SERVER-57727 race conditions in x509_invalid.js

1 files changed, 47 insertions, 29 deletions

diff --git a/jstests/ssl/x509_invalid.js b/jstests/ssl/x509_invalid.js
index 014d0aa4f62..0e713f8e84d 100644
--- a/jstests/ssl/x509_invalid.js
+++ b/jstests/ssl/x509_invalid.js
@@ -9,13 +9,47 @@ const SERVER_CERT = 'jstests/libs/server.pem';
 const CA_CERT = 'jstests/libs/ca.pem';
 const SELF_SIGNED_CERT = 'jstests/libs/client-self-signed.pem';
 
-function testClient(conn, cert, name, shouldSucceed) {
+function hasX509AuthSucceeded(conn) {
+    if (checkLog.checkContainsOnce(conn, 'Successfully authenticated')) {
+        return true;
+    }
+    if (checkLog.checkContainsOnce(conn, 'No verified subject name available from client')) {
+        return false;
+    }
+    print("Not yet clear what was the result...");
+    return null;
+}
+
+function testClient(cert, name, shouldSucceed) {
+    print("Starting mongod...");
+    const conn = MongoRunner.runMongod({
+        auth: '',
+        sslMode: 'requireSSL',
+        sslPEMKeyFile: SERVER_CERT,
+        sslCAFile: CA_CERT,
+        sslAllowInvalidCertificates: '',
+    });
+
+    print("Creating admin user...");
+    const admin = conn.getDB('admin');
+    admin.createUser({user: "admin", pwd: "admin", roles: ["root"]});
+    admin.auth('admin', 'admin');
+
+    print("Creating external user...");
+    const external = conn.getDB('$external');
+    external.createUser({user: CLIENT_NAME, roles: [{'role': 'readWrite', 'db': 'test'}]});
+
     let auth = {mechanism: 'MONGODB-X509'};
     if (name !== null) {
         auth.user = name;
     }
+
+    print("Running mongo shell script...");
+    if (!shouldSucceed) {
+        print("Note: following shell command is expected to fail");
+    }
+
     const script = 'assert(db.getSiblingDB(\'$external\').auth(' + tojson(auth) + '));';
-    clearRawMongoProgramOutput();
     const exitCode = runMongoProgram('mongo',
                                      '--ssl',
                                      '--sslAllowInvalidHostnames',
@@ -28,35 +62,19 @@ function testClient(conn, cert, name, shouldSucceed) {
                                      '--eval',
                                      script);
 
+    print("Analyzing results...");
     assert.eq(shouldSucceed, exitCode === 0, "exitCode = " + tojson(exitCode));
-    assert.soon(() => {
-        return !shouldSucceed ===
-            rawMongoProgramOutput().includes('No verified subject name available from client');
-    });
-}
-
-function runTest(conn) {
-    const admin = conn.getDB('admin');
-    admin.createUser({user: "admin", pwd: "admin", roles: ["root"]});
-    admin.auth('admin', 'admin');
-
-    const external = conn.getDB('$external');
-    external.createUser({user: CLIENT_NAME, roles: [{'role': 'readWrite', 'db': 'test'}]});
+    assert.soon(() => hasX509AuthSucceeded(admin) !== null,
+                "can not find in mongod logs whether it succeeded to authenticate",
+                15000);
+    assert.eq(shouldSucceed, hasX509AuthSucceeded(admin));
 
-    testClient(conn, CLIENT_CERT, CLIENT_NAME, true);
-    testClient(conn, SELF_SIGNED_CERT, CLIENT_NAME, false);
-    testClient(conn, CLIENT_CERT, null, true);
-    testClient(conn, SELF_SIGNED_CERT, null, false);
+    print("Stopping mongod...");
+    MongoRunner.stopMongod(conn);
 }
 
-// Standalone.
-const mongod = MongoRunner.runMongod({
-    auth: '',
-    sslMode: 'requireSSL',
-    sslPEMKeyFile: SERVER_CERT,
-    sslCAFile: CA_CERT,
-    sslAllowInvalidCertificates: '',
-});
-runTest(mongod);
-MongoRunner.stopMongod(mongod);
+testClient(CLIENT_CERT, CLIENT_NAME, true);
+testClient(SELF_SIGNED_CERT, CLIENT_NAME, false);
+testClient(CLIENT_CERT, null, true);
+testClient(SELF_SIGNED_CERT, null, false);
 })();