| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: For Kerberos testing, disable reverse DNS lookup |
| Date: | 2023-03-09 15:33:35 |
| Message-ID: | E1paIGs-002hfL-U0@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
For Kerberos testing, disable reverse DNS lookup
In our Kerberos test suite, there isn't much need to worry about the
normal canonicalization that Kerberos provides by looking up the reverse
DNS for the IP address connected to, and in some cases it can actively
cause problems (eg: a captive portal wifi where the normally not
resolvable localhost address used ends up being resolved anyway, and
not to the domain we are using for testing, causing the entire
regression test to fail with errors about not being able to get a TGT
for the remote realm for cross-realm trust).
Therefore, disable it by adding rdns = false into the krb5.conf that's
generated for the test.
Reviewed-By: Heikki Linnakangas
Discussion: https://postgr.es/m/Y/QD2zDkDYQA1GQt(at)tamriel(dot)snowman(dot)net
Branch
------
master
Details
-------
https://git.postgresql.org/pg/commitdiff/8dff2f224f4f49ddd4f45f590e7f46b160a4951b
Modified Files
--------------
src/test/kerberos/t/001_auth.pl | 12 ++++++++++++
1 file changed, 12 insertions(+)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Davis | 2023-03-09 16:40:38 | pgsql: pg_upgrade: copy locale and encoding information to new cluster. |
| Previous Message | Alvaro Herrera | 2023-03-09 11:03:56 | Re: pgsql: 001_libpq_pipeline.pl: use Test::Differences if available |