| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | Peter Eisentraut <peter(dot)eisentraut(at)enterprisedb(dot)com>, Jacob Champion <jchampion(at)timescale(dot)com>, "Gregory Stark (as CFM)" <stark(dot)cfm(at)gmail(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Magnus Hagander <magnus(at)hagander(dot)net>, Michael Paquier <michael(at)paquier(dot)xyz>, thomas(at)habets(dot)se, Bruce Momjian <bruce(at)momjian(dot)us>, Andrew Dunstan <andrew(at)dunslane(dot)net>, Jelte Fennema <postgres(at)jeltef(dot)nl> |
| Subject: | Re: [PATCH] Add `verify-system` sslmode to use system CA pool for server cert |
| Date: | 2023-04-12 20:56:48 |
| Message-ID: | 1180941.1681333008@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Oh! I was a little behind on MacPorts updates, and after
pulling the latest (taking their openssl from 3.0.8 to 3.1.0)
I can duplicate Peter's problem:
# +++ tap check in src/test/ssl +++
t/001_ssltests.pl .. 120/?
# Failed test 'sslrootcert=system does not connect with private CA: matches'
# at t/001_ssltests.pl line 479.
# 'psql: error: connection to server at "127.0.0.1", port 58910 failed: SSL SYSCALL error: Undefined error: 0'
# doesn't match '(?^:SSL error: certificate verify failed)'
t/001_ssltests.pl .. 196/? # Looks like you failed 1 test of 205.
t/001_ssltests.pl .. Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/205 subtests
t/002_scram.pl ..... ok
t/003_sslinfo.pl ... ok
Test Summary Report
-------------------
t/001_ssltests.pl (Wstat: 256 Tests: 205 Failed: 1)
Failed test: 121
Non-zero exit status: 1
Files=3, Tests=247, 14 wallclock secs ( 0.02 usr 0.01 sys + 2.04 cusr 1.54 csys = 3.61 CPU)
Result: FAIL
make: *** [check] Error 1
So whatever this is, it's not strictly Homebrew's issue.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2023-04-12 21:19:23 | Re: Documentation for building with meson |
| Previous Message | Jacob Champion | 2023-04-12 20:52:35 | Re: [PATCH] Add `verify-system` sslmode to use system CA pool for server cert |