diff options
| author | Sara Golemon <sara.golemon@mongodb.com> | 2018-05-22 11:26:20 -0400 |
|---|---|---|
| committer | Sara Golemon <sara.golemon@mongodb.com> | 2018-05-22 14:29:04 -0400 |
| commit | e651e0fb73dd6e7c975c8b67fab9ecf72c0cc530 (patch) | |
| tree | 01b6f953543f168fd5f1a9943036c74c5ff9df9b | |
| parent | 540a68c3ddae01ea3ae29013b5efa6aaa2743d81 (diff) | |
| download | mongo-e651e0fb73dd6e7c975c8b67fab9ecf72c0cc530.tar.gz | |
SERVER-34888 Do not store subject name without validation (lint)
| -rw-r--r-- | jstests/ssl/x509_invalid.js | 10 | ||||
| -rw-r--r-- | jstests/ssl/x509_startup_warning.js | 20 |
2 files changed, 15 insertions, 15 deletions
diff --git a/jstests/ssl/x509_invalid.js b/jstests/ssl/x509_invalid.js index 39605fa307c..77098e7d64d 100644 --- a/jstests/ssl/x509_invalid.js +++ b/jstests/ssl/x509_invalid.js @@ -10,10 +10,10 @@ const SELF_SIGNED_CERT = 'jstests/libs/client-self-signed.pem'; function testClient(conn, cert, name, shouldSucceed) { - let auth = {mechanism: 'MONGODB-X509'}; - if (name !== null) { - auth.name = name; - } + const auth = { + mechanism: 'MONGODB-X509', + user: name + }; const script = 'assert(db.getSiblingDB(\'$external\').auth(' + tojson(auth) + '));'; clearRawMongoProgramOutput(); const exitCode = runMongoProgram('mongo', @@ -44,8 +44,6 @@ testClient(conn, CLIENT_CERT, CLIENT_NAME, true); testClient(conn, SELF_SIGNED_CERT, CLIENT_NAME, false); - testClient(conn, CLIENT_CERT, null, true); - testClient(conn, SELF_SIGNED_CERT, null, false); } // Standalone. diff --git a/jstests/ssl/x509_startup_warning.js b/jstests/ssl/x509_startup_warning.js index 888e29255e3..c493d5412cf 100644 --- a/jstests/ssl/x509_startup_warning.js +++ b/jstests/ssl/x509_startup_warning.js @@ -5,13 +5,14 @@ function runTest(opts, expectWarning) { clearRawMongoProgramOutput(); - const mongod = MongoRunner.runMongod(Object.assign({ - auth: '', - sslMode: 'requireSSL', - sslPEMKeyFile: 'jstests/libs/server.pem', - sslCAFile: 'jstests/libs/ca.pem', - }, - opts)); + const mongod = MongoRunner.runMongod(Object.assign( + { + auth: '', + sslMode: 'requireSSL', + sslPEMKeyFile: 'jstests/libs/server.pem', + sslCAFile: 'jstests/libs/ca.pem', + }, + opts)); assert.eq(expectWarning, rawMongoProgramOutput().includes( 'WARNING: While invalid X509 certificates may be used')); @@ -20,8 +21,9 @@ // Don't expect a warning when we're not using both options together. runTest({}, false); - runTest({sslAllowInvalidCertificates: '', setParameter: 'authenticationMechanisms=SCRAM-SHA-1'}, - false); + runTest( + {sslAllowInvalidCertificates: '', setParameter: 'authenticationMechanisms=SCRAM-SHA-1'}, + false); runTest({setParameter: 'authenticationMechanisms=MONGODB-X509'}, false); runTest({clusterAuthMode: 'x509'}, false); |