| From: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
|---|---|
| To: | Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: check error messages in SSL tests |
| Date: | 2018-02-23 18:57:44 |
| Message-ID: | 1b2bc8f0-a5c0-d75f-8a42-5234e63afc98@2ndquadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2/22/18 23:58, Michael Paquier wrote:
> One of the tests is failing:
> t/001_ssltests.pl .. 1/62
> # Failed test 'certificate authorization fails with revoked client cert: matches'
> # at /home/XXXX/git/postgres/src/test/ssl/../../../src/test/perl/TestLib.pm line 354.
> # 'psql: private key file "ssl/client-revoked.key" has
> group or world access; permissions should be u=rw (0600) or less
> # '
> # doesn't match '(?^:SSL error)'
> # Looks like you failed 1 test of 62.
> t/001_ssltests.pl .. Dubious, test returned 1 (wstat 256, 0x100)
> Failed 1/62 subtests
>
> This comes from libpq itself, and the tree uses 0644 on this file. You
> just need to update this test so as ssl/client-revoked_tmp.key is used
> instead of ssl/client-revoked.key, and then the tests pass.
Oh. I actually had that file as 0600 in my checked-out tree, probably
from earlier experiments. Fixed that. And I also changed it to make
another temp file that is explicitly 0644, because we can't rely on that
being the default either.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| Attachment | Content-Type | Size |
|---|---|---|
| v2-0001-Check-error-messages-in-SSL-tests.patch | text/plain | 12.7 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter Eisentraut | 2018-02-23 19:09:42 | Re: Translations contributions urgently needed |
| Previous Message | Magnus Hagander | 2018-02-23 18:55:28 | Re: Allow workers to override datallowconn |