On 11/10/2016 07:16 AM, Michael Paquier wrote:
On Wed, Nov 9, 2016 at 7:46 PM, Andreas Karlsson <andr...@proxel.se> wrote:
Those tests fail due to that listen_addresses cannot be changed on reload so
none of the test cases can even connect to the database. When I hacked
ServerSetup.pm to set the correct listen_address before starting all tests

Hm... listen_addresses remain constant at and setting up
listen_addresses = '*' does not work either.. Perhaps I am missing

When PostgreSQL is started in the tests it by default only listens to a unix socket (except on Windows). It is the call to the restart function in the SSL tests which allows PostgreSQL to receive TCP connections.

Fixing this in the SSL tests will require some refactoring.

It is a bit annoying that if pg_hba.conf contains hostssl then postgres will
refuse to start. Maybe this is something we should also fix in this patch
since now when we can enable SSL after starting it becomes more useful to
not bail on hostssl. What do you think?

I forgot that... There is the same problem today when updating
postgresql.conf and restarting the server if there is an hostssl
entry. Do you have in mind to relax things? It seems to be that the
safest bet is to not reload parameters if ssl is switched from on to
off and if pg_hba.conf has a hostssl entry, right? That complicates
the code though.

I personally think that it would be cleaner and easier to understand if we just do not fail on hostssl lines just because SSL is disabled. A warning should be enough. But I do not have any strong opinions here, and would be fine with leaving the code as-is.

I will look into writing a cleaner patch for ServerSetup.pm some time later
this week.

Thanks. Making the restart/reload OS-dependent will be necessary.
src/test/ssl can run on Windows.

I do not think that this will be an issue with the current design, but I do not have access to a Windows machine for testing.


Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to