From c3d41ccf5931a2e587d114d9886717df76459a9d Mon Sep 17 00:00:00 2001 From: Peter Eisentraut Date: Tue, 9 Jan 2018 12:28:49 -0500 Subject: [PATCH] Fix ssl tests for when tls-server-end-point is not supported Add a function to TestLib that allows us to check pg_config.h and then decide the expected test outcome based on that. Author: Michael Paquier --- src/test/perl/TestLib.pm | 19 +++++++++++++++++++ src/test/ssl/t/002_scram.pl | 21 +++++++++++++++++---- 2 files changed, 36 insertions(+), 4 deletions(-) diff --git a/src/test/perl/TestLib.pm b/src/test/perl/TestLib.pm index 72826d5bad..fdd427608b 100644 --- a/src/test/perl/TestLib.pm +++ b/src/test/perl/TestLib.pm @@ -26,6 +26,7 @@ our @EXPORT = qw( slurp_dir slurp_file append_to_file + check_pg_config system_or_bail system_log run_log @@ -221,6 +222,24 @@ sub append_to_file close $fh; } +# Check presence of a given regexp within pg_config.h for the installation +# where tests are running, returning a match status result depending on +# that. +sub check_pg_config +{ + my ($regexp) = @_; + my ($stdout, $stderr); + my $result = IPC::Run::run [ 'pg_config', '--includedir' ], '>', + \$stdout, '2>', \$stderr + or die "could not execute pg_config"; + chomp($stdout); + + open my $pg_config_h, '<', "$stdout/pg_config.h" or die "$!"; + my $match = (grep {/^$regexp/} <$pg_config_h>); + close $pg_config_h; + return $match; +} + # # Test functions # diff --git a/src/test/ssl/t/002_scram.pl b/src/test/ssl/t/002_scram.pl index 3f425e00f0..67c1409a6e 100644 --- a/src/test/ssl/t/002_scram.pl +++ b/src/test/ssl/t/002_scram.pl @@ -11,6 +11,10 @@ use File::Copy; # This is the hostname used to connect to the server. my $SERVERHOSTADDR = '127.0.0.1'; +# Determine whether build supports tls-server-end-point. +my $supports_tls_server_end_point = + check_pg_config("#define HAVE_X509_GET_SIGNATURE_NID 1"); + # Allocation of base connection string shared among multiple tests. my $common_connstr; @@ -44,10 +48,19 @@ test_connect_ok($common_connstr, "SCRAM authentication with tls-unique as channel binding"); test_connect_ok($common_connstr, "scram_channel_binding=''", - "SCRAM authentication without channel binding"); -test_connect_ok($common_connstr, - "scram_channel_binding=tls-server-end-point", - "SCRAM authentication with tls-server-end-point as channel binding"); + "SCRAM authentication without channel binding"); +if ($supports_tls_server_end_point) +{ + test_connect_ok($common_connstr, + "scram_channel_binding=tls-server-end-point", + "SCRAM authentication with tls-server-end-point as channel binding"); +} +else +{ + test_connect_fails($common_connstr, + "scram_channel_binding=tls-server-end-point", + "SCRAM authentication with tls-server-end-point as channel binding"); +} test_connect_fails($common_connstr, "scram_channel_binding=not-exists", "SCRAM authentication with invalid channel binding");