Re: SSL regression test suite

On Mon, Aug 4, 2014 at 10:38 AM, Heikki Linnakangas
<hlinnakangas@vmware.com> wrote:
> Now that we use TAP for testing client tools, I think we can use that to
> test various SSL options too. I came up with the attached. Comments?
>
> It currently assumes that the client's and the server's hostnames are
> "postgres-client.test" and "postgres-server.test", respectively. That makes
> it a bit tricky to run on a single systme. The README includes instructions;
> basically you need to set up an additional loopback device, and add entries
> to /etc/hosts for that.

That seems so onerous that I think few people will do it, and not
regularly, resulting in the tests breaking and nobody noticing.
Reconfiguring the loopback interface like that requires root
privilege, and won't survive a reboot, and doing it in the system
configuration will require hackery specific to the particular flavor
of Linux you're running, and probably other hackery on non-Linux
systems (never mind Windows).  Why can't you make it work over
127.0.0.1?

-- 
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company