From cb812797bbd8dba57209e0aac98fed3d010da7e5 Mon Sep 17 00:00:00 2001 From: Lars Kanis Date: Sun, 11 Aug 2024 14:54:03 +0200 Subject: [PATCH] Adjust tests with dedicated ssl certificate to fetch it from the test directory This is important if RUBY_PG_TEST_DIR is set to a different directory. Fixes #576 --- spec/helpers.rb | 27 ++++++++++++++------------- spec/pg/connection_spec.rb | 4 ++-- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/spec/helpers.rb b/spec/helpers.rb index 2db112e04..606c9d54a 100644 --- a/spec/helpers.rb +++ b/spec/helpers.rb @@ -247,6 +247,7 @@ class PostgresServer attr_reader :port attr_reader :conninfo attr_reader :unix_socket + attr_reader :pgdata ### Set up a PostgreSQL database instance for testing. def initialize( name, port: 54321, postgresql_conf: '' ) @@ -254,24 +255,24 @@ def initialize( name, port: 54321, postgresql_conf: '' ) @name = name @port = port @test_dir = TEST_DIRECTORY + "tmp_test_#{@name}" - @test_pgdata = @test_dir + 'data' - @test_pgdata.mkpath + @pgdata = @test_dir + 'data' + @pgdata.mkpath @pg_bin_dir = nil @logfile = @test_dir + 'setup.log' trace "Command output logged to #{@logfile}" begin - unless (@test_pgdata+"postgresql.conf").exist? - FileUtils.rm_rf( @test_pgdata, :verbose => $DEBUG ) + unless (@pgdata+"postgresql.conf").exist? + FileUtils.rm_rf( @pgdata, :verbose => $DEBUG ) trace "Running initdb" - log_and_run @logfile, pg_bin_path('initdb'), '-E', 'UTF8', '--no-locale', '-D', @test_pgdata.to_s + log_and_run @logfile, pg_bin_path('initdb'), '-E', 'UTF8', '--no-locale', '-D', @pgdata.to_s end - unless (@test_pgdata+"ruby-pg-server-cert").exist? + unless (@pgdata+"ruby-pg-server-cert").exist? trace "Enable SSL" # Enable SSL in server config - File.open(@test_pgdata+"postgresql.conf", "a+") do |fd| + File.open(@pgdata+"postgresql.conf", "a+") do |fd| fd.puts <<-EOT ssl = on ssl_ca_file = 'ruby-pg-ca-cert' @@ -282,8 +283,8 @@ def initialize( name, port: 54321, postgresql_conf: '' ) end # Enable MD5 authentication in hba config - hba_content = File.read(@test_pgdata+"pg_hba.conf") - File.open(@test_pgdata+"pg_hba.conf", "w") do |fd| + hba_content = File.read(@pgdata+"pg_hba.conf") + File.open(@pgdata+"pg_hba.conf", "w") do |fd| fd.puts <<-EOT # TYPE DATABASE USER ADDRESS METHOD host all testusermd5 ::1/128 md5 @@ -292,17 +293,17 @@ def initialize( name, port: 54321, postgresql_conf: '' ) end trace "Generate certificates" - generate_ssl_certs(@test_pgdata.to_s) + generate_ssl_certs(@pgdata.to_s) end trace "Starting postgres" sopt = "-p #{@port}" sopt += " -k #{@test_dir.to_s.dump}" unless RUBY_PLATFORM=~/mingw|mswin/i log_and_run @logfile, pg_bin_path('pg_ctl'), '-w', '-o', sopt, - '-D', @test_pgdata.to_s, 'start' + '-D', @pgdata.to_s, 'start' sleep 2 - td = @test_pgdata + td = @pgdata @conninfo = "host=localhost port=#{@port} dbname=test sslrootcert=#{td + 'ruby-pg-ca-cert'} sslcert=#{td + 'ruby-pg-client-cert'} sslkey=#{td + 'ruby-pg-client-key'}" @unix_socket = @test_dir.to_s rescue => err @@ -350,7 +351,7 @@ def connect def teardown trace "Tearing down test database for #{@name}" - log_and_run @logfile, pg_bin_path('pg_ctl'), '-D', @test_pgdata.to_s, '-m', 'fast', 'stop' + log_and_run @logfile, pg_bin_path('pg_ctl'), '-D', @pgdata.to_s, '-m', 'fast', 'stop' end def pg_bin_path(cmd) diff --git a/spec/pg/connection_spec.rb b/spec/pg/connection_spec.rb index fcc277b50..47f4399e9 100644 --- a/spec/pg/connection_spec.rb +++ b/spec/pg/connection_spec.rb @@ -567,7 +567,7 @@ # Connect with SSL, but use a wrong client cert, so that connection is aborted. # A second connection is then started with a new IO. # And since the pipes above were freed in the concurrent thread above, there is a high chance that it's a lower file descriptor than before. - conn = PG.connect( @conninfo + " sslcert=tmp_test_specs/data/ruby-pg-ca-cert" ) + conn = PG.connect( @conninfo + " sslcert=#{$pg_server.pgdata}/ruby-pg-ca-cert" ) expect( conn.ssl_in_use? ).to be_falsey # The new connection should work even when the file descriptor has changed. @@ -585,7 +585,7 @@ Thread.new do Thread.current.report_on_exception = false expect do - threaded_conn = PG.connect( @conninfo + " sslcert=tmp_test_specs/data/ruby-pg-ca-cert" ) + threaded_conn = PG.connect( @conninfo + " sslcert=#{$pg_server.pgdata}/ruby-pg-ca-cert" ) threaded_conn.exec("SELECT 1") threaded_conn.close end.not_to raise_error