diff options
author | Shaun Verch <shaun.verch@mongodb.com> | 2014-06-10 11:50:06 -0400 |
---|---|---|
committer | Shaun Verch <shaun.verch@mongodb.com> | 2014-06-10 11:50:06 -0400 |
commit | 71d75ac4865665f4418a5f26200506f45a6d98d1 (patch) | |
tree | c689c4f0adbe52be75ff0936abc93d203cbcc984 /jstests/ssl/set_parameter_ssl.js | |
parent | fb81d9912660a6c71ffbafda33156f8935e98f65 (diff) | |
download | mongo-71d75ac4865665f4418a5f26200506f45a6d98d1.tar.gz |
SERVER-12748 Tests for invalid transitions of clusterAuthMode without outgoing SSL
Diffstat (limited to 'jstests/ssl/set_parameter_ssl.js')
-rw-r--r-- | jstests/ssl/set_parameter_ssl.js | 44 |
1 files changed, 25 insertions, 19 deletions
diff --git a/jstests/ssl/set_parameter_ssl.js b/jstests/ssl/set_parameter_ssl.js index 34a5c101087..19d11b9047f 100644 --- a/jstests/ssl/set_parameter_ssl.js +++ b/jstests/ssl/set_parameter_ssl.js @@ -18,13 +18,13 @@ function testSSLTransition(oldMode, newMode, shouldSucceed) { var res = adminDB.runCommand({ "setParameter" : 1, "sslMode" : newMode }); - assert(res["ok"] == shouldSucceed); + assert(res["ok"] == shouldSucceed, tojson(res)); stopMongod(port); } -function testAuthModeTransition(oldMode, newMode, shouldSucceed) { +function testAuthModeTransition(oldMode, newMode, sslMode, shouldSucceed) { var conn = MongoRunner.runMongod({port: port, - sslMode: "requireSSL", + sslMode: sslMode, sslPEMKeyFile: SERVER_CERT, sslCAFile: CA_CERT, clusterAuthMode: oldMode}); @@ -35,7 +35,7 @@ function testAuthModeTransition(oldMode, newMode, shouldSucceed) { var res = adminDB.runCommand({ "setParameter" : 1, "clusterAuthMode" : newMode }); - assert(res["ok"] == shouldSucceed); + assert(res["ok"] == shouldSucceed, tojson(res)); stopMongod(port); } @@ -55,18 +55,24 @@ testSSLTransition("requireSSL", "allowSSL", false); testSSLTransition("requireSSL", "preferSSL", false); testSSLTransition("requireSSL", "requireSSL", false); -testAuthModeTransition("sendKeyFile", "invalid", false); -testAuthModeTransition("sendKeyFile", "keyFile", false); -testAuthModeTransition("sendKeyFile", "sendKeyFile", false); -testAuthModeTransition("sendKeyFile", "sendX509", true); -testAuthModeTransition("sendKeyFile", "x509", false); -testAuthModeTransition("sendX509", "invalid", false); -testAuthModeTransition("sendX509", "keyFile", false); -testAuthModeTransition("sendX509", "sendKeyFile", false); -testAuthModeTransition("sendX509", "sendX509", false); -testAuthModeTransition("sendX509", "x509", true); -testAuthModeTransition("x509", "invalid", false); -testAuthModeTransition("x509", "keyFile", false); -testAuthModeTransition("x509", "sendKeyFile", false); -testAuthModeTransition("x509", "sendX509", false); -testAuthModeTransition("x509", "x509", false); +testAuthModeTransition("sendKeyFile", "invalid", "requireSSL", false); +testAuthModeTransition("sendKeyFile", "keyFile", "requireSSL", false); +testAuthModeTransition("sendKeyFile", "sendKeyFile", "requireSSL", false); +testAuthModeTransition("sendKeyFile", "sendX509", "requireSSL", true); +testAuthModeTransition("sendKeyFile", "x509", "requireSSL", false); +testAuthModeTransition("sendX509", "invalid", "requireSSL", false); +testAuthModeTransition("sendX509", "keyFile", "requireSSL", false); +testAuthModeTransition("sendX509", "sendKeyFile", "requireSSL", false); +testAuthModeTransition("sendX509", "sendX509", "requireSSL", false); +testAuthModeTransition("sendX509", "x509", "requireSSL", true); +testAuthModeTransition("x509", "invalid", "requireSSL", false); +testAuthModeTransition("x509", "keyFile", "requireSSL", false); +testAuthModeTransition("x509", "sendKeyFile", "requireSSL", false); +testAuthModeTransition("x509", "sendX509", "requireSSL", false); +testAuthModeTransition("x509", "x509", "requireSSL", false); + +testAuthModeTransition("sendKeyFile", "invalid", "allowSSL", false); +testAuthModeTransition("sendKeyFile", "keyFile", "allowSSL", false); +testAuthModeTransition("sendKeyFile", "sendKeyFile", "allowSSL", false); +testAuthModeTransition("sendKeyFile", "sendX509", "allowSSL", false); +testAuthModeTransition("sendKeyFile", "x509", "allowSSL", false); |