SSL TAP test fails due to default client certs.
Hello.
While poking at ssl code, I noticed that 002_scram.pl fails if
~/.postgresql/root.crt exists. This has been fixed once but
d6e612f837 reintroduced one. The attached fixes that. Applies to
14devel and 13.
regards.
--
Kyotaro Horiguchi
NTT Open Source Software Center
Attachments:
0001-Avoid-using-foreign-certificates-in-a-ssl-test.patchtext/x-patch; charset=us-asciiDownload+1-2
On Tue, Aug 04, 2020 at 12:00:33PM +0900, Kyotaro Horiguchi wrote:
While poking at ssl code, I noticed that 002_scram.pl fails if
~/.postgresql/root.crt exists. This has been fixed once but
d6e612f837 reintroduced one. The attached fixes that. Applies to
14devel and 13.
Indeed, applied. I can reproduce the failure easily, and bdd6e9b is
the previous fix you are mentioning. It is the only test where we
don't rely on an $common_connstr that sets sslcert and sslrootcert to
an invalid value, so the rest looks fine.
--
Michael
At Tue, 4 Aug 2020 14:43:58 +0900, Michael Paquier <michael@paquier.xyz> wrote in
On Tue, Aug 04, 2020 at 12:00:33PM +0900, Kyotaro Horiguchi wrote:
While poking at ssl code, I noticed that 002_scram.pl fails if
~/.postgresql/root.crt exists. This has been fixed once but
d6e612f837 reintroduced one. The attached fixes that. Applies to
14devel and 13.Indeed, applied. I can reproduce the failure easily, and bdd6e9b is
the previous fix you are mentioning. It is the only test where we
don't rely on an $common_connstr that sets sslcert and sslrootcert to
an invalid value, so the rest looks fine.
Agreed. Thanks for committing!
--
Kyotaro Horiguchi
NTT Open Source Software Center