57 lines
1.7 KiB
JavaScript
57 lines
1.7 KiB
JavaScript
// Test redaction of passwords in command line SSL option parsing.
|
|
|
|
import {requireSSLProvider} from "jstests/ssl/libs/ssl_helpers.js";
|
|
|
|
requireSSLProvider("openssl", function () {
|
|
const baseName = "jstests_ssl_ssl_options";
|
|
|
|
jsTest.log("Testing censorship of ssl options");
|
|
|
|
const mongodConfig = {
|
|
tlsCertificateKeyFile: "jstests/libs/password_protected.pem",
|
|
tlsMode: "requireTLS",
|
|
tlsCertificateKeyFilePassword: "qwerty",
|
|
tlsClusterPassword: "qwerty",
|
|
tlsCAFile: "jstests/libs/ca.pem",
|
|
};
|
|
const mongodSource = MongoRunner.runMongod(mongodConfig);
|
|
|
|
const getCmdLineOptsResult = mongodSource.adminCommand("getCmdLineOpts");
|
|
|
|
let i;
|
|
let isPassword = false;
|
|
for (i = 0; i < getCmdLineOptsResult.argv.length; i++) {
|
|
if (isPassword) {
|
|
assert.eq(
|
|
getCmdLineOptsResult.argv[i],
|
|
"<password>",
|
|
"Password not properly censored: " + tojson(getCmdLineOptsResult),
|
|
);
|
|
isPassword = false;
|
|
continue;
|
|
}
|
|
|
|
if (
|
|
getCmdLineOptsResult.argv[i] === "--tlsPEMKeyPassword" ||
|
|
getCmdLineOptsResult.argv[i] === "--tlsClusterPassword"
|
|
) {
|
|
isPassword = true;
|
|
}
|
|
}
|
|
|
|
assert.eq(
|
|
getCmdLineOptsResult.parsed.net.tls.certificateKeyFilePassword,
|
|
"<password>",
|
|
"Password not properly censored: " + tojson(getCmdLineOptsResult),
|
|
);
|
|
assert.eq(
|
|
getCmdLineOptsResult.parsed.net.tls.clusterPassword,
|
|
"<password>",
|
|
"Password not properly censored: " + tojson(getCmdLineOptsResult),
|
|
);
|
|
|
|
MongoRunner.stopMongod(mongodSource);
|
|
|
|
print(baseName + " succeeded.");
|
|
});
|