Skip to content

Commit

Permalink
Adjust tests with dedicated ssl certificate to fetch it from the test…
Browse files Browse the repository at this point in the history
… directory

This is important if RUBY_PG_TEST_DIR is set to a different directory.

Fixes #576
  • Loading branch information
larskanis committed Aug 11, 2024
1 parent 0f387c0 commit cb81279
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 15 deletions.
27 changes: 14 additions & 13 deletions spec/helpers.rb
Original file line number Diff line number Diff line change
Expand Up @@ -247,31 +247,32 @@ class PostgresServer
attr_reader :port
attr_reader :conninfo
attr_reader :unix_socket
attr_reader :pgdata

### Set up a PostgreSQL database instance for testing.
def initialize( name, port: 54321, postgresql_conf: '' )
trace "Setting up test database for #{name}"
@name = name
@port = port
@test_dir = TEST_DIRECTORY + "tmp_test_#{@name}"
@test_pgdata = @test_dir + 'data'
@test_pgdata.mkpath
@pgdata = @test_dir + 'data'
@pgdata.mkpath
@pg_bin_dir = nil

@logfile = @test_dir + 'setup.log'
trace "Command output logged to #{@logfile}"

begin
unless (@test_pgdata+"postgresql.conf").exist?
FileUtils.rm_rf( @test_pgdata, :verbose => $DEBUG )
unless (@pgdata+"postgresql.conf").exist?
FileUtils.rm_rf( @pgdata, :verbose => $DEBUG )
trace "Running initdb"
log_and_run @logfile, pg_bin_path('initdb'), '-E', 'UTF8', '--no-locale', '-D', @test_pgdata.to_s
log_and_run @logfile, pg_bin_path('initdb'), '-E', 'UTF8', '--no-locale', '-D', @pgdata.to_s
end

unless (@test_pgdata+"ruby-pg-server-cert").exist?
unless (@pgdata+"ruby-pg-server-cert").exist?
trace "Enable SSL"
# Enable SSL in server config
File.open(@test_pgdata+"postgresql.conf", "a+") do |fd|
File.open(@pgdata+"postgresql.conf", "a+") do |fd|
fd.puts <<-EOT
ssl = on
ssl_ca_file = 'ruby-pg-ca-cert'
Expand All @@ -282,8 +283,8 @@ def initialize( name, port: 54321, postgresql_conf: '' )
end

# Enable MD5 authentication in hba config
hba_content = File.read(@test_pgdata+"pg_hba.conf")
File.open(@test_pgdata+"pg_hba.conf", "w") do |fd|
hba_content = File.read(@pgdata+"pg_hba.conf")
File.open(@pgdata+"pg_hba.conf", "w") do |fd|
fd.puts <<-EOT
# TYPE DATABASE USER ADDRESS METHOD
host all testusermd5 ::1/128 md5
Expand All @@ -292,17 +293,17 @@ def initialize( name, port: 54321, postgresql_conf: '' )
end

trace "Generate certificates"
generate_ssl_certs(@test_pgdata.to_s)
generate_ssl_certs(@pgdata.to_s)
end

trace "Starting postgres"
sopt = "-p #{@port}"
sopt += " -k #{@test_dir.to_s.dump}" unless RUBY_PLATFORM=~/mingw|mswin/i
log_and_run @logfile, pg_bin_path('pg_ctl'), '-w', '-o', sopt,
'-D', @test_pgdata.to_s, 'start'
'-D', @pgdata.to_s, 'start'
sleep 2

td = @test_pgdata
td = @pgdata
@conninfo = "host=localhost port=#{@port} dbname=test sslrootcert=#{td + 'ruby-pg-ca-cert'} sslcert=#{td + 'ruby-pg-client-cert'} sslkey=#{td + 'ruby-pg-client-key'}"
@unix_socket = @test_dir.to_s
rescue => err
Expand Down Expand Up @@ -350,7 +351,7 @@ def connect
def teardown
trace "Tearing down test database for #{@name}"

log_and_run @logfile, pg_bin_path('pg_ctl'), '-D', @test_pgdata.to_s, '-m', 'fast', 'stop'
log_and_run @logfile, pg_bin_path('pg_ctl'), '-D', @pgdata.to_s, '-m', 'fast', 'stop'
end

def pg_bin_path(cmd)
Expand Down
4 changes: 2 additions & 2 deletions spec/pg/connection_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -567,7 +567,7 @@
# Connect with SSL, but use a wrong client cert, so that connection is aborted.
# A second connection is then started with a new IO.
# And since the pipes above were freed in the concurrent thread above, there is a high chance that it's a lower file descriptor than before.
conn = PG.connect( @conninfo + " sslcert=tmp_test_specs/data/ruby-pg-ca-cert" )
conn = PG.connect( @conninfo + " sslcert=#{$pg_server.pgdata}/ruby-pg-ca-cert" )
expect( conn.ssl_in_use? ).to be_falsey

# The new connection should work even when the file descriptor has changed.
Expand All @@ -585,7 +585,7 @@
Thread.new do
Thread.current.report_on_exception = false
expect do
threaded_conn = PG.connect( @conninfo + " sslcert=tmp_test_specs/data/ruby-pg-ca-cert" )
threaded_conn = PG.connect( @conninfo + " sslcert=#{$pg_server.pgdata}/ruby-pg-ca-cert" )
threaded_conn.exec("SELECT 1")
threaded_conn.close
end.not_to raise_error
Expand Down

0 comments on commit cb81279

Please sign in to comment.