def _check_allowed(self):
# This would fail by design.
if self.server == 'ipv4':
prohibit(self.client == 'ipv6')
# Default configuration is tested in other variants.
if self.server == 'ipv6':
prohibit(self.client == 'localhost')
def _check_allowed(self):
# This would fail by design.
if self.server == 'ipv4':
prohibit(self.client == 'ipv6')
# Default configuration is tested in other variants.
if self.server == 'ipv6':
prohibit(self.client == 'localhost')
def _check_allowed(self):
if self.ssl == 'darwinssl':
# Secure Transport quietly ignores a must-staple certificate with no stapled response.
prohibit(self.test == 'malicious_server_test_2')
# ECDSA certs can't be loaded (in the PEM format they're stored) on Windows/macOS. Skip them.
if self.ssl == 'darwinssl' or self.ssl == 'winssl':
prohibit(self.cert == 'ecdsa')
# OCSP stapling is not supported on macOS or Windows.
if self.ssl == 'darwinssl' or self.ssl == 'winssl':
prohibit(self.test in ['test_1', 'test_2', 'cache'])
if self.test == 'soft_fail_test' or self.test == 'malicious_server_test_2' or self.test == 'cache':
prohibit(self.delegate == 'delegate')
def _check_allowed(self):
# Current latest macOS does not support the disableStapling failpoint.
# There are no tests that can run on macOS in current evergreen configuration.
if self.ssl == 'darwinssl':
# TODO: remove this when macOS latest download is updated
prohibit(True)
# ECDSA certs can't be loaded (in the PEM format they're stored) on Windows/macOS. Skip them.
if self.ssl == 'darwinssl' or self.ssl == 'winssl':
prohibit(self.cert == 'ecdsa')
# OCSP stapling is not supported on macOS or Windows.
if self.ssl == 'darwinssl' or self.ssl == 'winssl':
prohibit(self.test in ['test_1', 'test_2', 'cache'])
if self.test == 'soft_fail_test' or self.test == 'malicious_server_test_2' or self.test == 'cache':
prohibit(self.delegate == 'delegate')
# Until OCSP is supported in OpenSSL, skip tests that expect to be revoked.
if self.ssl == 'openssl':
prohibit(self.test in [
'test_2', 'test_4', 'malicious_server_test_1',
'malicious_server_test_2'
])
def _check_allowed(self):
if self.valgrind:
prohibit(self.cse)
prohibit(self.asan)
prohibit(self.sasl)
require(self.ssl in ('openssl', False))
prohibit(self.coverage)
# Valgrind only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.auth:
require(self.ssl)
if self.sasl == 'sspi':
# Only one self.
require(self.topology == 'server')
require(self.version == 'latest')
require(self.ssl == 'winssl')
require(self.auth)
if not self.ssl:
prohibit(self.sasl)
if self.coverage:
prohibit(self.sasl)
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.asan:
prohibit(self.sasl)
prohibit(self.coverage)
# Address sanitizer only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.cse:
require(self.version == 'latest'
or parse_version(self.version) >= parse_version("4.2"))
require(self.topology == 'server')
if not self.asan:
# limit to SASL=AUTO to reduce redundant tasks.
require(self.sasl)
require(self.sasl != 'sspi')
prohibit(self.coverage)
require(self.ssl)
def _check_allowed(self):
prohibit (self.loadbalanced and self.auth)
# Load balancer tests only run on some Linux hosts in Evergreen until CDRIVER-4041 is resolved.
prohibit (self.loadbalanced and self.ssl in ["darwinssl", "winssl"])
def _check_allowed (self):
# Test with both SSL and auth, or neither.
prohibit (self.test_ssl != self.test_auth)
def _check_allowed(self):
if self.sanitizer == 'tsan':
require(self.ssl == 'openssl')
prohibit(self.sasl)
prohibit(self.valgrind)
prohibit(self.coverage)
prohibit(self.cse)
prohibit(self.version == "3.0")
if self.valgrind:
prohibit(self.cse)
prohibit(self.sanitizer)
prohibit(self.sasl)
require(self.ssl in ('openssl', False))
prohibit(self.coverage)
# Valgrind only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.auth:
require(self.ssl)
if self.sasl == 'sspi':
# Only one self.
require(self.topology == 'server')
require(self.version == 'latest')
require(self.ssl == 'winssl')
require(self.auth)
if not self.ssl:
prohibit(self.sasl)
if self.coverage:
prohibit(self.sasl)
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.sanitizer == "asan":
prohibit(self.sasl)
prohibit(self.coverage)
# Address sanitizer only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.cse:
require(self.version == 'latest'
or parse_version(self.version) >= parse_version("4.2"))
if self.version == 'latest' or parse_version(
self.version) >= parse_version("6.0"):
# FLE 2.0 Client-Side Encryption tasks on 6.0 require a non-standalone topology.
require(self.topology in ('server', 'replica_set'))
else:
require(self.topology == 'server')
if self.sanitizer != "asan":
# limit to SASL=AUTO to reduce redundant tasks.
require(self.sasl)
require(self.sasl != 'sspi')
prohibit(self.coverage)
require(self.ssl)
def _check_allowed(self):
if self.valgrind:
prohibit(self.asan)
prohibit(self.sasl)
require(self.ssl in ('openssl', False))
prohibit(self.coverage)
# Valgrind only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.auth:
require(self.ssl)
if self.sasl == 'sspi':
# Only one self.
require(self.topology == 'server')
require(self.version == 'latest')
require(self.ssl == 'winssl')
require(self.auth)
if not self.ssl:
prohibit(self.sasl)
if self.coverage:
prohibit(self.sasl)
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.asan:
prohibit(self.sasl)
prohibit(self.coverage)
# Address sanitizer only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
def _check_allowed(self):
if self.valgrind:
prohibit(self.asan)
prohibit(self.sasl)
require(self.ssl in ('openssl', False))
prohibit(self.coverage)
# Valgrind only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.auth:
require(self.ssl)
if self.sasl == 'sspi':
# Only one self.
require(self.topology == 'server')
require(self.version == 'latest')
require(self.ssl == 'winssl')
require(self.auth)
if not self.ssl:
prohibit(self.sasl)
if self.coverage:
prohibit(self.sasl)
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
if self.asan:
prohibit(self.sasl)
prohibit(self.coverage)
# Address sanitizer only with auth+SSL or no auth + no SSL.
if self.auth:
require(self.ssl == 'openssl')
else:
prohibit(self.ssl)
