On 11/09/2016 06:54 AM, Michael Paquier wrote:
It seems to me that this patch is missing something... To begin with,
src/test/ssl/ServerSetup.pm should be patched so as the new SSL
configuration is reloaded after pg_ctl reload, and not after an
instance restart. That's straight-forward:
--- a/src/test/ssl/ServerSetup.pm
+++ b/src/test/ssl/ServerSetup.pm
@@ -96,7 +96,7 @@ sub configure_test_server_for_ssl
    close HBA;

-# Change the configuration to use given server cert file, and restart
+# Change the configuration to use given server cert file, and reload
 # the server so that the configuration takes effect.
 sub switch_server_cert
@@ -115,6 +115,6 @@ sub switch_server_cert
    print SSLCONF "ssl_crl_file='root+client.crl'\n";
    close SSLCONF;

-   # Stop and restart server to reload the new config.
-   $node->restart;
+   # Reload the new configuration set.
+   $node->reload;

Once I did that, half of the tests are failing. And I would have
expected all of them to work properly.

Those tests fail due to that listen_addresses cannot be changed on reload so none of the test cases can even connect to the database. When I hacked ServerSetup.pm to set the correct listen_address before starting all tests pass.

It is a bit annoying that if pg_hba.conf contains hostssl then postgres will refuse to start. Maybe this is something we should also fix in this patch since now when we can enable SSL after starting it becomes more useful to not bail on hostssl. What do you think?

I will look into writing a cleaner patch for ServerSetup.pm some time later this week.


Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to