diff options
author | Sara Golemon <sara.golemon@mongodb.com> | 2019-02-12 00:40:39 +0000 |
---|---|---|
committer | Sara Golemon <sara.golemon@mongodb.com> | 2019-02-12 23:10:06 +0000 |
commit | 2c65bbe94d04ac0fa62f4fc51a2ece2e748de739 (patch) | |
tree | f7a967c67b6ddf1114c4d9c95d49aef8c5e3a69d /jstests | |
parent | d7fcc8ab5b3455ab5530969edc8383929bed07f7 (diff) | |
download | mongo-2c65bbe94d04ac0fa62f4fc51a2ece2e748de739.tar.gz |
SERVER-39376 Canonicalize net.ssl.mode to net.tls.mode
Diffstat (limited to 'jstests')
-rw-r--r-- | jstests/ssl/canonicalize_command_line_opts.js | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/jstests/ssl/canonicalize_command_line_opts.js b/jstests/ssl/canonicalize_command_line_opts.js new file mode 100644 index 00000000000..c2c2c96bcf1 --- /dev/null +++ b/jstests/ssl/canonicalize_command_line_opts.js @@ -0,0 +1,39 @@ +// Ensure that all 'ssl' options are canonicalized to their modern 'tls' versions. + +(function() { + 'use strict'; + + function runTest(mongod) { + assert(mongod); + const admin = mongod.getDB('admin'); + + const opts = assert.commandWorked(admin.runCommand({getCmdLineOpts: 1})); + print(tojson(opts)); + assert.eq(typeof(opts), 'object'); + assert.eq(typeof(opts.parsed), 'object'); + assert.eq(typeof(opts.parsed.net), 'object'); + + const net = opts.parsed.net; + assert.eq(typeof(net.ssl), 'undefined'); + assert.eq(typeof(net.tls), 'object'); + + const tls = net.tls; + assert.eq(tls.mode, 'requireTLS'); + assert.eq(tls.CAFile, 'jstests/libs/ca.pem'); + assert.eq(tls.certificateKeyFile, 'jstests/libs/server.pem'); + assert.eq(tls.allowConnectionsWithoutCertificates, true); + assert.eq(tls.allowInvalidHostnames, true); + } + + const options = { + sslMode: 'requireSSL', + sslCAFile: 'jstests/libs/ca.pem', + sslPEMKeyFile: 'jstests/libs/server.pem', + sslAllowConnectionsWithoutCertificates: '', + sslAllowInvalidHostnames: '', + }; + + const mongod = MongoRunner.runMongod(options); + runTest(mongod); + MongoRunner.stopMongod(mongod); +})(); |