Clean up management of IP addresses in our SSL tests.

Tom Lane <tgl@sss.pgh.pa.us>

Commit: 2bd0735b954b14dcfab85d57fc4a0c7f9826fbb1
Author: Tom Lane <tgl@sss.pgh.pa.us>
Date: 2020-01-07T01:56:32Z
Releases: 13.0
Clean up management of IP addresses in our SSL tests.

Instead of hard-wiring the netmask as /32, allow it to be specified
where we specify the server address.  This will ease changing the
test to use IPv6, when/if somebody wants to do that.

Also remove the hard-wired pg_hba.conf entries for IPv6 (::1/128).
These have never had any usefulness, because the client side
of the tests has always explicitly connected to $SERVERHOSTADDR
which has always been set to IPv4 (127.0.0.1).  All they accomplish
is to break the test on non-IPv6-supporting hosts, and besides
that they violate the express intent of the code to minimize the
server's range of allowed connections.

This could be back-patched, perhaps, but for now I don't see
a need to.

Discussion: https://postgr.es/m/1899.1578356089@sss.pgh.pa.us

Files

PathChange+/−
src/test/ssl/t/001_ssltests.pl modified +4 −1
src/test/ssl/t/002_scram.pl modified +4 −2
src/test/ssl/t/SSLServer.pm modified +13 −14

Discussion

Cited messages not in the archive: 1899.1578356089@sss.pgh.pa.us