Details
-
Bug
-
Resolution: Done
-
Major - P3
-
None
-
2.6.0-rc0
-
Fully Compatible
-
ALL
Description
The "crl_client_revoked.pem" file, which is the CRL we are using to test a revoked certificate is expired. This means the test was passing not because the certificate was successfully revoked, but because only the failure case was tested and the CRL was expired.
Adding the following to the end of https://github.com/mongodb/mongo/blob/r2.6.0-rc0/jstests/ssl/ssl_crl_revoked.js causes the test to fail:
mongo = runMongoProgram("mongo", "--port", port, "--ssl",
|
"--sslPEMKeyFile", "jstests/libs/client.pem",
|
"--eval", ";");
|
|
|
// 0 is the exit code for the shell connecting successfully
|
assert(mongo==0);
|