diff options
Diffstat (limited to 'jstests/ssl/libs/ssl_helpers.js')
-rw-r--r-- | jstests/ssl/libs/ssl_helpers.js | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/jstests/ssl/libs/ssl_helpers.js b/jstests/ssl/libs/ssl_helpers.js index 50463d8dec9..16657a15b64 100644 --- a/jstests/ssl/libs/ssl_helpers.js +++ b/jstests/ssl/libs/ssl_helpers.js @@ -156,3 +156,30 @@ function mixedShardTest(options1, options2, shouldSucceed) { } } } + +function detectDefaultTLSProtocol() { + const conn = MongoRunner.runMongod({ + sslMode: 'allowSSL', + sslPEMKeyFile: SERVER_CERT, + sslDisabledProtocols: 'none', + useLogFiles: true, + tlsLogVersions: "TLS1_0,TLS1_1,TLS1_2,TLS1_3", + }); + + const res = conn.getDB("admin").serverStatus().transportSecurity; + + MongoRunner.stopMongod(conn); + + // Verify that the default protocol is either TLS1.2 or TLS1.3. + // No supported platform should default to an older protocol version. + assert.eq(0, res["1.0"]); + assert.eq(0, res["1.1"]); + assert.eq(0, res["unknown"]); + assert.neq(res["1.2"], res["1.3"]); + + if (res["1.2"].tojson() != NumberLong(0).tojson()) { + return "TLS1_2"; + } else { + return "TLS1_3"; + } +} |