Re: Extended test coverage and docs for SSL passphrase commands

Daniel Gustafsson <daniel@yesql.se>

From: Daniel Gustafsson <daniel@yesql.se>
To: Álvaro Herrera <alvherre@kurilemu.de>
Cc: Peter Eisentraut <peter@eisentraut.org>, Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2025-11-12T23:12:19Z
Lists: pgsql-hackers
> On 12 Nov 2025, at 18:47, Álvaro Herrera <alvherre@kurilemu.de> wrote:
> 
> On 2025-Nov-12, Daniel Gustafsson wrote:
> 
>> As far as I know the only way to programmatically learn that from the Perl
>> testcode would be to check for the presence of the CONFIG_EXEC_PARAMS file in
>> $self->data_dir, which should be easy enough to do.  Do you know of a better
>> way?
> 
> We have check_pg_config(), which reads pg_config.h.  For EXEC_BACKEND
> you need pg_config_manual.h,

Right, but they can't be treated the same since EXEC_BACKEND will always be
matched by such a grep and the presence of WIN32 and !__CYGWIN__ mst be tested
for.  Or am I thinking about it the wrong way?  This is why I figured checking
for the exec_params file could be an option, but with the drawback that it
would only work for a running cluster so it wouldn't be a generic function but
coded directly in the SSL TAP test file.

--
Daniel Gustafsson




Commits

  1. doc: Clarify passphrase command reloading on Windows

  2. ssl: Add connection and reload tests for key passphrases

  3. Add GUC to show EXEC_BACKEND state