diff options
| author | Sara Golemon <sara.golemon@mongodb.com> | 2018-09-20 14:32:38 +0000 |
|---|---|---|
| committer | Sara Golemon <sara.golemon@mongodb.com> | 2018-09-20 19:26:53 +0000 |
| commit | 64672e68a25e1c4c53a9e1e974036b02fdda2cc5 (patch) | |
| tree | 411d42364df9f566bc04436e1b4bb501cc1bf590 | |
| parent | 630eabac0591f207b29b6be014257387a9a7a904 (diff) | |
| download | mongo-64672e68a25e1c4c53a9e1e974036b02fdda2cc5.tar.gz | |
SERVER-37222 Add ssl* deprecated aliases for tlsClusterCAFile and tlsWithholdClientCertificate
| -rw-r--r-- | jstests/ssl/ssl_withhold_client_cert.js | 8 | ||||
| -rw-r--r-- | src/mongo/util/net/ssl_manager.cpp | 6 | ||||
| -rw-r--r-- | src/mongo/util/net/ssl_options_server.cpp | 4 |
3 files changed, 17 insertions, 1 deletions
diff --git a/jstests/ssl/ssl_withhold_client_cert.js b/jstests/ssl/ssl_withhold_client_cert.js index 3839e5d6aef..e8084c98439 100644 --- a/jstests/ssl/ssl_withhold_client_cert.js +++ b/jstests/ssl/ssl_withhold_client_cert.js @@ -42,4 +42,12 @@ base_options); testRS(test_options, true); + + const depr_options = Object.extend({ + sslAllowConnectionsWithoutCertificates: '', + setParameter: 'sslWithholdClientCertificate=true', + }, + base_options); + + testRS(depr_options, true); }()); diff --git a/src/mongo/util/net/ssl_manager.cpp b/src/mongo/util/net/ssl_manager.cpp index 59601090989..6a4a39c8d2a 100644 --- a/src/mongo/util/net/ssl_manager.cpp +++ b/src/mongo/util/net/ssl_manager.cpp @@ -68,6 +68,12 @@ ExportedServerParameter<bool, ServerParameterType::kStartupOnly> tlsWithholdClie "tlsWithholdClientCertificate", &sslGlobalParams.tlsWithholdClientCertificate); +// Deprecated alias for tlsWithholdClientCertificate +ExportedServerParameter<bool, ServerParameterType::kStartupOnly> sslWithholdClientCertificate( + ServerParameterSet::getGlobal(), + "sslWithholdClientCertificate", + &sslGlobalParams.tlsWithholdClientCertificate); + } // namespace class OpenSSLCipherConfigParameter diff --git a/src/mongo/util/net/ssl_options_server.cpp b/src/mongo/util/net/ssl_options_server.cpp index fa9fe9108ca..2cc64b4926e 100644 --- a/src/mongo/util/net/ssl_options_server.cpp +++ b/src/mongo/util/net/ssl_options_server.cpp @@ -120,7 +120,9 @@ Status addSSLServerOptions(moe::OptionSection* options) { options->addOptionChaining("net.tls.clusterCAFile", "tlsClusterCAFile", moe::String, - "CA used for verifying remotes during outbound connections"); + "CA used for verifying remotes during outbound connections", + {"net.ssl.clusterCAFile"}, + {"sslClusterCAFile"}); options->addOptionChaining("net.tls.CRLFile", "tlsCRLFile", |