diff options
Diffstat (limited to 'jstests/ssl/upgrade_to_x509_ssl.js')
-rw-r--r-- | jstests/ssl/upgrade_to_x509_ssl.js | 54 |
1 files changed, 36 insertions, 18 deletions
diff --git a/jstests/ssl/upgrade_to_x509_ssl.js b/jstests/ssl/upgrade_to_x509_ssl.js index 2ff79bcd7bf..e9d79859077 100644 --- a/jstests/ssl/upgrade_to_x509_ssl.js +++ b/jstests/ssl/upgrade_to_x509_ssl.js @@ -19,35 +19,46 @@ function authAllNodes() { load("jstests/ssl/libs/ssl_helpers.js"); -opts = {sslMode:"allowSSL", sslPEMKeyFile: SERVER_CERT, - sslAllowInvalidCertificates: "", - clusterAuthMode:"sendKeyFile", keyFile: KEYFILE, - sslCAFile: CA_CERT}; +opts = { + sslMode: "allowSSL", + sslPEMKeyFile: SERVER_CERT, + sslAllowInvalidCertificates: "", + clusterAuthMode: "sendKeyFile", + keyFile: KEYFILE, + sslCAFile: CA_CERT +}; var NUM_NODES = 3; -var rst = new ReplSetTest({ name: 'sslSet', nodes: NUM_NODES, nodeOptions : opts }); +var rst = new ReplSetTest({name: 'sslSet', nodes: NUM_NODES, nodeOptions: opts}); rst.startSet(); rst.initiate(); // Connect to master and do some basic operations var rstConn1 = rst.getPrimary(); print("Performing basic operations on master."); -rstConn1.getDB("admin").createUser({user:"root", pwd:"pwd", roles:["root"]}, {w: NUM_NODES}); +rstConn1.getDB("admin").createUser({user: "root", pwd: "pwd", roles: ["root"]}, {w: NUM_NODES}); rstConn1.getDB("admin").auth("root", "pwd"); -rstConn1.getDB("test").a.insert({a:1, str:"TESTTESTTEST"}); -rstConn1.getDB("test").a.insert({a:1, str:"WOOPWOOPWOOPWOOPWOOP"}); +rstConn1.getDB("test").a.insert({a: 1, str: "TESTTESTTEST"}); +rstConn1.getDB("test").a.insert({a: 1, str: "WOOPWOOPWOOPWOOPWOOP"}); assert.eq(2, rstConn1.getDB("test").a.count(), "Error interacting with replSet"); print("===== UPGRADE allowSSL,sendKeyfile -> preferSSL,sendX509 ====="); authAllNodes(); rst.awaitReplication(); -rst.upgradeSet({sslMode:"preferSSL", sslPEMKeyFile: SERVER_CERT, - sslAllowInvalidCertificates: "", - clusterAuthMode:"sendX509", keyFile: KEYFILE, - sslCAFile: CA_CERT}, "root", "pwd"); +rst.upgradeSet( + { + sslMode: "preferSSL", + sslPEMKeyFile: SERVER_CERT, + sslAllowInvalidCertificates: "", + clusterAuthMode: "sendX509", + keyFile: KEYFILE, + sslCAFile: CA_CERT + }, + "root", + "pwd"); // The upgradeSet call restarts the nodes so we need to reauthenticate. authAllNodes(); var rstConn3 = rst.getPrimary(); -rstConn3.getDB("test").a.insert({a:3, str:"TESTTESTTEST"}); +rstConn3.getDB("test").a.insert({a: 3, str: "TESTTESTTEST"}); assert.eq(3, rstConn3.getDB("test").a.count(), "Error interacting with replSet"); rst.awaitReplication(); // Test that a non-ssl connection can still be made @@ -55,11 +66,18 @@ var canConnectNoSSL = runMongoProgram("mongo", "--port", rst.ports[0], "--eval", assert.eq(0, canConnectNoSSL, "SSL Connection attempt failed when it should succeed"); print("===== UPGRADE preferSSL,sendX509 -> requireSSL,x509 ====="); -rst.upgradeSet({sslMode:"requireSSL", sslPEMKeyFile: SERVER_CERT, - sslAllowInvalidCertificates: "", - clusterAuthMode:"x509", keyFile: KEYFILE, - sslCAFile: CA_CERT}, "root", "pwd"); +rst.upgradeSet( + { + sslMode: "requireSSL", + sslPEMKeyFile: SERVER_CERT, + sslAllowInvalidCertificates: "", + clusterAuthMode: "x509", + keyFile: KEYFILE, + sslCAFile: CA_CERT + }, + "root", + "pwd"); authAllNodes(); var rstConn4 = rst.getPrimary(); -rstConn4.getDB("test").a.insert({a:4, str:"TESTTESTTEST"}); +rstConn4.getDB("test").a.insert({a: 4, str: "TESTTESTTEST"}); assert.eq(4, rstConn4.getDB("test").a.count(), "Error interacting with replSet"); |