<div dir="ltr">Hi Tatsuo,<div>Looking at the error in log:</div><div><i>"</i></div><div><i>./test.sh: line 12: ./cert.sh: No such file or directory<br>chmod: cannot access `*.key': No such file or directory<br></i></div><div><i>"</i><br><div>I see one test helper file ( i.e. 'cert.sh' ) is not committed from my patch, because of that ssl artefacts are not generated for test.</div></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Apr 1, 2020 at 9:57 AM Tatsuo Ishii <<a href="mailto:ishii@sraoss.co.jp">ishii@sraoss.co.jp</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Umar,<br>
<br>
Unfortunately the build farm is failing on the new<br>
029.cert_passphrase. Can you please take a look at this?<br>
<br>
> I have committed the patches with small modification. The regression<br>
> test is located in 072 in the patch, which is in the number range for<br>
> bug cases (050 or above). So I changed it to 029.<br>
> <br>
> Also I have added a Japanese document as usual.<br>
> <br>
> Again, thank you!<br>
> <br>
>> Thanks. I will look into this.<br>
>> <br>
>> Best regards,<br>
>> --<br>
>> Tatsuo Ishii<br>
>> SRA OSS, Inc. Japan<br>
>> English: <a href="http://www.sraoss.co.jp/index_en.php" rel="noreferrer" target="_blank">http://www.sraoss.co.jp/index_en.php</a><br>
>> Japanese:<a href="http://www.sraoss.co.jp" rel="noreferrer" target="_blank">http://www.sraoss.co.jp</a><br>
>> <br>
>>> Hi Hackers,<br>
>>> Please find attached test case for SSL Passphrase Support. A new<br>
>>> configuration variable is added 'ssl_passphrase_command'. External command<br>
>>> provided in this variable will be used to get passphrase to decrypt SSL<br>
>>> file(s). As mentioned in last email, If passphrase is required but not<br>
>>> provided using this configuration variable, PgPool will fail to load (<br>
>>> which is same behaviour as of now pgpool 4.1 ).<br>
>>> <br>
>>> Patch Include:<br>
>>> 1. SSL Passphrase call backs implementation<br>
>>> 2. Test cases<br>
>>> 3. Documentation<br>
>>> <br>
>>> Let me know, any feedback/suggestions, or any scenario that I have missed?<br>
>>> <br>
>>> Regards,<br>
>>> Umar Hayat<br>
>>> Principle Software Engineer<br>
>>> EnterpriseDB: <a href="https://www.enterprisedb.com" rel="noreferrer" target="_blank">https://www.enterprisedb.com</a><br>
>>> <br>
>>> <br>
>>> <br>
>>> On Fri, Mar 13, 2020 at 3:03 PM Umar Hayat <<a href="mailto:m.umarkiani@gmail.com" target="_blank">m.umarkiani@gmail.com</a>> wrote:<br>
>>> <br>
>>>> Hi Hackers,<br>
>>>> I am implementing support of SSL passphrase feature for PgPool. If we<br>
>>>> comparing existing PostgreSQL and PgPool implementation of SSL (when<br>
>>>> passphrase is required) :<br>
>>>> PostgreSQL:<br>
>>>> On Server start,<br>
>>>> a) If 'ssl_passphrase_command' defined, It will register call back for<br>
>>>> external command provide<br>
>>>> b) otherwise it will register default, which is *prompting* user to input<br>
>>>> password<br>
>>>> On Reload Configuration,<br>
>>>> a) If 'ssl_passphrase_command' is defined and<br>
>>>> 'ssl_passphrase_command_supports_reload' is define, then use external<br>
>>>> command provided in 'ssl_passphrase_command'<br>
>>>> b) otherwise suppress prompt, and fail intentionally with dummy value.<br>
>>>><br>
>>>> PgPool:<br>
>>>> a) Register dummy implementation and fails in all cases.<br>
>>>><br>
>>>> My question is:<br>
>>>> Should we prompt for pass phrase in any case ? or user must provide<br>
>>>> password via 'ssl_passphrase_command' only. Any suggestions?<br>
>>>> If we should provide prompt, in which scenario ?<br>
>>>><br>
>>>> At the moment, what I implemented is, No prompt in any case.<br>
>>>><br>
>>>> Regards,<br>
>>>> Umar Hayat<br>
>>>> Principle Software Engineer<br>
>>>> EnterpriseDB: <a href="https://www.enterprisedb.com" rel="noreferrer" target="_blank">https://www.enterprisedb.com</a><br>
>>>><br>
>>>><br>
>>>><br>
>>>><br>
>> _______________________________________________<br>
>> pgpool-hackers mailing list<br>
>> <a href="mailto:pgpool-hackers@pgpool.net" target="_blank">pgpool-hackers@pgpool.net</a><br>
>> <a href="http://www.pgpool.net/mailman/listinfo/pgpool-hackers" rel="noreferrer" target="_blank">http://www.pgpool.net/mailman/listinfo/pgpool-hackers</a><br>
> _______________________________________________<br>
> pgpool-hackers mailing list<br>
> <a href="mailto:pgpool-hackers@pgpool.net" target="_blank">pgpool-hackers@pgpool.net</a><br>
> <a href="http://www.pgpool.net/mailman/listinfo/pgpool-hackers" rel="noreferrer" target="_blank">http://www.pgpool.net/mailman/listinfo/pgpool-hackers</a><br>
</blockquote></div>