SERVER-7202 adding tests for ssl private key password checking

1 files changed, 47 insertions, 0 deletions

diff --git a/jstests/ssl/ssl_cert_password.js b/jstests/ssl/ssl_cert_password.js
new file mode 100644
index 00000000000..caff70514bc
--- /dev/null
+++ b/jstests/ssl/ssl_cert_password.js
@@ -0,0 +1,47 @@
+// Test passwords on private keys for SSL
+// This tests that providing a proper password works and that providing no password or incorrect
+// password fails.  It uses both mongod and mongo to run the tests, since the mongod binary
+// does not return error statuses to indicate an error.
+port = allocatePorts( 1 )[ 0 ];
+var baseName = "jstests_ssl_ssl_cert_password";
+var dbpath = "/data/db" + baseName;
+resetDbpath(dbpath);
+
+// Password is correct
+md = startMongod("--nopreallocj",
+                 "--port", port, 
+                 "--dbpath", dbpath, 
+                 "--sslOnNormalPorts",
+                 "--sslPEMKeyFile", "jstests/libs/password_protected.pem",
+                 "--sslPEMKeyPassword", "qwerty");
+// startMongod connects a Mongo shell, so if we get here, the test is successful.
+
+
+
+
+// Password missing; error logged is:
+//  error:0907B068:PEM routines:PEM_READ_BIO_PRIVATEKEY:bad password read
+var md = runMongoProgram("mongo", "--port", port, 
+                         "--ssl",
+                         "--sslPEMKeyFile", "jstests/libs/password_protected.pem");
+
+// 1 is the exit code for failure
+assert(md==1);
+
+
+
+// Password incorrect; error logged is:
+//  error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
+md = runMongoProgram("mongo", "--port", port, 
+                     "--ssl",
+                     "--sslPEMKeyFile", "jstests/libs/password_protected.pem",
+                     "--sslPEMKeyPassword", "barf");
+
+// 1 is the exit code for failure
+assert(md==1);
+
+
+
+// Stop the server
+var exitCode = stopMongod(port, 15);
+assert(exitCode == 0);