On Thu, Dec 04, 2014 at 02:42:41PM +0200, Heikki Linnakangas wrote:
> On 10/06/2014 04:21 PM, Heikki Linnakangas wrote:
> >This probably needs some further cleanup before it's ready for
> >committing. One issues is that it creates a temporary cluster that
> >listens for TCP connections on localhost
Heikki Linnakangas wrote:
> How do people feel about including this test suite in the source tree?
+1
> It's probably not suitable for running as part of "make check-world",
> but it's extremely handy if you're working on a patch related to SSL.
> I'd like to commit this, even if it has some rou
Heikki Linnakangas writes:
> On 10/06/2014 04:21 PM, Heikki Linnakangas wrote:
>> This probably needs some further cleanup before it's ready for
>> committing. One issues is that it creates a temporary cluster that
>> listens for TCP connections on localhost, which isn't safe on a
>> multi-user sy
On Thu, Dec 04, 2014 at 02:42:41PM +0200, Heikki Linnakangas wrote:
> On 10/06/2014 04:21 PM, Heikki Linnakangas wrote:
> >This probably needs some further cleanup before it's ready for
> >committing. One issues is that it creates a temporary cluster that
> >listens for TCP connections on localhost
On 10/06/2014 04:21 PM, Heikki Linnakangas wrote:
Here's a new version of the SSL regression suite I wrote earlier. It now
specifies both host and hostaddr in the connection string as Andres
suggested, so it no longer requires changes to network configuration. I
added a bunch of tests for the SAN
On 08/12/2014 03:53 PM, Heikki Linnakangas wrote:
On 08/12/2014 02:28 PM, Andres Freund wrote:
On 2014-08-12 14:01:18 +0300, Heikki Linnakangas wrote:
Also, to test sslmode=verify-full, where the client checks that the server
certificate's hostname matches the hostname that it connected to, you
On 08/12/2014 02:28 PM, Andres Freund wrote:
On 2014-08-12 14:01:18 +0300, Heikki Linnakangas wrote:
Also, to test sslmode=verify-full, where the client checks that the server
certificate's hostname matches the hostname that it connected to, you need
to have two aliases for the same server, one
On 2014-08-12 14:01:18 +0300, Heikki Linnakangas wrote:
> On 08/05/2014 10:46 PM, Robert Haas wrote:
> >Why can't you make it work over 127.0.0.1?
>
> I wanted it to be easy to run the client and the server on different hosts.
> As soon as we have more than one SSL implementation, it would be real
On 08/05/2014 10:46 PM, Robert Haas wrote:
On Mon, Aug 4, 2014 at 10:38 AM, Heikki Linnakangas
wrote:
Now that we use TAP for testing client tools, I think we can use that to
test various SSL options too. I came up with the attached. Comments?
It currently assumes that the client's and the ser
On Mon, Aug 4, 2014 at 10:38 AM, Heikki Linnakangas
wrote:
> Now that we use TAP for testing client tools, I think we can use that to
> test various SSL options too. I came up with the attached. Comments?
>
> It currently assumes that the client's and the server's hostnames are
> "postgres-client.
While working on the SSL refactoring patch, it struck me that we don't
have any regression tests for SSL support. A suite to test all the
different sslmodes etc. is essential before we can start implementing
alternatives to OpenSSL.
Now that we use TAP for testing client tools, I think we can
11 matches
Mail list logo