Make "kerberos" test suite independent of "localhost" name resolution.

This suite malfunctioned if the canonical name of "localhost" was something other than "localhost", such as "localhost.localdomain". Use hostaddr=127.0.0.1 and a fictitious host=, so the resolver's answers for "localhost" don't affect the outcome. Back-patch to v11, which introduced this test suite. Discussion: https://postgr.es/m/20180801050903.GA1392916@rfd.leadboat.com

Make "kerberos" test suite independent of "localhost" name resolution.
75224ac2 · Noah Misch · b9612e5c · 75224ac2
Commit 75224ac2 authored 6 years ago by Noah Misch
--- a/src/test/kerberos/t/001_auth.pl
+++ b/src/test/kerberos/t/001_auth.pl
@@ -48,6 +48,8 @@ if ($krb5_sbin_dir && -d $krb5_sbin_dir)
 	$krb5kdc      = $krb5_sbin_dir . '/' . $krb5kdc;
 }

+my $host     = 'auth-test-localhost.postgresql.example.com';
+my $hostaddr = '127.0.0.1';
 my $realm = 'EXAMPLE.COM';

 my $krb5_conf   = "${TestLib::tmp_check}/krb5.conf";
@@ -80,7 +82,7 @@ default_realm = $realm

 [realms]
 $realm = {
-    kdc = localhost:$kdc_port
+    kdc = $hostaddr:$kdc_port
 }!);

 append_to_file(
@@ -94,8 +96,8 @@ if ($krb5_version >= 1.15)
 {
 	append_to_file(
 		$kdc_conf,
-		qq!kdc_listen = localhost:$kdc_port
-kdc_tcp_listen = localhost:$kdc_port
+		qq!kdc_listen = $hostaddr:$kdc_port
+kdc_tcp_listen = $hostaddr:$kdc_port
 !);
 }
 else
@@ -122,7 +124,7 @@ mkdir $kdc_datadir or die;
 $ENV{'KRB5_CONFIG'}      = $krb5_conf;
 $ENV{'KRB5_KDC_PROFILE'} = $kdc_conf;

-my $service_principal = "$ENV{with_krb_srvnam}/localhost";
+my $service_principal = "$ENV{with_krb_srvnam}/$host";

 system_or_bail $kdb5_util, 'create', '-s', '-P', 'secret0';

@@ -143,7 +145,7 @@ note "setting up PostgreSQL instance";

 my $node = get_new_node('node');
 $node->init;
-$node->append_conf('postgresql.conf', "listen_addresses = 'localhost'");
+$node->append_conf('postgresql.conf', "listen_addresses = '$hostaddr'");
 $node->append_conf('postgresql.conf', "krb_server_keyfile = '$keytab'");
 $node->start;

@@ -160,7 +162,8 @@ sub test_access
 		'postgres',
 		'SELECT 1',
 		extra_params => [
-			'-d', $node->connstr('postgres') . ' host=localhost',
+			'-d',
+			$node->connstr('postgres') . " host=$host hostaddr=$hostaddr",
 			'-U', $role
 		]);
 	is($res, $expected_res, $test_name);
@@ -168,7 +171,8 @@ sub test_access
 }

 unlink($node->data_dir . '/pg_hba.conf');
-$node->append_conf('pg_hba.conf', qq{host all all localhost gss map=mymap});
+$node->append_conf('pg_hba.conf',
+	qq{host all all $hostaddr/32 gss map=mymap});
 $node->restart;

 test_access($node, 'test1', 2, 'fails without ticket');
@@ -185,7 +189,7 @@ test_access($node, 'test1', 0, 'succeeds with mapping');
 truncate($node->data_dir . '/pg_ident.conf', 0);
 unlink($node->data_dir . '/pg_hba.conf');
 $node->append_conf('pg_hba.conf',
-	qq{host all all localhost gss include_realm=0});
+	qq{host all all $hostaddr/32 gss include_realm=0});
 $node->restart;

 test_access($node, 'test1', 0, 'succeeds with include_realm=0');