def test_scram_with_ssl(self): proc_params = {'procParams': {'clusterAuthMode': 'x509'}} config = { 'login': '******', 'password': '******', 'configsvrs': [{'clusterAuthMode': 'x509'}], 'routers': [{'clusterAuthMode': 'x509'}], 'shards': [{'shardParams': proc_params}, {'shardParams': {'members': [proc_params]}}], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.sh = ShardedCluster(config) # Should create the user we requested. No raise on authenticate. host = self.sh.router['hostname'] client = pymongo.MongoClient( host, ssl_certfile=certificate('client.pem')) client.admin.authenticate('luke', 'ekul') # This should be the only user. self.assertEqual(len(client.admin.command('usersInfo')['users']), 1) self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_scram_with_ssl(self): member_params = {'procParams': {'clusterAuthMode': 'x509'}} self.repl_cfg = { 'login': '******', 'password': '******', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.repl = ReplicaSet(self.repl_cfg) # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient( self.repl.primary(), ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client.admin.authenticate('luke', 'ekul') # This should be the only user. self.assertEqual(len(client.admin.command('usersInfo')['users']), 1) self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_mongodb_auth_uri(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") member_params = { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } } self.repl_cfg = { 'login': TEST_SUBJECT, 'authSource': '$external', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } self.repl = ReplicaSet(self.repl_cfg) self.assertIn('mongodb_auth_uri', self.repl.info()) repl_auth_uri = self.repl.info()['mongodb_auth_uri'] hosts = ','.join(m['host'] for m in self.repl.members()) self.assertIn(hosts, repl_auth_uri) self.assertIn(TEST_SUBJECT, repl_auth_uri) self.assertIn('authSource=$external', repl_auth_uri) self.assertIn('authMechanism=MONGODB-X509', repl_auth_uri)
def test_ssl_auth(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") proc_params = { 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } # Should not raise an Exception. self.server = Server( 'mongod', proc_params, ssl_params, login=TEST_SUBJECT, auth_source='$external') self.server.start() # Should create an extra user. Doesn't raise. client = pymongo.MongoClient( self.server.hostname, ssl_certfile=DEFAULT_CLIENT_CERT, ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate( DEFAULT_SUBJECT, mechanism='MONGODB-X509') # Should also create the user we requested. Doesn't raise. client = pymongo.MongoClient( self.server.hostname, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate( TEST_SUBJECT, mechanism='MONGODB-X509')
def test_member_info_auth_uri(self): member_params = { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } } self.repl_cfg = { 'login': TEST_SUBJECT, 'authSource': '$external', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } self.repl = ReplicaSet(self.repl_cfg) for i in range(len(self.repl)): member = self.repl.member_info(i) self.assertIn('mongodb_auth_uri', member) uri = member['mongodb_auth_uri'] host = Servers().hostname(member['server_id']) self.assertIn(host, uri) self.assertIn(TEST_SUBJECT, uri) self.assertIn('authSource=$external', uri) self.assertIn('authMechanism=MONGODB-X509', uri)
def test_scram_with_ssl(self): proc_params = {'procParams': {'clusterAuthMode': 'x509'}} config = { 'login': '******', 'password': '******', 'configsvrs': [{'clusterAuthMode': 'x509'}], 'routers': [{'clusterAuthMode': 'x509'}], 'shards': [{'shardParams': proc_params}, {'shardParams': {'members': [proc_params]}}], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.sh = ShardedCluster(config) time.sleep(1) # Should create the user we requested. No raise on authenticate. host = self.sh.router['hostname'] client = pymongo.MongoClient( host, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client.admin.authenticate('luke', 'ekul') # This should be the only user. self.assertEqual(len(client.admin.command('usersInfo')['users']), 1) self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_ssl_auth(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") proc_params = { 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } # Should not raise an Exception. self.server = Server('mongod', proc_params, ssl_params, login=TEST_SUBJECT, auth_source='$external') self.server.start() # Should create an extra user. Doesn't raise. client = pymongo.MongoClient(self.server.hostname, ssl_certfile=DEFAULT_CLIENT_CERT) client['$external'].authenticate(DEFAULT_SUBJECT, mechanism='MONGODB-X509') # Should also create the user we requested. Doesn't raise. client = pymongo.MongoClient(self.server.hostname, ssl_certfile=certificate('client.pem')) client['$external'].authenticate(TEST_SUBJECT, mechanism='MONGODB-X509')
def test_mongodb_auth_uri(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") member_params = { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': {'authenticationMechanisms': 'MONGODB-X509'} } } self.repl_cfg = { 'login': TEST_SUBJECT, 'authSource': '$external', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } self.repl = ReplicaSet(self.repl_cfg) self.assertIn('mongodb_auth_uri', self.repl.info()) repl_auth_uri = self.repl.info()['mongodb_auth_uri'] hosts = ','.join(m['host'] for m in self.repl.members()) self.assertIn(hosts, repl_auth_uri) self.assertIn(TEST_SUBJECT, repl_auth_uri) self.assertIn('authSource=$external', repl_auth_uri) self.assertIn('authMechanism=MONGODB-X509', repl_auth_uri) replset_param = 'replicaSet=' + self.repl.repl_id self.assertIn(replset_param, repl_auth_uri)
def test_member_info_auth_uri(self): member_params = { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': {'authenticationMechanisms': 'MONGODB-X509'} } } self.repl_cfg = { 'login': TEST_SUBJECT, 'authSource': '$external', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } self.repl = ReplicaSet(self.repl_cfg) for i in range(len(self.repl)): member = self.repl.member_info(i) self.assertIn('mongodb_auth_uri', member) uri = member['mongodb_auth_uri'] host = Servers().hostname(member['server_id']) self.assertIn(host, uri) self.assertIn(TEST_SUBJECT, uri) self.assertIn('authSource=$external', uri) self.assertIn('authMechanism=MONGODB-X509', uri)
def test_mongodb_auth_uri(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") proc_params = { 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } self.server = Server(self.mongod_name, proc_params, ssl_params, login=TEST_SUBJECT, auth_source='$external') self.server.start() self.assertIn('mongodb_auth_uri', self.server.info()) auth_uri = self.server.info()['mongodb_auth_uri'] self.assertIn(self.server.hostname, auth_uri) self.assertIn(TEST_SUBJECT, auth_uri) self.assertIn('authSource=$external', auth_uri) self.assertIn('authMechanism=MONGODB-X509', auth_uri)
def test_scram_with_ssl(self): member_params = {'procParams': {'clusterAuthMode': 'x509'}} self.repl_cfg = { 'login': '******', 'password': '******', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.repl = ReplicaSet(self.repl_cfg) # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient(self.repl.primary(), ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client.admin.authenticate('luke', 'ekul') # This should be the only user. self.assertEqual(len(client.admin.command('usersInfo')['users']), 1) self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_mongodb_auth_uri(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") shard_params = { 'shardParams': { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': {'authenticationMechanisms': 'MONGODB-X509'} } } } config = { 'login': TEST_SUBJECT, 'authSource': '$external', 'configsvrs': [{'clusterAuthMode': 'x509'}], 'routers': [{'clusterAuthMode': 'x509'}], 'shards': [shard_params, shard_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } self.sh = ShardedCluster(config) self.assertIn('mongodb_auth_uri', self.sh.info()) auth_uri = self.sh.info()['mongodb_auth_uri'] hosts = ','.join(r['hostname'] for r in self.sh.routers) self.assertIn(hosts, auth_uri) self.assertIn(TEST_SUBJECT, auth_uri) self.assertIn('authSource=$external', auth_uri) self.assertIn('authMechanism=MONGODB-X509', auth_uri)
def test_ssl(self): config = { 'configsvrs': [{}], 'routers': [{}], 'shards': [{}, { 'shardParams': { 'members': [{}] } }], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.sh = ShardedCluster(config) # Server should require SSL. host = self.sh.router['hostname'] with self.assertRaises(pymongo.errors.ConnectionFailure): connected(pymongo.MongoClient(host)) # This shouldn't raise. connected( pymongo.MongoClient(host, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE))
def test_mongodb_auth_uri(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") proc_params = { 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } self.server = Server( 'mongod', proc_params, ssl_params, login=TEST_SUBJECT, auth_source='$external') self.server.start() self.assertIn('mongodb_auth_uri', self.server.info()) auth_uri = self.server.info()['mongodb_auth_uri'] self.assertIn(self.server.hostname, auth_uri) self.assertIn(TEST_SUBJECT, auth_uri) self.assertIn('authSource=$external', auth_uri) self.assertIn('authMechanism=MONGODB-X509', auth_uri)
def test_ssl_auth(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") shard_params = { 'shardParams': { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } } } config = { 'login': TEST_SUBJECT, 'authSource': '$external', 'configsvrs': self.x509_configsvrs, 'routers': [{ 'clusterAuthMode': 'x509' }], 'shards': [shard_params, shard_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.sh = ShardedCluster(config) # Should create an extra user. No raise on authenticate. host = self.sh.router['hostname'] client = pymongo.MongoClient(host, ssl_certfile=DEFAULT_CLIENT_CERT, ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate(DEFAULT_SUBJECT, mechanism='MONGODB-X509') # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient(host, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate(TEST_SUBJECT, mechanism='MONGODB-X509')
def test_ssl(self): ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } # Should not raise an Exception. self.server = Server('mongod', {}, ssl_params) self.server.start() # Server should require SSL. self.assertRaises(pymongo.errors.ConnectionFailure, pymongo.MongoClient, self.server.hostname) # Doesn't raise with certificate provided. pymongo.MongoClient(self.server.hostname, ssl_certfile=certificate('client.pem'))
def test_ssl(self): ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } # Should not raise an Exception. self.server = Server('mongod', {}, ssl_params) self.server.start() # Server should require SSL. with self.assertRaises(pymongo.errors.ConnectionFailure): connected(pymongo.MongoClient(self.server.hostname)) # Doesn't raise with certificate provided. connected(pymongo.MongoClient( self.server.hostname, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE))
def test_scram_with_ssl(self): ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } # Should not raise an Exception. self.server = Server( 'mongod', {}, ssl_params, login='******', password='******') self.server.start() # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient( self.server.hostname, ssl_certfile=certificate('client.pem')) client.admin.authenticate('luke', 'ekul') # This should be the only user. self.assertEqual(len(client.admin.command('usersInfo')['users']), 1) self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_ssl_auth(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") shard_params = { 'shardParams': { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': {'authenticationMechanisms': 'MONGODB-X509'} } } } config = { 'login': TEST_SUBJECT, 'authSource': '$external', 'configsvrs': [{'clusterAuthMode': 'x509'}], 'routers': [{'clusterAuthMode': 'x509'}], 'shards': [shard_params, shard_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.sh = ShardedCluster(config) # Should create an extra user. No raise on authenticate. host = self.sh.router['hostname'] client = pymongo.MongoClient( host, ssl_certfile=DEFAULT_CLIENT_CERT, ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate( DEFAULT_SUBJECT, mechanism='MONGODB-X509') # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient( host, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate(TEST_SUBJECT, mechanism='MONGODB-X509')
def test_scram_with_ssl(self): ssl_params = { 'sslPEMKeyFile': certificate('server.pem'), 'sslCAFile': certificate('ca.pem'), 'sslMode': 'requireSSL', 'sslAllowInvalidCertificates': True } # Should not raise an Exception. self.server = Server( 'mongod', {}, ssl_params, login='******', password='******') self.server.start() # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient( self.server.hostname, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client.admin.authenticate('luke', 'ekul') # This should be the only user. self.assertEqual(len(client.admin.command('usersInfo')['users']), 1) self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_mongodb_auth_uri(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") shard_params = { 'shardParams': { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } } } config = { 'login': TEST_SUBJECT, 'authSource': '$external', 'configsvrs': [{ 'clusterAuthMode': 'x509' }], 'routers': [{ 'clusterAuthMode': 'x509' }], 'shards': [shard_params, shard_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } self.sh = ShardedCluster(config) self.assertIn('mongodb_auth_uri', self.sh.info()) auth_uri = self.sh.info()['mongodb_auth_uri'] hosts = ','.join(r['hostname'] for r in self.sh.routers) self.assertIn(hosts, auth_uri) self.assertIn(TEST_SUBJECT, auth_uri) self.assertIn('authSource=$external', auth_uri) self.assertIn('authMechanism=MONGODB-X509', auth_uri)
def test_ssl_auth(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") member_params = { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': { 'authenticationMechanisms': 'MONGODB-X509' } } } self.repl_cfg = { 'login': TEST_SUBJECT, 'authSource': '$external', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.repl = ReplicaSet(self.repl_cfg) # Should create an extra user. No raise on authenticate. client = pymongo.MongoClient(self.repl.primary(), ssl_certfile=DEFAULT_CLIENT_CERT, ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate(DEFAULT_SUBJECT, mechanism='MONGODB-X509') # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient(self.repl.primary(), ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate(TEST_SUBJECT, mechanism='MONGODB-X509')
def test_ssl_auth(self): if SERVER_VERSION < (2, 4): raise SkipTest("Need to be able to set 'authenticationMechanisms' " "parameter to test.") member_params = { 'procParams': { 'clusterAuthMode': 'x509', 'setParameter': {'authenticationMechanisms': 'MONGODB-X509'} } } self.repl_cfg = { 'login': TEST_SUBJECT, 'authSource': '$external', 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.repl = ReplicaSet(self.repl_cfg) # Should create an extra user. No raise on authenticate. client = pymongo.MongoClient( self.repl.primary(), ssl_certfile=DEFAULT_CLIENT_CERT, ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate( DEFAULT_SUBJECT, mechanism='MONGODB-X509') # Should create the user we requested. No raise on authenticate. client = pymongo.MongoClient( self.repl.primary(), ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE) client['$external'].authenticate( TEST_SUBJECT, mechanism='MONGODB-X509')
def test_ssl(self): member_params = {} self.repl_cfg = { 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.repl = ReplicaSet(self.repl_cfg) # Server should require SSL. with self.assertRaises(pymongo.errors.ConnectionFailure): connected(pymongo.MongoClient(self.repl.primary())) # This shouldn't raise. connected(pymongo.MongoClient( self.repl.primary(), ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE))
def test_ssl(self): member_params = {} self.repl_cfg = { 'members': [member_params, member_params], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.repl = ReplicaSet(self.repl_cfg) # Server should require SSL. with self.assertRaises(pymongo.errors.ConnectionFailure): connected(pymongo.MongoClient, self.repl.primary()) # This shouldn't raise. connected( pymongo.MongoClient(self.repl.primary(), ssl_certfile=certificate('client.pem')))
def test_ssl(self): config = { 'configsvrs': [{}], 'routers': [{}], 'shards': [{}, {'shardParams': {'members': [{}]}}], 'sslParams': { 'sslCAFile': certificate('ca.pem'), 'sslPEMKeyFile': certificate('server.pem'), 'sslMode': 'requireSSL', 'sslClusterFile': certificate('cluster_cert.pem'), 'sslAllowInvalidCertificates': True } } # Should not raise an Exception. self.sh = ShardedCluster(config) # Server should require SSL. host = self.sh.router['hostname'] with self.assertRaises(pymongo.errors.ConnectionFailure): connected(pymongo.MongoClient(host)) # This shouldn't raise. connected( pymongo.MongoClient(host, ssl_certfile=certificate('client.pem'), ssl_cert_reqs=ssl.CERT_NONE))