Re: Add a test to ldapbindpasswd - Mailing list pgsql-hackers

From Thomas Munro
Subject Re: Add a test to ldapbindpasswd
Date
Msg-id CA+hUKGJdwNiwM5iWXVh050kKw5p3VCMJyoFyCpPbEf6ZNOC1pw@mail.gmail.com
Whole thread Raw
In response to Re: Add a test to ldapbindpasswd  (Andrew Dunstan <andrew@dunslane.net>)
Responses Re: Add a test to ldapbindpasswd
Re: Add a test to ldapbindpasswd
List pgsql-hackers
On Mon, Jan 2, 2023 at 3:04 AM Andrew Dunstan <andrew@dunslane.net> wrote:
> On 2022-12-19 Mo 11:16, Andrew Dunstan wrote:
> > There is currently no test for the use of ldapbindpasswd in the
> > pg_hba.conf file. This patch, mostly the work of John Naylor, remedies that.
> >
> >
>
> This currently has failures on the cfbot for meson builds on FBSD13 and
> Debian Bullseye, but it's not at all clear why. In both cases it fails
> where the ldap server is started.

I think it's failing when using meson.  I guess it fails to fail on
macOS only because you need to add a new path for Homebrew/ARM like
commit 14d63dd2, so it's skipping (it'd be nice if we didn't need
another copy of all that logic).  Trying locally... it looks like
slapd is failing silently, and with some tracing I can see it's
sending an error message to my syslog daemon, which logged:

2023-01-02T07:50:20.853019+13:00 x1 slapd[153599]: main: TLS init def
ctx failed: -1

Ah, it looks like this test is relying on "slapd-certs", which doesn't exist:

tmunro@x1:~/projects/postgresql/build$ ls testrun/ldap/001_auth/data/
ldap.conf  ldappassword  openldap-data  portlock  slapd-certs  slapd.conf
tmunro@x1:~/projects/postgresql/build$ ls testrun/ldap/002_bindpasswd/data/
portlock  slapd.conf

I didn't look closely, but apparently there is something wrong in the
part that copies certs from the ssl test?  Not sure why it works for
autoconf...



pgsql-hackers by date:

Previous
From: Andrew Dunstan
Date:
Subject: Re: Add a test to ldapbindpasswd
Next
From: Tom Lane
Date:
Subject: Re: +infinity for dates and timestamps