diff options
| -rw-r--r-- | src/test/ssl/t/001_ssltests.pl | 5 | ||||
| -rw-r--r-- | src/test/ssl/t/SSL/Backend/OpenSSL.pm | 18 | ||||
| -rw-r--r-- | src/test/ssl/t/SSL/Server.pm | 17 |
3 files changed, 37 insertions, 3 deletions
diff --git a/src/test/ssl/t/001_ssltests.pl b/src/test/ssl/t/001_ssltests.pl index 8b0de2d8e7e..60b5c3630b0 100644 --- a/src/test/ssl/t/001_ssltests.pl +++ b/src/test/ssl/t/001_ssltests.pl @@ -35,9 +35,8 @@ sub switch_server_cert $ssl_server->switch_server_cert(@_); } -# Determine whether this build uses OpenSSL or LibreSSL. As a heuristic, the -# HAVE_SSL_CTX_SET_CERT_CB macro isn't defined for LibreSSL. -my $libressl = not check_pg_config("#define HAVE_SSL_CTX_SET_CERT_CB 1"); +# Determine whether this build uses OpenSSL or LibreSSL. +my $libressl = $ssl_server->is_libressl; #### Some configuration diff --git a/src/test/ssl/t/SSL/Backend/OpenSSL.pm b/src/test/ssl/t/SSL/Backend/OpenSSL.pm index e044318531f..4159addb700 100644 --- a/src/test/ssl/t/SSL/Backend/OpenSSL.pm +++ b/src/test/ssl/t/SSL/Backend/OpenSSL.pm @@ -26,6 +26,7 @@ package SSL::Backend::OpenSSL; use strict; use warnings FATAL => 'all'; +use PostgreSQL::Test::Utils; use File::Basename; use File::Copy; @@ -205,6 +206,23 @@ sub get_library return $self->{_library}; } +=pod + +=item $backend->library_is_libressl() + +Detect whether the SSL library is LibreSSL. + +=cut + +sub library_is_libressl +{ + my ($self) = @_; + + # The HAVE_SSL_CTX_SET_CERT_CB macro isn't defined for LibreSSL. + # We may eventually need a less-bogus heuristic. + return not check_pg_config("#define HAVE_SSL_CTX_SET_CERT_CB 1"); +} + # Internal method for copying a set of files, taking into account wildcards sub _copy_files { diff --git a/src/test/ssl/t/SSL/Server.pm b/src/test/ssl/t/SSL/Server.pm index 14277418419..33975b28e8c 100644 --- a/src/test/ssl/t/SSL/Server.pm +++ b/src/test/ssl/t/SSL/Server.pm @@ -244,6 +244,23 @@ sub ssl_library =pod +=item $server->is_libressl() + +Detect whether the currently used SSL backend is LibreSSL. +(Ideally we'd not need this hack, but presently we do.) + +=cut + +sub is_libressl +{ + my $self = shift; + my $backend = $self->{backend}; + + return $backend->library_is_libressl(); +} + +=pod + =item switch_server_cert(params) Change the configuration to use the given set of certificate, key, ca and |