diff options
Diffstat (limited to 'jstests/ssl/ssl_alert_reporting.js')
-rw-r--r-- | jstests/ssl/ssl_alert_reporting.js | 108 |
1 files changed, 54 insertions, 54 deletions
diff --git a/jstests/ssl/ssl_alert_reporting.js b/jstests/ssl/ssl_alert_reporting.js index d26d2ceca0e..a00fa4023e9 100644 --- a/jstests/ssl/ssl_alert_reporting.js +++ b/jstests/ssl/ssl_alert_reporting.js @@ -3,60 +3,60 @@ load('jstests/ssl/libs/ssl_helpers.js'); (function() { - 'use strict'; - - const clientOptions = [ - "--ssl", - "--sslPEMKeyFile", - "jstests/libs/client.pem", - "--sslCAFile", - "jstests/libs/ca.pem", - "--eval", - ";" - ]; - - function runTest(serverDisabledProtos, clientDisabledProtos) { - const implementation = determineSSLProvider(); - let expectedRegex; - if (implementation === "openssl") { - expectedRegex = - /Error: couldn't connect to server .*:[0-9]*, connection attempt failed: SocketException: tlsv1 alert protocol version/; - } else if (implementation === "windows") { - expectedRegex = - /Error: couldn't connect to server .*:[0-9]*, connection attempt failed: SocketException: The function requested is not supported/; - } else if (implementation === "apple") { - expectedRegex = - /Error: couldn't connect to server .*:[0-9]*, connection attempt failed: SocketException: Secure.Transport: bad protocol version/; - } else { - throw Error("Unrecognized TLS implementation!"); - } - - var md = MongoRunner.runMongod({ - sslMode: "requireSSL", - sslCAFile: "jstests/libs/ca.pem", - sslPEMKeyFile: "jstests/libs/server.pem", - sslDisabledProtocols: serverDisabledProtos, - }); - - let shell; - let mongoOutput; - - assert.soon(function() { - clearRawMongoProgramOutput(); - shell = runMongoProgram("mongo", - "--port", - md.port, - ...clientOptions, - "--sslDisabledProtocols", - clientDisabledProtos); - mongoOutput = rawMongoProgramOutput(); - return mongoOutput.match(expectedRegex); - }, "Mongo shell output was as follows:\n" + mongoOutput + "\n************"); - - MongoRunner.stopMongod(md); +'use strict'; + +const clientOptions = [ + "--ssl", + "--sslPEMKeyFile", + "jstests/libs/client.pem", + "--sslCAFile", + "jstests/libs/ca.pem", + "--eval", + ";" +]; + +function runTest(serverDisabledProtos, clientDisabledProtos) { + const implementation = determineSSLProvider(); + let expectedRegex; + if (implementation === "openssl") { + expectedRegex = + /Error: couldn't connect to server .*:[0-9]*, connection attempt failed: SocketException: tlsv1 alert protocol version/; + } else if (implementation === "windows") { + expectedRegex = + /Error: couldn't connect to server .*:[0-9]*, connection attempt failed: SocketException: The function requested is not supported/; + } else if (implementation === "apple") { + expectedRegex = + /Error: couldn't connect to server .*:[0-9]*, connection attempt failed: SocketException: Secure.Transport: bad protocol version/; + } else { + throw Error("Unrecognized TLS implementation!"); } - // Client recieves and reports a protocol version alert if it advertises a protocol older than - // the server's oldest supported protocol - runTest("TLS1_0", "TLS1_1,TLS1_2"); + var md = MongoRunner.runMongod({ + sslMode: "requireSSL", + sslCAFile: "jstests/libs/ca.pem", + sslPEMKeyFile: "jstests/libs/server.pem", + sslDisabledProtocols: serverDisabledProtos, + }); + + let shell; + let mongoOutput; + + assert.soon(function() { + clearRawMongoProgramOutput(); + shell = runMongoProgram("mongo", + "--port", + md.port, + ...clientOptions, + "--sslDisabledProtocols", + clientDisabledProtos); + mongoOutput = rawMongoProgramOutput(); + return mongoOutput.match(expectedRegex); + }, "Mongo shell output was as follows:\n" + mongoOutput + "\n************"); + + MongoRunner.stopMongod(md); +} + +// Client recieves and reports a protocol version alert if it advertises a protocol older than +// the server's oldest supported protocol +runTest("TLS1_0", "TLS1_1,TLS1_2"); }()); |