diff options
Diffstat (limited to 'jstests/ssl/initial_sync1_x509.js')
| -rw-r--r-- | jstests/ssl/initial_sync1_x509.js | 64 |
1 files changed, 57 insertions, 7 deletions
diff --git a/jstests/ssl/initial_sync1_x509.js b/jstests/ssl/initial_sync1_x509.js index 410fc2ba827..0d70bd17cf7 100644 --- a/jstests/ssl/initial_sync1_x509.js +++ b/jstests/ssl/initial_sync1_x509.js @@ -1,15 +1,65 @@ -// Basic tests for cluster authentication using x509 -// This test is launching replsets/initial_sync1.js with different -// values for clusterAuthMode to emulate an upgrade process. +// Basic tests for cluster authentication using x509. var common_options = {keyFile : "jstests/libs/key1"}; +function runInitialSyncTest() { + load("jstests/replsets/rslib.js"); + + print("1. Bring up set"); + var replTest = new ReplSetTest({name: "jstests_initsync1_x509", + nodes : {node0 : x509_options1, node1 : x509_options2}}); + + var conns = replTest.startSet(); + replTest.initiate(); + + var master = replTest.getMaster(); + var foo = master.getDB("foo"); + var admin = master.getDB("admin"); + + var slave1 = replTest.liveNodes.slaves[0]; + var admin_s1 = slave1.getDB("admin"); + + print("2. Create a root user."); + admin.createUser({ user: "root", pwd: "pass", roles: ["root"]}); + admin.auth("root", "pass"); + admin_s1.auth("root", "pass"); + + print("3. Insert some data"); + var bulk = foo.bar.initializeUnorderedBulkOp(); + for (var i = 0; i < 100; i++) { + bulk.insert({ date: new Date(), x: i, str: "all the talk on the market" }); + } + assert.writeOK(bulk.execute()); + print("total in foo: "+foo.bar.count()); + + print("4. Make sure synced"); + replTest.awaitReplication(); + + print("5. Insert some stuff"); + master = replTest.getMaster(); + bulk = foo.bar.initializeUnorderedBulkOp(); + for (var i = 0; i < 100; i++) { + bulk.insert({ date: new Date(), x: i, str: "all the talk on the market" }); + } + assert.writeOK(bulk.execute()); + + print("6. Everyone happy eventually"); + replTest.awaitReplication(300000); + + print("7. Check hbmsg"); + master.getDB("admin").runCommand({replSetTest:1, sethbmsg:"foo bar baz"}); + var status = master.getDB("admin").runCommand({replSetGetStatus:1}); + printjson(status); + assert.eq(status.members[0].infoMessage, "foo bar baz"); + replTest.stopSet(); +} + // Standard case, clusterAuthMode: x509 -x509_options1 = Object.merge(common_options, +var x509_options1 = Object.merge(common_options, {sslClusterFile: "jstests/libs/cluster-cert.pem", clusterAuthMode: "x509"}); var x509_options2 = x509_options1; -load("jstests/replsets/initial_sync1.js"); +runInitialSyncTest(); // Mixed clusterAuthMode: sendX509 and sendKeyFile and try adding --auth x509_options1 = Object.merge(common_options, @@ -17,12 +67,12 @@ x509_options1 = Object.merge(common_options, clusterAuthMode: "sendX509", auth: ""}); x509_options2 = Object.merge(common_options, {clusterAuthMode: "sendKeyFile"}); -load("jstests/replsets/initial_sync1.js"); +runInitialSyncTest(); // Mixed clusterAuthMode: x509 and sendX509, use the PEMKeyFile for outgoing connections x509_options1 = Object.merge(common_options, {clusterAuthMode: "x509"}); x509_options2 = Object.merge(common_options, {clusterAuthMode: "sendX509"}); -load("jstests/replsets/initial_sync1.js"); +runInitialSyncTest(); // verify that replset initiate fails if using a self-signed cert x509_options1 = Object.merge(common_options, {clusterAuthMode: "x509"}); |