def _check_allowed(self): # This would fail by design. if self.server == 'ipv4': prohibit(self.client == 'ipv6') # Default configuration is tested in other variants. if self.server == 'ipv6': prohibit(self.client == 'localhost')
def _check_allowed(self): # This would fail by design. if self.server == 'ipv4': prohibit(self.client == 'ipv6') # Default configuration is tested in other variants. if self.server == 'ipv6': prohibit(self.client == 'localhost')
def _check_allowed(self): if self.ssl == 'darwinssl': # Secure Transport quietly ignores a must-staple certificate with no stapled response. prohibit(self.test == 'malicious_server_test_2') # ECDSA certs can't be loaded (in the PEM format they're stored) on Windows/macOS. Skip them. if self.ssl == 'darwinssl' or self.ssl == 'winssl': prohibit(self.cert == 'ecdsa') # OCSP stapling is not supported on macOS or Windows. if self.ssl == 'darwinssl' or self.ssl == 'winssl': prohibit(self.test in ['test_1', 'test_2', 'cache']) if self.test == 'soft_fail_test' or self.test == 'malicious_server_test_2' or self.test == 'cache': prohibit(self.delegate == 'delegate')
def _check_allowed(self): # Current latest macOS does not support the disableStapling failpoint. # There are no tests that can run on macOS in current evergreen configuration. if self.ssl == 'darwinssl': # TODO: remove this when macOS latest download is updated prohibit(True) # ECDSA certs can't be loaded (in the PEM format they're stored) on Windows/macOS. Skip them. if self.ssl == 'darwinssl' or self.ssl == 'winssl': prohibit(self.cert == 'ecdsa') # OCSP stapling is not supported on macOS or Windows. if self.ssl == 'darwinssl' or self.ssl == 'winssl': prohibit(self.test in ['test_1', 'test_2', 'cache']) if self.test == 'soft_fail_test' or self.test == 'malicious_server_test_2' or self.test == 'cache': prohibit(self.delegate == 'delegate') # Until OCSP is supported in OpenSSL, skip tests that expect to be revoked. if self.ssl == 'openssl': prohibit(self.test in [ 'test_2', 'test_4', 'malicious_server_test_1', 'malicious_server_test_2' ])
def _check_allowed(self): if self.valgrind: prohibit(self.cse) prohibit(self.asan) prohibit(self.sasl) require(self.ssl in ('openssl', False)) prohibit(self.coverage) # Valgrind only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.auth: require(self.ssl) if self.sasl == 'sspi': # Only one self. require(self.topology == 'server') require(self.version == 'latest') require(self.ssl == 'winssl') require(self.auth) if not self.ssl: prohibit(self.sasl) if self.coverage: prohibit(self.sasl) if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.asan: prohibit(self.sasl) prohibit(self.coverage) # Address sanitizer only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.cse: require(self.version == 'latest' or parse_version(self.version) >= parse_version("4.2")) require(self.topology == 'server') if not self.asan: # limit to SASL=AUTO to reduce redundant tasks. require(self.sasl) require(self.sasl != 'sspi') prohibit(self.coverage) require(self.ssl)
def _check_allowed(self): prohibit (self.loadbalanced and self.auth) # Load balancer tests only run on some Linux hosts in Evergreen until CDRIVER-4041 is resolved. prohibit (self.loadbalanced and self.ssl in ["darwinssl", "winssl"])
def _check_allowed (self): # Test with both SSL and auth, or neither. prohibit (self.test_ssl != self.test_auth)
def _check_allowed(self): if self.sanitizer == 'tsan': require(self.ssl == 'openssl') prohibit(self.sasl) prohibit(self.valgrind) prohibit(self.coverage) prohibit(self.cse) prohibit(self.version == "3.0") if self.valgrind: prohibit(self.cse) prohibit(self.sanitizer) prohibit(self.sasl) require(self.ssl in ('openssl', False)) prohibit(self.coverage) # Valgrind only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.auth: require(self.ssl) if self.sasl == 'sspi': # Only one self. require(self.topology == 'server') require(self.version == 'latest') require(self.ssl == 'winssl') require(self.auth) if not self.ssl: prohibit(self.sasl) if self.coverage: prohibit(self.sasl) if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.sanitizer == "asan": prohibit(self.sasl) prohibit(self.coverage) # Address sanitizer only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.cse: require(self.version == 'latest' or parse_version(self.version) >= parse_version("4.2")) if self.version == 'latest' or parse_version( self.version) >= parse_version("6.0"): # FLE 2.0 Client-Side Encryption tasks on 6.0 require a non-standalone topology. require(self.topology in ('server', 'replica_set')) else: require(self.topology == 'server') if self.sanitizer != "asan": # limit to SASL=AUTO to reduce redundant tasks. require(self.sasl) require(self.sasl != 'sspi') prohibit(self.coverage) require(self.ssl)
def _check_allowed(self): if self.valgrind: prohibit(self.asan) prohibit(self.sasl) require(self.ssl in ('openssl', False)) prohibit(self.coverage) # Valgrind only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.auth: require(self.ssl) if self.sasl == 'sspi': # Only one self. require(self.topology == 'server') require(self.version == 'latest') require(self.ssl == 'winssl') require(self.auth) if not self.ssl: prohibit(self.sasl) if self.coverage: prohibit(self.sasl) if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.asan: prohibit(self.sasl) prohibit(self.coverage) # Address sanitizer only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl)
def _check_allowed(self): if self.valgrind: prohibit(self.asan) prohibit(self.sasl) require(self.ssl in ('openssl', False)) prohibit(self.coverage) # Valgrind only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.auth: require(self.ssl) if self.sasl == 'sspi': # Only one self. require(self.topology == 'server') require(self.version == 'latest') require(self.ssl == 'winssl') require(self.auth) if not self.ssl: prohibit(self.sasl) if self.coverage: prohibit(self.sasl) if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl) if self.asan: prohibit(self.sasl) prohibit(self.coverage) # Address sanitizer only with auth+SSL or no auth + no SSL. if self.auth: require(self.ssl == 'openssl') else: prohibit(self.ssl)