On 2019-04-05 14:48, Stephen Frost wrote: > All of it was built against the OS-provided Kerberos install, and you > got the failure..?
right > On a failure to set up an encrypted connection, we'll actually fall back > to a non-encrypted one using GSSAPI *just* for authentication, which is> why > I was asking if this worked before the encryption patch went in. The tests have always worked before. I've run them probably hundreds of times. > Also, which of the tests are still failing, exactly? The authentication > ones or the encryption ones or both? Only the encryption ones: not ok 1 - GSS-encrypted access # Failed test 'GSS-encrypted access' # at t/002_enc.pl line 170. # got: '2' # expected: '0' ok 2 - GSS encryption disabled not ok 3 - GSS encryption without auth # Failed test 'GSS encryption without auth' # at t/002_enc.pl line 170. # got: '2' # expected: '0' not ok 4 - GSS unencrypted fallback # Failed test 'GSS unencrypted fallback' # at t/002_enc.pl line 170. # got: '2' # expected: '0' ok 5 - GSS unencrypted fallback prevention -- Peter Eisentraut http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
