diff options
| author | Adam Midvidy <amidvidy@gmail.com> | 2015-06-29 18:35:47 -0400 |
|---|---|---|
| committer | Adam Midvidy <amidvidy@gmail.com> | 2015-06-30 16:50:38 -0400 |
| commit | 2186037a81b3483681f23bc9c614f40ecc413326 (patch) | |
| tree | 2b47aa8d9640ae1c26ec07cfa96f1dcf00117e9b /jstests/ssl | |
| parent | fec53e85b90085e289bfac4d8defaaea2bfb52eb (diff) | |
| download | mongo-2186037a81b3483681f23bc9c614f40ecc413326.tar.gz | |
SERVER-19113 rewrite ssl_crl.js and ssl_mixedmode.js to not depend on legacy DBClientConnection behavior
Diffstat (limited to 'jstests/ssl')
| -rw-r--r-- | jstests/ssl/ssl_crl.js | 50 |
1 files changed, 21 insertions, 29 deletions
diff --git a/jstests/ssl/ssl_crl.js b/jstests/ssl/ssl_crl.js index fd83c3979ef..96c12b91bb9 100644 --- a/jstests/ssl/ssl_crl.js +++ b/jstests/ssl/ssl_crl.js @@ -4,32 +4,24 @@ // Note: crl_expired.pem is a CRL with no revoked certificates, but is an expired CRL. // crl.pem is a CRL with no revoked certificates. -// This test should allow the user to connect with client.pem certificate. -var md = MongoRunner.runMongod({sslMode: "requireSSL", - sslPEMKeyFile: "jstests/libs/server.pem", - sslCAFile: "jstests/libs/ca.pem", - sslCRLFile: "jstests/libs/crl.pem"}); - - -var mongo = runMongoProgram("mongo", "--port", md.port, "--ssl", "--sslAllowInvalidCertificates", - "--sslPEMKeyFile", "jstests/libs/client.pem", - "--eval", ";"); - -// 0 is the exit code for success -assert(mongo==0); - - -// This test ensures clients cannot connect if the CRL is expired. -md = MongoRunner.runMongod({sslMode: "requireSSL", - sslPEMKeyFile: "jstests/libs/server.pem", - sslCAFile: "jstests/libs/ca.pem", - sslCRLFile: "jstests/libs/crl_expired.pem"}); - - -mongo = runMongoProgram("mongo", "--port", md.port, "--ssl", "--sslAllowInvalidCertificates", - "--sslPEMKeyFile", "jstests/libs/client.pem", - "--eval", ";"); - -// 1 is the exit code for failure -assert(mongo==1); - +load("jstests/libs/ssl_test.js"); + +var testUnrevoked = new SSLTest( + // Server option overrides + { + sslMode: "requireSSL", + sslCRLFile: "jstests/libs/crl.pem" + } +); + +assert(testUnrevoked.connectWorked()); + +var testRevoked = new SSLTest( + // Server option overrides + { + sslMode: "requireSSL", + sslCRLFile: "jstests/libs/crl_expired.pem" + } +); + +assert(!testRevoked.connectWorked()); |