl/t/001_ssltests.pl | 3 | 3 |
From f73b87ea3036f3cebc9aa4f16d41e07d7af1b166 Mon Sep 17 00:00:00 2001
From: Cary Huang <hcary328@gmail.com>
Date: Thu, 7 May 2026 12:24:27 -0700
Subject: [PATCH] support OpenSSL 4.0.0 style revocation message:
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
OpenSSL 4.0 reports revoked certificates as “tls alert certificate revoked”
instead of “ssl... alert certificate revoked”. Update the test regex to accept
both variants to avoid false failures.
---
src/test/ssl/t/001_ssltests.pl | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl
index 0af887caa6..b12ad1f8df 100644
--- a/src/test/ssl/t/001_ssltests.pl
+++ b/src/test/ssl/t/001_ssltests.pl
@@ -885,7 +885,7 @@ $node->connect_fails(
"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt "
. sslkey('client-revoked.key'),
"certificate authorization fails with revoked client cert",
- expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
+ expected_stderr => qr|SSL error: (?:ssl\|tls)[a-z0-9/]* alert certificate revoked|,
log_like => [
qr{Client certificate verification failed at depth 0: certificate revoked},
qr{Failed certificate data \(unverified\): subject "/CN=ssltestuser", serial number \d+, issuer "/CN=Test CA for PostgreSQL SSL regression test client certs"},
@@ -987,7 +987,7 @@ $node->connect_fails(
"$common_connstr user=ssltestuser sslcert=ssl/client-revoked.crt "
. sslkey('client-revoked.key'),
"certificate authorization fails with revoked client cert with server-side CRL directory",
- expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
+ expected_stderr => qr|SSL error: (?:ssl\|tls)[a-z0-9/]* alert certificate revoked|,
log_like => [
qr{Client certificate verification failed at depth 0: certificate revoked},
qr{Failed certificate data \(unverified\): subject "/CN=ssltestuser", serial number \d+, issuer "/CN=Test CA for PostgreSQL SSL regression test client certs"},
@@ -998,7 +998,7 @@ $node->connect_fails(
"$common_connstr user=ssltestuser sslcert=ssl/client-revoked-utf8.crt "
. sslkey('client-revoked-utf8.key'),
"certificate authorization fails with revoked UTF-8 client cert with server-side CRL directory",
- expected_stderr => qr|SSL error: ssl[a-z0-9/]* alert certificate revoked|,
+ expected_stderr => qr|SSL error: (?:ssl\|tls)[a-z0-9/]* alert certificate revoked|,
log_like => [
qr{Client certificate verification failed at depth 0: certificate revoked},
qr{Failed certificate data \(unverified\): subject "/CN=\\xce\\x9f\\xce\\xb4\\xcf\\x85\\xcf\\x83\\xcf\\x83\\xce\\xad\\xce\\xb1\\xcf\\x82", serial number \d+, issuer "/CN=Test CA for PostgreSQL SSL regression test client certs"},
--
2.34.1