blob: 90004a956fc92b8125574c7f5040dddbf9394eb9 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
/**
* This test checks the upgrade path from noauth/allowSSL to x509/requireSSL
*
* NOTE: This test is similar to upgrade_noauth_to_x509_ssl.js in the ssl test
* suite. This test cannot use ssl communication and therefore cannot test
* modes that only allow ssl.
*
* This test requires data to persist across a restart.
* @tags: [requires_persistence]
*/
load('jstests/ssl/libs/ssl_helpers.js');
(function() {
'use strict';
var dbName = 'upgradeToX509';
// Disable auth explicitly
var noAuth = {noauth: ''};
// Undefine the flags we're replacing, otherwise upgradeSet will keep old values.
var transitionToX509AllowSSL =
Object.merge(allowSSL, {noauth: undefined, transitionToAuth: '', clusterAuthMode: 'x509'});
var rst = new ReplSetTest({name: 'noauthSet', nodes: 3, nodeOptions: noAuth});
rst.startSet();
rst.initiate();
var testDB = rst.getPrimary().getDB(dbName);
assert.commandWorked(testDB.a.insert({a: 1, str: 'TESTTESTTEST'}));
assert.eq(1, testDB.a.find().itcount(), 'Error interacting with replSet');
print('=== UPGRADE no-auth/no-ssl -> transition to X509/allowSSL ===');
rst.upgradeSet(transitionToX509AllowSSL);
// Connect to the new primary
testDB = rst.getPrimary().getDB(dbName);
assert.commandWorked(testDB.a.insert({a: 1, str: 'TESTTESTTEST'}));
assert.eq(2, testDB.a.find().itcount(), 'Error interacting with replSet');
rst.stopSet();
}());
|
