diff options
| author | Peter Eisentraut <peter@eisentraut.org> | 2024-03-19 07:01:22 +0100 |
|---|---|---|
| committer | Peter Eisentraut <peter@eisentraut.org> | 2024-03-19 07:09:31 +0100 |
| commit | d56cb42b54381d414f1f30929ca267e4768313c8 (patch) | |
| tree | af3376a5ecf97ed9c2a0bc5a1c6716e6ecae5635 /src/test/ssl/t/SSL/Server.pm | |
| parent | bb5604ba9e53e3a0fb9967f960e36cff4d36b0ab (diff) | |
| download | postgresql-d56cb42b54381d414f1f30929ca267e4768313c8.tar.gz postgresql-d56cb42b54381d414f1f30929ca267e4768313c8.zip | |
Activate perlcritic InputOutput::RequireCheckedSyscalls and fix resulting warnings
This checks that certain I/O-related Perl functions properly check
their return value. Some parts of the PostgreSQL code had been a bit
sloppy about that. The new perlcritic warnings are fixed here. I
didn't design any beautiful error messages, mostly just used "or die
$!", which mostly matches existing code, and also this is
developer-level code, so having the system error plus source code
reference should be ok.
Initially, we only activate this check for a subset of what the
perlcritic check would warn about. The effective list is
chmod flock open read rename seek symlink system
The initial set of functions is picked because most existing code
already checked the return value of those, so any omissions are
probably unintended, or because it seems important for test
correctness.
The actual perlcritic configuration is written as an exclude list.
That seems better so that we are clear on what we are currently not
checking. Maybe future patches want to investigate checking some of
the other functions. (In principle, we might eventually want to check
all of them, but since this is test and build support code, not
production code, there are probably some reasonable compromises to be
made.)
Reviewed-by: Daniel Gustafsson <daniel@yesql.se>
Discussion: https://www.postgresql.org/message-id/flat/88b7d4f2-46d9-4cc7-b1f7-613c90f9a76a%40eisentraut.org
Diffstat (limited to 'src/test/ssl/t/SSL/Server.pm')
| -rw-r--r-- | src/test/ssl/t/SSL/Server.pm | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/test/ssl/t/SSL/Server.pm b/src/test/ssl/t/SSL/Server.pm index 149a9385119..ca4c7b567b3 100644 --- a/src/test/ssl/t/SSL/Server.pm +++ b/src/test/ssl/t/SSL/Server.pm @@ -191,7 +191,7 @@ sub configure_test_server_for_ssl } # enable logging etc. - open my $conf, '>>', "$pgdata/postgresql.conf"; + open my $conf, '>>', "$pgdata/postgresql.conf" or die $!; print $conf "fsync=off\n"; print $conf "log_connections=on\n"; print $conf "log_hostname=on\n"; @@ -204,7 +204,7 @@ sub configure_test_server_for_ssl close $conf; # SSL configuration will be placed here - open my $sslconf, '>', "$pgdata/sslconfig.conf"; + open my $sslconf, '>', "$pgdata/sslconfig.conf" or die $!; close $sslconf; # Perform backend specific configuration @@ -290,7 +290,7 @@ sub switch_server_cert my %params = @_; my $pgdata = $node->data_dir; - open my $sslconf, '>', "$pgdata/sslconfig.conf"; + open my $sslconf, '>', "$pgdata/sslconfig.conf" or die $!; print $sslconf "ssl=on\n"; print $sslconf $backend->set_server_cert(\%params); print $sslconf "ssl_passphrase_command='" @@ -315,7 +315,7 @@ sub _configure_hba_for_ssl # but seems best to keep it as narrow as possible for security reasons. # # When connecting to certdb, also check the client certificate. - open my $hba, '>', "$pgdata/pg_hba.conf"; + open my $hba, '>', "$pgdata/pg_hba.conf" or die $!; print $hba "# TYPE DATABASE USER ADDRESS METHOD OPTIONS\n"; print $hba @@ -337,7 +337,7 @@ sub _configure_hba_for_ssl close $hba; # Also set the ident maps. Note: fields with commas must be quoted - open my $map, ">", "$pgdata/pg_ident.conf"; + open my $map, ">", "$pgdata/pg_ident.conf" or die $!; print $map "# MAPNAME SYSTEM-USERNAME PG-USERNAME\n", "dn \"CN=ssltestuser-dn,OU=Testing,OU=Engineering,O=PGDG\" ssltestuser\n", |