Thread
Commits
-
Use more verbose matching patterns for errors in SSL TAP tests
- 8d3a4c3eae53 14.0 landed
-
Improve error matching patterns in the SSL tests
Michael Paquier <michael@paquier.xyz> — 2021-04-01T02:59:15Z
Hi all, It has been mentioned twice for the last couple of days that some of the SSL tests are not really picky with what they check, which can be annoying when it comes to the testing of other SSL implementations as we cannot really be sure if an error tells more than "SSL error": https://www.postgresql.org/message-id/20210330151507.GA9536@alvherre.pgsql https://www.postgresql.org/message-id/e0f0484a1815b26bb99ef9ddc7a110dfd6425931.camel@vmware.com Please find attached a patch to tighten a bit all that. The errors produced by OpenSSL down to 1.0.1 are the same. I have noticed one extra place where we just check for a FATAL, where the trust authentication failed after a CN mismatch. Thoughts? -- Michael
-
Re: Improve error matching patterns in the SSL tests
Michael Paquier <michael@paquier.xyz> — 2021-04-05T01:36:01Z
On Thu, Apr 01, 2021 at 11:59:15AM +0900, Michael Paquier wrote: > Please find attached a patch to tighten a bit all that. The errors > produced by OpenSSL down to 1.0.1 are the same. I have noticed one > extra place where we just check for a FATAL, where the trust > authentication failed after a CN mismatch. Sorry for the late reply here. This has been applied as of 8d3a4c3. -- Michael