Improve error matching patterns in the SSL tests
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2021-04-01T02:59:15Z
Lists: pgsql-hackers
Attachments
- ssl-test-tighten.patch (text/x-diff) patch
Hi all, It has been mentioned twice for the last couple of days that some of the SSL tests are not really picky with what they check, which can be annoying when it comes to the testing of other SSL implementations as we cannot really be sure if an error tells more than "SSL error": https://www.postgresql.org/message-id/20210330151507.GA9536@alvherre.pgsql https://www.postgresql.org/message-id/e0f0484a1815b26bb99ef9ddc7a110dfd6425931.camel@vmware.com Please find attached a patch to tighten a bit all that. The errors produced by OpenSSL down to 1.0.1 are the same. I have noticed one extra place where we just check for a FATAL, where the trust authentication failed after a CN mismatch. Thoughts? -- Michael
Commits
-
Use more verbose matching patterns for errors in SSL TAP tests
- 8d3a4c3eae53 14.0 landed