diff options
Diffstat (limited to 'jstests/ssl/libs/ssl_helpers.js')
| -rw-r--r-- | jstests/ssl/libs/ssl_helpers.js | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/jstests/ssl/libs/ssl_helpers.js b/jstests/ssl/libs/ssl_helpers.js index 6b5ed90d283..37dad3972ee 100644 --- a/jstests/ssl/libs/ssl_helpers.js +++ b/jstests/ssl/libs/ssl_helpers.js @@ -217,3 +217,30 @@ function requireSSLProvider(required, fn) { } fn(); } + +function detectDefaultTLSProtocol() { + const conn = MongoRunner.runMongod({ + sslMode: 'allowSSL', + sslPEMKeyFile: SERVER_CERT, + sslDisabledProtocols: 'none', + useLogFiles: true, + tlsLogVersions: "TLS1_0,TLS1_1,TLS1_2,TLS1_3", + }); + + const res = conn.getDB("admin").serverStatus().transportSecurity; + + MongoRunner.stopMongod(conn); + + // Verify that the default protocol is either TLS1.2 or TLS1.3. + // No supported platform should default to an older protocol version. + assert.eq(0, res["1.0"]); + assert.eq(0, res["1.1"]); + assert.eq(0, res["unknown"]); + assert.neq(res["1.2"], res["1.3"]); + + if (res["1.2"].tojson() != NumberLong(0).tojson()) { + return "TLS1_2"; + } else { + return "TLS1_3"; + } +} |