Disable rdns for Kerberos tests

On 21/02/2023 01:35, Stephen Frost wrote:

Greetings,

The name canonicalization support for Kerberos is doing us more harm
than good in the regression tests, so I propose we disable it. Patch
attached.

Thoughts?

Makes sense. A brief comment in 001_auth.pl itself to mention why we
disable rdns would be nice.

- Heikki

Greetings,

* Heikki Linnakangas (hlinnaka@iki.fi) wrote:

On 21/02/2023 01:35, Stephen Frost wrote:

The name canonicalization support for Kerberos is doing us more harm
than good in the regression tests, so I propose we disable it. Patch
attached.

Thoughts?

Makes sense. A brief comment in 001_auth.pl itself to mention why we disable
rdns would be nice.

Thanks for reviewing! Comments added and updated the commit message.

Unless there's anything else, I'll push this early next week.

Thanks again!

Stephen

On 25 February 2023 00:50:30 EET, Stephen Frost <sfrost@snowman.net> wrote:

Thanks for reviewing! Comments added and updated the commit message.

Unless there's anything else, I'll push this early next week.

s/capture portal/captive portal/. Other than that, looks good to me.

- Heikki

Greetings,

* Heikki Linnakangas (hlinnaka@iki.fi) wrote:

On 25 February 2023 00:50:30 EET, Stephen Frost <sfrost@snowman.net> wrote:

Thanks for reviewing! Comments added and updated the commit message.

Unless there's anything else, I'll push this early next week.

s/capture portal/captive portal/. Other than that, looks good to me.

Push, thanks again!

Stephen

Stephen Frost <sfrost@snowman.net> writes:

Push, thanks again!

Why'd you only change HEAD? Isn't the test equally fragile in the
back branches?

regards, tom lane

Greetings,

* Tom Lane (tgl@sss.pgh.pa.us) wrote:

Stephen Frost <sfrost@snowman.net> writes:

Push, thanks again!

Why'd you only change HEAD? Isn't the test equally fragile in the
back branches?

We hadn't had any complaints about it and so I wasn't sure if it was
useful to back-patch it. I'm happy to do so though.

Thanks,

Stephen

Greetings,

* Tom Lane (tgl@sss.pgh.pa.us) wrote:

Stephen Frost <sfrost@snowman.net> writes:

Push, thanks again!

Why'd you only change HEAD? Isn't the test equally fragile in the
back branches?

Following on from this after some additional cross-platform testing,
turns out there's other options we should be disabling in these tests to
avoid depending on DNS for the test.

Attached is another patch which, for me at least, seems to prevent the
tests from causing any DNS requests to happen. This also means that the
tests run in a reasonable time even in cases where DNS is entirely
broken (the resolver set in /etc/resolv.conf doesn't respond).

Barring objections, my plan is to commit this change soon and to
back-patch both patches to supported branches.

Thanks!

Stephen

Greetings,

* Tom Lane (tgl@sss.pgh.pa.us) wrote:

Stephen Frost <sfrost@snowman.net> writes:

Push, thanks again!

Why'd you only change HEAD? Isn't the test equally fragile in the
back branches?

Back-patched.

Thanks!

Stephen

Greetings,

* Stephen Frost (sfrost@snowman.net) wrote:

* Tom Lane (tgl@sss.pgh.pa.us) wrote:

Stephen Frost <sfrost@snowman.net> writes:

Push, thanks again!

Why'd you only change HEAD? Isn't the test equally fragile in the
back branches?

Following on from this after some additional cross-platform testing,
turns out there's other options we should be disabling in these tests to
avoid depending on DNS for the test.

Attached is another patch which, for me at least, seems to prevent the
tests from causing any DNS requests to happen. This also means that the
tests run in a reasonable time even in cases where DNS is entirely
broken (the resolver set in /etc/resolv.conf doesn't respond).

Barring objections, my plan is to commit this change soon and to
back-patch both patches to supported branches.

Done.

Thanks!

Stephen