48 lines
1.6 KiB
JavaScript
48 lines
1.6 KiB
JavaScript
// Test passwords on private keys for SSL
|
|
// This tests that providing a proper password works and that providing no password or incorrect
|
|
// password fails. It uses both mongod and mongo to run the tests, since the mongod binary
|
|
// does not return error statuses to indicate an error.
|
|
port = allocatePorts( 1 )[ 0 ];
|
|
var baseName = "jstests_ssl_ssl_cert_password";
|
|
var dbpath = "/data/db/" + baseName;
|
|
resetDbpath(dbpath);
|
|
|
|
// Password is correct
|
|
md = startMongod("--nopreallocj",
|
|
"--port", port,
|
|
"--dbpath", dbpath,
|
|
"--sslOnNormalPorts",
|
|
"--sslPEMKeyFile", "jstests/libs/password_protected.pem",
|
|
"--sslPEMKeyPassword", "qwerty");
|
|
// startMongod connects a Mongo shell, so if we get here, the test is successful.
|
|
|
|
|
|
|
|
|
|
// Password missing; error logged is:
|
|
// error:0907B068:PEM routines:PEM_READ_BIO_PRIVATEKEY:bad password read
|
|
var md = runMongoProgram("mongo", "--port", port,
|
|
"--ssl",
|
|
"--sslPEMKeyFile", "jstests/libs/password_protected.pem");
|
|
|
|
// 1 is the exit code for failure
|
|
assert(md==1);
|
|
|
|
|
|
|
|
// Password incorrect; error logged is:
|
|
// error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt
|
|
md = runMongoProgram("mongo", "--port", port,
|
|
"--ssl",
|
|
"--sslPEMKeyFile", "jstests/libs/password_protected.pem",
|
|
"--sslPEMKeyPassword", "barf");
|
|
|
|
// 1 is the exit code for failure
|
|
assert(md==1);
|
|
|
|
|
|
if (!_isWindows()) {
|
|
// Stop the server
|
|
var exitCode = stopMongod(port, 15);
|
|
assert(exitCode == 0);
|
|
}
|