On Thu, Feb 22, 2018 at 08:34:30AM -0500, Peter Eisentraut wrote:
> I noticed that a couple of test cases in the SSL tests fail to connect
> not for the reason that the tests think they should.  Here is a patch to
> augment the test setup so that a test for connection rejection also
> checks that we get the expected error message.

+1 for the idea.  And good catches.

One of the tests is failing:
t/001_ssltests.pl .. 1/62
#   Failed test 'certificate authorization fails with revoked client cert: 
#   at /home/XXXX/git/postgres/src/test/ssl/../../../src/test/perl/TestLib.pm 
line 354.
#                   'psql: private key file "ssl/client-revoked.key" has
group or world access; permissions should be u=rw (0600) or less
# '
#     doesn't match '(?^:SSL error)'
# Looks like you failed 1 test of 62.
t/001_ssltests.pl .. Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/62 subtests

This comes from libpq itself, and the tree uses 0644 on this file.  You
just need to update this test so as ssl/client-revoked_tmp.key is used
instead of ssl/client-revoked.key, and then the tests pass.

Attachment: signature.asc
Description: PGP signature

Reply via email to