[23:47:33.843](0.026s) # setting up data directory
# Checking port 54978
# Found port 54978
Name: primary
Data directory: /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata
Backup directory: /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/backup
Archive directory: /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/archives
Connection string: port=54978 host=/tmp/HWFkIPqhGc
Log file: /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log
[23:47:33.996](0.153s) # initializing database system by copying initdb template
# Running: cp -RPp /tmp/cirrus-ci-build/tmp_install/initdb-template /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata
# Running: /tmp/cirrus-ci-build/src/test/ssl/../../../src/test/regress/pg_regress --config-auth /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata
### Starting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log -o --cluster-name=primary start
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 31620
[23:47:34.361](0.365s) ok 1 - ssl_library parameter
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 31857
[23:47:35.625](1.264s) # testing password-protected keys
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... stopped waiting
pg_ctl: could not start server
Examine the log output.
# pg_ctl restart failed; see logfile for details: /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log
# No postmaster PID for node "primary"
[23:47:35.959](0.334s) ok 2 - restart fails with password-protected key file with wrong password
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
pg_ctl: PID file "/tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata/postmaster.pid" does not exist
Is server running?
trying to start server anyway
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 31957
[23:47:36.268](0.309s) ok 3 - restart succeeds with password-protected key file
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... stopped waiting
pg_ctl: could not start server
Examine the log output.
# pg_ctl restart failed; see logfile for details: /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log
# No postmaster PID for node "primary"
[23:47:36.491](0.222s) ok 4 - restart fails with incorrect SSL protocol bounds
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
pg_ctl: PID file "/tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata/postmaster.pid" does not exist
Is server running?
trying to start server anyway
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32016
[23:47:36.713](0.222s) ok 5 - restart succeeds with correct SSL protocol bounds
[23:47:36.713](0.000s) # running client tests
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32068
[23:47:37.075](0.362s) ok 6 - server doesn't accept non-SSL connections
[23:47:37.075](0.000s) ok 7 - server doesn't accept non-SSL connections: matches
[23:47:37.198](0.123s) ok 8 - connect without server root cert sslmode=require
[23:47:37.198](0.000s) ok 9 - connect without server root cert sslmode=require: no stderr
[23:47:37.253](0.054s) ok 10 - connect without server root cert sslmode=verify-ca
[23:47:37.253](0.000s) ok 11 - connect without server root cert sslmode=verify-ca: matches
[23:47:37.300](0.048s) ok 12 - connect without server root cert sslmode=verify-full
[23:47:37.301](0.000s) ok 13 - connect without server root cert sslmode=verify-full: matches
[23:47:37.369](0.068s) ok 14 - connect with wrong server root cert sslmode=require
[23:47:37.369](0.000s) ok 15 - connect with wrong server root cert sslmode=require: matches
[23:47:37.436](0.067s) ok 16 - connect with wrong server root cert sslmode=verify-ca
[23:47:37.436](0.000s) ok 17 - connect with wrong server root cert sslmode=verify-ca: matches
[23:47:37.487](0.051s) ok 18 - connect with wrong server root cert sslmode=verify-full
[23:47:37.488](0.000s) ok 19 - connect with wrong server root cert sslmode=verify-full: matches
[23:47:37.537](0.050s) ok 20 - connect with server CA cert, without root CA
[23:47:37.538](0.000s) ok 21 - connect with server CA cert, without root CA: matches
[23:47:37.608](0.071s) ok 22 - connect with correct server CA cert file sslmode=require
[23:47:37.608](0.000s) ok 23 - connect with correct server CA cert file sslmode=require: no stderr
[23:47:37.672](0.064s) ok 24 - connect with correct server CA cert file sslmode=verify-ca
[23:47:37.672](0.000s) ok 25 - connect with correct server CA cert file sslmode=verify-ca: no stderr
[23:47:37.738](0.066s) ok 26 - connect with correct server CA cert file sslmode=verify-full
[23:47:37.739](0.000s) ok 27 - connect with correct server CA cert file sslmode=verify-full: no stderr
[23:47:37.799](0.060s) ok 28 - cert root file that contains two certificates, order 1
[23:47:37.799](0.000s) ok 29 - cert root file that contains two certificates, order 1: no stderr
[23:47:37.848](0.049s) ok 30 - cert root file that contains two certificates, order 2
[23:47:37.848](0.000s) ok 31 - cert root file that contains two certificates, order 2: no stderr
[23:47:37.882](0.035s) ok 32 - connect with sslcertmode=disable
[23:47:37.883](0.000s) ok 33 - connect with sslcertmode=disable: no stderr
[23:47:37.936](0.053s) ok 34 - connect with sslcertmode=allow
[23:47:37.936](0.000s) ok 35 - connect with sslcertmode=allow: no stderr
[23:47:37.977](0.041s) ok 36 - connect with sslcertmode=require fails without a client certificate
[23:47:37.978](0.000s) ok 37 - connect with sslcertmode=require fails without a client certificate: matches
[23:47:38.022](0.045s) ok 38 - sslcrl option with invalid file name
[23:47:38.022](0.000s) ok 39 - sslcrl option with invalid file name: no stderr
[23:47:38.062](0.040s) ok 40 - CRL belonging to a different CA
[23:47:38.062](0.000s) ok 41 - CRL belonging to a different CA: matches
[23:47:38.099](0.036s) ok 42 - directory CRL belonging to a different CA
[23:47:38.099](0.000s) ok 43 - directory CRL belonging to a different CA: matches
[23:47:38.143](0.045s) ok 44 - CRL with a non-revoked cert
[23:47:38.144](0.000s) ok 45 - CRL with a non-revoked cert: no stderr
[23:47:38.213](0.070s) ok 46 - directory CRL with a non-revoked cert
[23:47:38.214](0.000s) ok 47 - directory CRL with a non-revoked cert: no stderr
[23:47:38.259](0.046s) ok 48 - mismatch between host name and server certificate sslmode=require
[23:47:38.259](0.000s) ok 49 - mismatch between host name and server certificate sslmode=require: no stderr
[23:47:38.316](0.056s) ok 50 - mismatch between host name and server certificate sslmode=verify-ca
[23:47:38.316](0.000s) ok 51 - mismatch between host name and server certificate sslmode=verify-ca: no stderr
[23:47:38.346](0.030s) ok 52 - mismatch between host name and server certificate sslmode=verify-full
[23:47:38.347](0.000s) ok 53 - mismatch between host name and server certificate sslmode=verify-full: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32372
[23:47:38.801](0.454s) ok 54 - IP address in the Common Name
[23:47:38.801](0.000s) ok 55 - IP address in the Common Name: no stderr
[23:47:38.881](0.080s) ok 56 - mismatch between host name and server certificate IP address
[23:47:38.881](0.000s) ok 57 - mismatch between host name and server certificate IP address: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32441
[23:47:39.301](0.419s) ok 58 - IP address in a dNSName
[23:47:39.301](0.000s) ok 59 - IP address in a dNSName: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32504
[23:47:39.621](0.321s) ok 60 - host name matching with X.509 Subject Alternative Names 1
[23:47:39.622](0.000s) ok 61 - host name matching with X.509 Subject Alternative Names 1: no stderr
[23:47:39.678](0.056s) ok 62 - host name matching with X.509 Subject Alternative Names 2
[23:47:39.678](0.000s) ok 63 - host name matching with X.509 Subject Alternative Names 2: no stderr
[23:47:39.717](0.039s) ok 64 - host name matching with X.509 Subject Alternative Names wildcard
[23:47:39.717](0.000s) ok 65 - host name matching with X.509 Subject Alternative Names wildcard: no stderr
[23:47:39.762](0.045s) ok 66 - host name not matching with X.509 Subject Alternative Names
[23:47:39.762](0.000s) ok 67 - host name not matching with X.509 Subject Alternative Names: matches
[23:47:39.830](0.068s) ok 68 - host name not matching with X.509 Subject Alternative Names wildcard
[23:47:39.830](0.000s) ok 69 - host name not matching with X.509 Subject Alternative Names wildcard: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32585
[23:47:40.130](0.300s) ok 70 - host name matching with a single X.509 Subject Alternative Name
[23:47:40.130](0.000s) ok 71 - host name matching with a single X.509 Subject Alternative Name: no stderr
[23:47:40.218](0.088s) ok 72 - host name not matching with a single X.509 Subject Alternative Name
[23:47:40.218](0.000s) ok 73 - host name not matching with a single X.509 Subject Alternative Name: matches
[23:47:40.293](0.075s) ok 74 - host name not matching with a single X.509 Subject Alternative Name wildcard
[23:47:40.294](0.000s) ok 75 - host name not matching with a single X.509 Subject Alternative Name wildcard: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32667
[23:47:40.729](0.435s) ok 76 - host matching an IPv4 address (Subject Alternative Name 1)
[23:47:40.729](0.000s) ok 77 - host matching an IPv4 address (Subject Alternative Name 1): no stderr
[23:47:40.790](0.060s) ok 78 - host matching an IPv4 address in alternate form (Subject Alternative Name 1)
[23:47:40.790](0.000s) ok 79 - host matching an IPv4 address in alternate form (Subject Alternative Name 1): no stderr
[23:47:40.833](0.043s) ok 80 - host not matching an IPv4 address (Subject Alternative Name 1)
[23:47:40.833](0.000s) ok 81 - host not matching an IPv4 address (Subject Alternative Name 1): matches
[23:47:40.856](0.023s) ok 82 - host matching an IPv6 address (Subject Alternative Name 2)
[23:47:40.856](0.000s) ok 83 - host matching an IPv6 address (Subject Alternative Name 2): no stderr
[23:47:40.893](0.037s) ok 84 - host matching an IPv6 address in alternate form (Subject Alternative Name 2)
[23:47:40.893](0.000s) ok 85 - host matching an IPv6 address in alternate form (Subject Alternative Name 2): no stderr
[23:47:40.954](0.061s) ok 86 - host matching an IPv6 address in mixed form (Subject Alternative Name 2)
[23:47:40.954](0.000s) ok 87 - host matching an IPv6 address in mixed form (Subject Alternative Name 2): no stderr
[23:47:40.982](0.028s) ok 88 - host not matching an IPv6 address (Subject Alternative Name 2)
[23:47:40.982](0.000s) ok 89 - host not matching an IPv6 address (Subject Alternative Name 2): matches
[23:47:41.013](0.031s) ok 90 - IPv6 host with CIDR mask does not match
[23:47:41.014](0.000s) ok 91 - IPv6 host with CIDR mask does not match: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32777
[23:47:41.288](0.274s) ok 92 - certificate with both a CN and SANs 1
[23:47:41.288](0.000s) ok 93 - certificate with both a CN and SANs 1: no stderr
[23:47:41.330](0.043s) ok 94 - certificate with both a CN and SANs 2
[23:47:41.331](0.000s) ok 95 - certificate with both a CN and SANs 2: no stderr
[23:47:41.370](0.039s) ok 96 - certificate with both a CN and SANs ignores CN
[23:47:41.370](0.000s) ok 97 - certificate with both a CN and SANs ignores CN: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32853
[23:47:41.821](0.451s) ok 98 - certificate with both a CN and IP SANs matches CN
[23:47:41.821](0.000s) ok 99 - certificate with both a CN and IP SANs matches CN: no stderr
[23:47:41.876](0.055s) ok 100 - certificate with both a CN and IP SANs matches SAN 1
[23:47:41.876](0.000s) ok 101 - certificate with both a CN and IP SANs matches SAN 1: no stderr
[23:47:41.906](0.030s) ok 102 - certificate with both a CN and IP SANs matches SAN 2
[23:47:41.906](0.000s) ok 103 - certificate with both a CN and IP SANs matches SAN 2: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 32948
[23:47:42.183](0.277s) ok 104 - certificate with both an IP CN and IP SANs 1
[23:47:42.183](0.000s) ok 105 - certificate with both an IP CN and IP SANs 1: no stderr
[23:47:42.243](0.060s) ok 106 - certificate with both an IP CN and IP SANs 2
[23:47:42.243](0.000s) ok 107 - certificate with both an IP CN and IP SANs 2: no stderr
[23:47:42.292](0.048s) ok 108 - certificate with both an IP CN and IP SANs ignores CN
[23:47:42.292](0.000s) ok 109 - certificate with both an IP CN and IP SANs ignores CN: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33018
[23:47:42.568](0.276s) ok 110 - certificate with both an IP CN and DNS SANs matches CN
[23:47:42.568](0.000s) ok 111 - certificate with both an IP CN and DNS SANs matches CN: no stderr
[23:47:42.603](0.034s) ok 112 - certificate with both an IP CN and DNS SANs matches SAN 1
[23:47:42.603](0.000s) ok 113 - certificate with both an IP CN and DNS SANs matches SAN 1: no stderr
[23:47:42.651](0.048s) ok 114 - certificate with both an IP CN and DNS SANs matches SAN 2
[23:47:42.651](0.000s) ok 115 - certificate with both an IP CN and DNS SANs matches SAN 2: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33087
[23:47:42.928](0.277s) ok 116 - server certificate without CN or SANs sslmode=verify-ca
[23:47:42.928](0.000s) ok 117 - server certificate without CN or SANs sslmode=verify-ca: no stderr
[23:47:42.972](0.044s) ok 118 - server certificate without CN or SANs sslmode=verify-full
[23:47:42.972](0.000s) ok 119 - server certificate without CN or SANs sslmode=verify-full: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33147
[23:47:43.349](0.377s) ok 120 - sslrootcert=system does not connect with private CA
[23:47:43.349](0.000s) ok 121 - sslrootcert=system does not connect with private CA: matches
[23:47:43.406](0.057s) ok 122 - sslrootcert=system only accepts sslmode=verify-full
[23:47:43.406](0.000s) ok 123 - sslrootcert=system only accepts sslmode=verify-full: matches
[23:47:43.512](0.106s) ok 124 - sslrootcert=system connects with overridden SSL_CERT_FILE
[23:47:43.512](0.000s) ok 125 - sslrootcert=system connects with overridden SSL_CERT_FILE: no stderr
[23:47:43.596](0.084s) ok 126 - sslrootcert=system defaults to sslmode=verify-full
[23:47:43.596](0.000s) ok 127 - sslrootcert=system defaults to sslmode=verify-full: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33216
[23:47:43.967](0.371s) ok 128 - connects without client-side CRL
[23:47:43.967](0.000s) ok 129 - connects without client-side CRL: no stderr
[23:47:44.030](0.062s) ok 130 - does not connect with client-side CRL file
[23:47:44.030](0.000s) ok 131 - does not connect with client-side CRL file: matches
[23:47:44.100](0.070s) ok 132 - does not connect with client-side CRL directory
[23:47:44.100](0.000s) ok 133 - does not connect with client-side CRL directory: matches
# Running: psql -X -A -F , -P null=_null_ -d sslkey=invalid sslcert=invalid sslrootcert=invalid sslcrl=invalid sslcrldir=invalid user=ssltestuser dbname=trustdb hostaddr=127.0.0.1 host=common-name.pg-ssltest.test sslrootcert=invalid -c SELECT * FROM pg_stat_ssl WHERE pid = pg_backend_pid()
[23:47:44.136](0.036s) ok 134 - pg_stat_ssl view without client certificate: exit code 0
[23:47:44.137](0.000s) ok 135 - pg_stat_ssl view without client certificate: no stderr
[23:47:44.137](0.000s) ok 136 - pg_stat_ssl view without client certificate: matches
[23:47:44.212](0.075s) ok 137 - connection success with correct range of TLS protocol versions
[23:47:44.212](0.000s) ok 138 - connection success with correct range of TLS protocol versions: no stderr
[23:47:44.231](0.018s) ok 139 - connection failure with incorrect range of TLS protocol versions
[23:47:44.231](0.000s) ok 140 - connection failure with incorrect range of TLS protocol versions: matches
[23:47:44.263](0.032s) ok 141 - connection failure with an incorrect SSL protocol minimum bound
[23:47:44.263](0.000s) ok 142 - connection failure with an incorrect SSL protocol minimum bound: matches
[23:47:44.277](0.014s) ok 143 - connection failure with an incorrect SSL protocol maximum bound
[23:47:44.278](0.000s) ok 144 - connection failure with an incorrect SSL protocol maximum bound: matches
[23:47:44.278](0.000s) # running server tests
[23:47:44.327](0.049s) ok 145 - certificate authorization fails without client cert
[23:47:44.328](0.000s) ok 146 - certificate authorization fails without client cert: matches
[23:47:44.380](0.053s) ok 147 - certificate authorization succeeds with correct client cert in PEM format
[23:47:44.380](0.000s) ok 148 - certificate authorization succeeds with correct client cert in PEM format: no stderr
[23:47:44.423](0.043s) ok 149 - certificate authorization succeeds with correct client cert in DER format
[23:47:44.423](0.000s) ok 150 - certificate authorization succeeds with correct client cert in DER format: no stderr
[23:47:44.473](0.050s) ok 151 - certificate authorization succeeds with correct client cert in encrypted PEM format
[23:47:44.474](0.000s) ok 152 - certificate authorization succeeds with correct client cert in encrypted PEM format: no stderr
[23:47:44.517](0.043s) ok 153 - certificate authorization succeeds with correct client cert in encrypted DER format
[23:47:44.517](0.000s) ok 154 - certificate authorization succeeds with correct client cert in encrypted DER format: no stderr
[23:47:44.583](0.066s) ok 155 - certificate authorization succeeds with correct client cert and sslcertmode=require
[23:47:44.583](0.000s) ok 156 - certificate authorization succeeds with correct client cert and sslcertmode=require: no stderr
[23:47:44.637](0.054s) ok 157 - certificate authorization succeeds with correct client cert and sslcertmode=allow
[23:47:44.637](0.000s) ok 158 - certificate authorization succeeds with correct client cert and sslcertmode=allow: no stderr
[23:47:44.699](0.062s) ok 159 - certificate authorization fails with correct client cert and sslcertmode=disable
[23:47:44.699](0.000s) ok 160 - certificate authorization fails with correct client cert and sslcertmode=disable: matches
[23:47:44.754](0.054s) ok 161 - certificate authorization fails with correct client cert and wrong password in encrypted PEM format
[23:47:44.754](0.000s) ok 162 - certificate authorization fails with correct client cert and wrong password in encrypted PEM format: matches
[23:47:44.837](0.083s) ok 163 - certificate authorization succeeds with DN mapping
[23:47:44.837](0.000s) ok 164 - certificate authorization succeeds with DN mapping: no stderr
[23:47:44.838](0.000s) ok 165 - certificate authorization succeeds with DN mapping: log matches
[23:47:44.922](0.084s) ok 166 - certificate authorization succeeds with DN regex mapping
[23:47:44.922](0.000s) ok 167 - certificate authorization succeeds with DN regex mapping: no stderr
[23:47:45.016](0.095s) ok 168 - certificate authorization succeeds with CN mapping
[23:47:45.017](0.000s) ok 169 - certificate authorization succeeds with CN mapping: no stderr
[23:47:45.017](0.000s) ok 170 - certificate authorization succeeds with CN mapping: log matches
[23:47:45.017](0.000s) not ok 171 # TODO & SKIP Need Pty support
[23:47:45.017](0.000s) not ok 172 # TODO & SKIP Need Pty support
[23:47:45.017](0.000s) not ok 173 # TODO & SKIP Need Pty support
[23:47:45.017](0.000s) not ok 174 # TODO & SKIP Need Pty support
# Running: psql -X -A -F , -P null=_null_ -d sslkey=invalid sslcert=invalid sslrootcert=invalid sslcrl=invalid sslcrldir=invalid sslrootcert=ssl/root+server_ca.crt sslmode=require dbname=certdb hostaddr=127.0.0.1 host=localhost user=ssltestuser sslcert=ssl/client.crt  sslkey=/tmp/cirrus-ci-build/src/test/ssl/tmp_check/tmp_test_Raom/client.key -c SELECT * FROM pg_stat_ssl WHERE pid = pg_backend_pid()
[23:47:45.097](0.079s) ok 175 - pg_stat_ssl with client certificate: exit code 0
[23:47:45.097](0.000s) ok 176 - pg_stat_ssl with client certificate: no stderr
[23:47:45.097](0.000s) ok 177 - pg_stat_ssl with client certificate: matches
[23:47:45.162](0.064s) ok 178 - certificate authorization fails because of file permissions
[23:47:45.162](0.000s) ok 179 - certificate authorization fails because of file permissions: matches
[23:47:45.225](0.064s) ok 180 - certificate authorization fails with client cert belonging to another user
[23:47:45.226](0.000s) ok 181 - certificate authorization fails with client cert belonging to another user: matches
[23:47:45.289](0.064s) ok 182 - certificate authorization fails with revoked client cert
[23:47:45.290](0.000s) ok 183 - certificate authorization fails with revoked client cert: matches
[23:47:45.290](0.000s) ok 184 - certificate authorization fails with revoked client cert: log does not match
[23:47:45.366](0.076s) ok 185 - auth_option clientcert=verify-full succeeds with matching username and Common Name
[23:47:45.366](0.000s) ok 186 - auth_option clientcert=verify-full succeeds with matching username and Common Name: no stderr
[23:47:45.366](0.000s) ok 187 - auth_option clientcert=verify-full succeeds with matching username and Common Name: log matches
[23:47:45.436](0.069s) ok 188 - auth_option clientcert=verify-full fails with mismatching username and Common Name
[23:47:45.436](0.000s) ok 189 - auth_option clientcert=verify-full fails with mismatching username and Common Name: matches
[23:47:45.436](0.000s) ok 190 - auth_option clientcert=verify-full fails with mismatching username and Common Name: log does not match
[23:47:45.513](0.077s) ok 191 - auth_option clientcert=verify-ca succeeds with mismatching username and Common Name
[23:47:45.513](0.000s) ok 192 - auth_option clientcert=verify-ca succeeds with mismatching username and Common Name: no stderr
[23:47:45.513](0.000s) ok 193 - auth_option clientcert=verify-ca succeeds with mismatching username and Common Name: log matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33412
[23:47:45.828](0.315s) ok 194 - intermediate client certificate is provided by client
[23:47:45.829](0.000s) ok 195 - intermediate client certificate is provided by client: no stderr
[23:47:45.908](0.079s) ok 196 - intermediate client certificate is missing
[23:47:45.908](0.000s) ok 197 - intermediate client certificate is missing: matches
[23:47:45.951](0.043s) ok 198 - logged client certificate Subjects are truncated if they're too long
[23:47:45.951](0.000s) ok 199 - logged client certificate Subjects are truncated if they're too long: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33434
[23:47:46.365](0.413s) ok 200 - intermediate client certificate is untrusted
[23:47:46.365](0.000s) ok 201 - intermediate client certificate is untrusted: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33462
[23:47:46.753](0.388s) ok 202 - certificate authorization fails with revoked client cert with server-side CRL directory
[23:47:46.753](0.000s) ok 203 - certificate authorization fails with revoked client cert with server-side CRL directory: matches
[23:47:46.798](0.045s) ok 204 - certificate authorization fails with revoked UTF-8 client cert with server-side CRL directory
[23:47:46.799](0.000s) ok 205 - certificate authorization fails with revoked UTF-8 client cert with server-side CRL directory: matches
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33490
[23:47:47.219](0.420s) not ok 206 - connect with valid stapled ocsp response when sslocspstapling=1
[23:47:47.219](0.000s) 
[23:47:47.219](0.000s) #   Failed test 'connect with valid stapled ocsp response when sslocspstapling=1'
#   at t/001_ssltests.pl line 923.
[23:47:47.219](0.000s) #          got: '2'
#     expected: '0'
[23:47:47.219](0.000s) not ok 207 - connect with valid stapled ocsp response when sslocspstapling=1: no stderr
[23:47:47.219](0.000s) 
[23:47:47.219](0.000s) #   Failed test 'connect with valid stapled ocsp response when sslocspstapling=1: no stderr'
#   at t/001_ssltests.pl line 923.
[23:47:47.220](0.000s) #          got: 'psql: error: connection to server at "127.0.0.1", port 54978 failed: server closed the connection unexpectedly
# 	This probably means the server terminated abnormally
# 	before or while processing the request.
# SSL SYSCALL error: Connection reset by peer'
#     expected: ''
[23:47:47.297](0.077s) ok 208 - connect without requesting ocsp response when sslocspstapling=0
[23:47:47.297](0.000s) ok 209 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33546
[23:47:47.679](0.382s) ok 210 - failed with a revoked ocsp response when sslocspstapling=1
[23:47:47.764](0.084s) ok 211 - connect without requesting ocsp response when sslocspstapling=0
[23:47:47.764](0.000s) ok 212 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33607
[23:47:48.088](0.324s) ok 213 - failed with a revoked ocsp response when sslocspstapling=1
[23:47:48.286](0.198s) ok 214 - connect without requesting ocsp response when sslocspstapling=0
[23:47:48.287](0.000s) ok 215 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33713
[23:47:48.817](0.530s) ok 216 - failed with an expired ocsp response when sslocspstapling=1
[23:47:48.957](0.140s) ok 217 - connect without requesting ocsp response when sslocspstapling=0
[23:47:48.958](0.000s) ok 218 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33786
[23:47:49.284](0.326s) not ok 219 - connect with valid stapled ocsp response when sslocspstapling=1
[23:47:49.284](0.000s) 
[23:47:49.284](0.000s) #   Failed test 'connect with valid stapled ocsp response when sslocspstapling=1'
#   at t/001_ssltests.pl line 1001.
[23:47:49.284](0.000s) #          got: '2'
#     expected: '0'
[23:47:49.284](0.000s) not ok 220 - connect with valid stapled ocsp response when sslocspstapling=1: no stderr
[23:47:49.285](0.000s) 
[23:47:49.285](0.000s) #   Failed test 'connect with valid stapled ocsp response when sslocspstapling=1: no stderr'
#   at t/001_ssltests.pl line 1001.
[23:47:49.285](0.000s) #          got: 'psql: error: connection to server at "127.0.0.1", port 54978 failed: server closed the connection unexpectedly
# 	This probably means the server terminated abnormally
# 	before or while processing the request.
# SSL SYSCALL error: Connection reset by peer'
#     expected: ''
[23:47:49.414](0.130s) ok 221 - connect without requesting ocsp response when sslocspstapling=0
[23:47:49.415](0.000s) ok 222 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33867
[23:47:49.728](0.314s) ok 223 - failed with a revoked ocsp response when sslocspstapling=1
[23:47:49.825](0.097s) ok 224 - connect without requesting ocsp response when sslocspstapling=0
[23:47:49.825](0.000s) ok 225 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33946
[23:47:50.225](0.399s) ok 226 - failed with a revoked ocsp response when sslocspstapling=1
[23:47:50.298](0.073s) ok 227 - connect without requesting ocsp response when sslocspstapling=0
[23:47:50.298](0.000s) ok 228 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 33999
[23:47:50.480](0.183s) ok 229 - failed with an expired ocsp response when sslocspstapling=1
[23:47:50.558](0.078s) ok 230 - connect without requesting ocsp response when sslocspstapling=0
[23:47:50.559](0.000s) ok 231 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down.... done
server stopped
waiting for server to start.... done
server started
# Postmaster PID for node "primary" is 34040
[23:47:50.935](0.377s) ok 232 - failed with an expired ocsp response when sslocspstapling=1
[23:47:51.034](0.099s) ok 233 - connect without requesting ocsp response when sslocspstapling=0
[23:47:51.034](0.000s) ok 234 - connect without requesting ocsp response when sslocspstapling=0: no stderr
### Restarting node "primary"
# Running: pg_ctl -w -D /tmp/cirrus-ci-build/src/test/ssl/tmp_check/t_001_ssltests_primary_data/pgdata -l /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log restart
waiting for server to shut down... done
server stopped
waiting for server to start.... stopped waiting
pg_ctl: could not start server
Examine the log output.
# pg_ctl restart failed; see logfile for details: /tmp/cirrus-ci-build/src/test/ssl/tmp_check/log/001_ssltests_primary.log
# No postmaster PID for node "primary"
[23:47:51.176](0.141s) Bail out!  pg_ctl restart failed
# No postmaster PID for node "primary"