diff options
author | Spencer Jackson <spencer.jackson@mongodb.com> | 2019-12-20 22:16:48 +0000 |
---|---|---|
committer | evergreen <evergreen@mongodb.com> | 2019-12-20 22:16:48 +0000 |
commit | 80ea52dd9008427bc3c10a6c49eb2e38734e9fe4 (patch) | |
tree | df70ec10bd55abedac06439f93ecb46dc2a4539e | |
parent | 5cd7e9a0ca88583ad94243d00032486c0ee9052c (diff) | |
download | mongo-80ea52dd9008427bc3c10a6c49eb2e38734e9fe4.tar.gz |
SERVER-44993 Disable TLS protocol checks on OS X
-rw-r--r-- | jstests/ssl/libs/ssl_helpers.js | 13 | ||||
-rw-r--r-- | jstests/ssl/ssl_count_protocols.js | 4 |
2 files changed, 13 insertions, 4 deletions
diff --git a/jstests/ssl/libs/ssl_helpers.js b/jstests/ssl/libs/ssl_helpers.js index 16657a15b64..c0e8240e669 100644 --- a/jstests/ssl/libs/ssl_helpers.js +++ b/jstests/ssl/libs/ssl_helpers.js @@ -170,8 +170,19 @@ function detectDefaultTLSProtocol() { MongoRunner.stopMongod(conn); + if (getBuildInfo().buildEnvironment.target_os === "osx") { + // OS X only supports TLS 1.0 + assert.neq(0, res["1.0"]); + assert.eq(0, res["1.1"]); + assert.eq(0, res["unknown"]); + assert.eq(0, res["1.2"]); + assert.eq(0, res["1.3"]); + + return "TLS1_0"; + } + // Verify that the default protocol is either TLS1.2 or TLS1.3. - // No supported platform should default to an older protocol version. + // No other platform should default to an older protocol version. assert.eq(0, res["1.0"]); assert.eq(0, res["1.1"]); assert.eq(0, res["unknown"]); diff --git a/jstests/ssl/ssl_count_protocols.js b/jstests/ssl/ssl_count_protocols.js index dcde1b4b69d..f9b4d86ab7c 100644 --- a/jstests/ssl/ssl_count_protocols.js +++ b/jstests/ssl/ssl_count_protocols.js @@ -96,13 +96,11 @@ } runTestWithoutSubset("TLS1_0"); - runTestWithoutSubset("TLS1_1"); - runTestWithoutSubset("TLS1_2"); - runTestWithoutSubset("TLS1_3"); // OpenSSL 0.9.8 on macOS only supports TLS 1.0 if (getBuildInfo().buildEnvironment.target_os !== "osx") { runTestWithoutSubset("TLS1_1"); runTestWithoutSubset("TLS1_2"); + runTestWithoutSubset("TLS1_3"); } })(); |