Clean up management of IP addresses in our SSL tests.
Instead of hard-wiring the netmask as /32, allow it to be specified
where we specify the server address. This will ease changing the
test to use IPv6, when/if somebody wants to do that.
Also remove the hard-wired pg_hba.conf entries for IPv6 (::1/128).
These have never had any usefulness, because the client side
of the tests has always explicitly connected to $SERVERHOSTADDR
which has always been set to IPv4 (127.0.0.1). All they accomplish
is to break the test on non-IPv6-supporting hosts, and besides
that they violate the express intent of the code to minimize the
server's range of allowed connections.
This could be back-patched, perhaps, but for now I don't see
a need to.
Discussion: https://postgr.es/m/1899.1578356089@sss.pgh.pa.us
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/2bd0735b954b14dcfab85d57fc4a0c7f9826fbb1
Modified Files
--------------
src/test/ssl/t/001_ssltests.pl | 5 ++++-
src/test/ssl/t/002_scram.pl | 6 ++++--
src/test/ssl/t/SSLServer.pm | 27 +++++++++++++--------------
3 files changed, 21 insertions(+), 17 deletions(-)