diff options
Diffstat (limited to 'jstests/ssl/ssl_withhold_client_cert.js')
-rw-r--r-- | jstests/ssl/ssl_withhold_client_cert.js | 94 |
1 files changed, 47 insertions, 47 deletions
diff --git a/jstests/ssl/ssl_withhold_client_cert.js b/jstests/ssl/ssl_withhold_client_cert.js index 919409bbd60..c83dff3a717 100644 --- a/jstests/ssl/ssl_withhold_client_cert.js +++ b/jstests/ssl/ssl_withhold_client_cert.js @@ -1,53 +1,53 @@ // Test setParameter tlsWithholdClientCertificate (function() { - "use strict"; - - function testRS(opts, expectWarning) { - const rsOpts = { - nodes: {node0: opts, node1: opts}, - }; - const rs = new ReplSetTest(rsOpts); - rs.startSet(); - rs.initiate(); - rs.awaitReplication(); - - const test = rs.getPrimary().getDB('test'); - test.foo.insert({bar: "baz"}); - rs.awaitReplication(); - - function checkWarning(member) { - const observed = - /no SSL certificate provided by peer/.test(cat(member.fullOptions.logFile)); - assert.eq(observed, expectWarning); - } - checkWarning(rs.getPrimary()); - checkWarning(rs.getSecondary()); - rs.stopSet(); - } +"use strict"; - const base_options = { - tlsMode: 'requireTLS', - tlsCertificateKeyFile: 'jstests/libs/server.pem', - tlsCAFile: 'jstests/libs/ca.pem', - tlsAllowInvalidHostnames: '', - useLogFiles: true, +function testRS(opts, expectWarning) { + const rsOpts = { + nodes: {node0: opts, node1: opts}, }; - testRS(base_options, false); - - const test_options = Object.extend({ - tlsAllowConnectionsWithoutCertificates: '', - setParameter: 'tlsWithholdClientCertificate=true', - }, - base_options); - - testRS(test_options, true); - - const depr_options = Object.extend({ - sslAllowConnectionsWithoutCertificates: '', - setParameter: 'sslWithholdClientCertificate=true', - }, - base_options); - - testRS(depr_options, true); + const rs = new ReplSetTest(rsOpts); + rs.startSet(); + rs.initiate(); + rs.awaitReplication(); + + const test = rs.getPrimary().getDB('test'); + test.foo.insert({bar: "baz"}); + rs.awaitReplication(); + + function checkWarning(member) { + const observed = + /no SSL certificate provided by peer/.test(cat(member.fullOptions.logFile)); + assert.eq(observed, expectWarning); + } + checkWarning(rs.getPrimary()); + checkWarning(rs.getSecondary()); + rs.stopSet(); +} + +const base_options = { + tlsMode: 'requireTLS', + tlsCertificateKeyFile: 'jstests/libs/server.pem', + tlsCAFile: 'jstests/libs/ca.pem', + tlsAllowInvalidHostnames: '', + useLogFiles: true, +}; +testRS(base_options, false); + +const test_options = Object.extend({ + tlsAllowConnectionsWithoutCertificates: '', + setParameter: 'tlsWithholdClientCertificate=true', +}, + base_options); + +testRS(test_options, true); + +const depr_options = Object.extend({ + sslAllowConnectionsWithoutCertificates: '', + setParameter: 'sslWithholdClientCertificate=true', +}, + base_options); + +testRS(depr_options, true); }()); |