diff options
Diffstat (limited to 'src/test/ssl/t/003_sslinfo.pl')
| -rw-r--r-- | src/test/ssl/t/003_sslinfo.pl | 28 |
1 files changed, 13 insertions, 15 deletions
diff --git a/src/test/ssl/t/003_sslinfo.pl b/src/test/ssl/t/003_sslinfo.pl index 72eb6b860c0..96a5db86721 100644 --- a/src/test/ssl/t/003_sslinfo.pl +++ b/src/test/ssl/t/003_sslinfo.pl @@ -12,7 +12,7 @@ use File::Copy; use FindBin; use lib $FindBin::RealBin; -use SSLServer; +use SSL::Server; if ($ENV{with_ssl} ne 'openssl') { @@ -20,6 +20,15 @@ if ($ENV{with_ssl} ne 'openssl') } #### Some configuration +my $ssl_server = SSL::Server->new(); +sub sslkey +{ + return $ssl_server->sslkey(@_); +} +sub switch_server_cert +{ + $ssl_server->switch_server_cert(@_); +} # This is the hostname used to connect to the server. This cannot be a # hostname, because the server certificate is always for the domain @@ -31,17 +40,6 @@ my $SERVERHOSTCIDR = '127.0.0.1/32'; # Allocation of base connection string shared among multiple tests. my $common_connstr; -# The client's private key must not be world-readable, so take a copy -# of the key stored in the code tree and update its permissions. -my $cert_tempdir = PostgreSQL::Test::Utils::tempdir(); -my $client_tmp_key = "$cert_tempdir/client_ext.key"; -copy("ssl/client_ext.key", "$cert_tempdir/client_ext.key") - or die - "couldn't copy ssl/client_ext.key to $cert_tempdir/client_ext.key for permissions change: $!"; -chmod 0600, "$cert_tempdir/client_ext.key" - or die "failed to change permissions on $cert_tempdir/client_ext.key: $!"; -$client_tmp_key =~ s!\\!/!g if $PostgreSQL::Test::Utils::windows_os; - #### Set up the server. note "setting up data directory"; @@ -54,13 +52,13 @@ $ENV{PGHOST} = $node->host; $ENV{PGPORT} = $node->port; $node->start; -configure_test_server_for_ssl($node, $SERVERHOSTADDR, $SERVERHOSTCIDR, +$ssl_server->configure_test_server_for_ssl($node, $SERVERHOSTADDR, $SERVERHOSTCIDR, 'trust', extensions => [ qw(sslinfo) ]); # We aren't using any CRL's in this suite so we can keep using server-revoked # as server certificate for simple client.crt connection much like how the # 001 test does. -switch_server_cert($node, 'server-revoked'); +switch_server_cert($node, certfile => 'server-revoked'); # Set of default settings for SSL parameters in connection string. This # makes the tests protected against any defaults the environment may have @@ -69,7 +67,7 @@ my $default_ssl_connstr = "sslkey=invalid sslcert=invalid sslrootcert=invalid ss $common_connstr = "$default_ssl_connstr sslrootcert=ssl/root+server_ca.crt sslmode=require dbname=certdb hostaddr=$SERVERHOSTADDR host=localhost " . - "user=ssltestuser sslcert=ssl/client_ext.crt sslkey=$client_tmp_key"; + "user=ssltestuser sslcert=ssl/client_ext.crt " . sslkey('client_ext.key'); # Make sure we can connect even though previous test suites have established this $node->connect_ok( |