Skip to content

P
Postgres FD Implementation
Commit a282ee68 authored by Tom Lane's avatar Tom Lane
Browse files
Options

Remove channel binding requirement from clientcert=verify-full test. 

This fails on older OpenSSL versions that lack channel binding
support.  Since that feature is not essential to this test case,
just remove it, instead of complicating matters.  Per buildfarm.

Jacob Champion

Discussion: https://postgr.es/m/fa8dbbb58c20b1d1adf0082769f80d5466eaf485.camel@vmware.com
parent 0d46771e
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
src/test/ssl/t/002_scram.pl
View file @ a282ee68
...@@ -104,8 +104,8 @@ $node->connect_fails( ...@@ -104,8 +104,8 @@ $node->connect_fails(
# Certificate verification at the connection level should still work fine. # Certificate verification at the connection level should still work fine.
$node->connect_ok( $node->connect_ok(
"sslcert=ssl/client.crt sslkey=$client_tmp_key sslrootcert=invalid hostaddr=$SERVERHOSTADDR dbname=verifydb user=ssltestuser channel_binding=require", "sslcert=ssl/client.crt sslkey=$client_tmp_key sslrootcert=invalid hostaddr=$SERVERHOSTADDR dbname=verifydb user=ssltestuser",
"SCRAM with clientcert=verify-full and channel_binding=require", "SCRAM with clientcert=verify-full",
log_like => [ log_like => [
qr/connection authenticated: identity="ssltestuser" method=scram-sha-256/ qr/connection authenticated: identity="ssltestuser" method=scram-sha-256/
]); ]);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment