0
0
mirror of https://github.com/mongodb/mongo.git synced 2024-12-01 09:32:32 +01:00
mongodb/jstests/libs
2018-10-08 11:54:17 -04:00
..
command_line
config_files SERVER-35591 Remove MMAPv1 testing 2018-06-25 16:47:18 -04:00
jstestfuzz SERVER-33633 Create jstestfuzz_interrupt and jstestfuzz_interrupt_replication suites to enable checkForInterrupt failpoint 2018-03-28 13:41:51 -04:00
override_methods SERVER-36435 Make ReplSetTest.kDefaultTimeoutMS accessible everywhere. 2018-09-11 15:16:31 -04:00
txns SERVER-35388 Improve misleading error messages for operations banned in transactions 2018-06-25 16:50:34 -04:00
8k-prime.dhparam
analyze_plan.js SERVER-36528 Implement $planCacheStats agg source. 2018-08-21 18:54:22 -04:00
assert_schema_match.js
authTestsKey
backup_utils.js SERVER-36270: Add test combining backup cursors and manipulating the truncate after point. 2018-10-08 11:54:17 -04:00
badSAN.pem
ca.pem
change_stream_util.js SERVER-36899 Accept new 'startAfter' option in watch() helpers 2018-08-28 17:21:00 -04:00
check_log.js SERVER-34034 Test log format, slowms, logLevel and sampleRate on mongoD and mongoS 2018-04-04 17:42:14 +01:00
check_unique_indexes.js SERVER-34954 Add test to check unique indexes on a newly added --shardsvr node 2018-08-09 14:04:46 +10:00
check_uuids.js SERVER-35131 Remove system.namespaces and system.indexes-specific UUID handling for 4.2 2018-07-03 13:44:16 -04:00
chunk_manipulation_util.js SERVER-35152 update tests for 4.0 2018-05-22 15:15:53 -04:00
cleanup_orphaned_util.js
client_email.pem SERVER-34831 Add support for emailAddress in subject name 2018-05-07 11:35:41 -04:00
client_escape.pem SERVER-34413 Converting Certificate Subject Names to strings need to obey RFC 2253 2018-04-17 12:07:46 -04:00
client_privatekey.pem SERVER-35541 Support PKCS#8 PrivateKeyInfo in SChannel Provider 2018-06-11 23:32:42 -04:00
client_revoked.pem
client_roles.pem SERVER-34387 Create client_roles.pem test certificate with long expiration date 2018-04-10 16:55:20 -04:00
client_title.pem SERVER-34831 Add support for emailAddress in subject name 2018-05-07 11:35:41 -04:00
client_utf8.cnf SERVER-34413 Converting Certificate Subject Names to strings need to obey RFC 2253 2018-04-17 12:07:46 -04:00
client_utf8.pem SERVER-34413 Converting Certificate Subject Names to strings need to obey RFC 2253 2018-04-17 12:07:46 -04:00
client-all-the-oids.csr.in SERVER-35196 Map additional X509 OIDs 2018-06-05 21:55:10 -04:00
client-all-the-oids.pem SERVER-35196 Map additional X509 OIDs 2018-06-05 21:55:10 -04:00
client-custom-oids.csr.in SERVER-34735 Extract structured data from X509 subject names 2018-05-15 22:11:45 -04:00
client-custom-oids.pem SERVER-34735 Extract structured data from X509 subject names 2018-05-15 22:11:45 -04:00
client-multivalue-rdn.pem SERVER-34735 Extract structured data from X509 subject names 2018-05-15 22:11:45 -04:00
client-self-signed.pem SERVER-34888 Do not store subject name without validation 2018-05-09 11:49:47 -04:00
client.pem
cluster_cert.pem
collection_drop_recreate.js SERVER-35919 Ensure all tests that use transactions perform collection drops with w:majority 2018-07-26 12:07:52 -04:00
command_sequence_with_retries.js
crl_client_revoked.pem
crl_expired.pem
crl.pem
csrs_upgrade_util.js
cycle_detection.js SERVER-34293 Add test for atomicity and isolation of transactions. 2018-04-16 19:27:18 -04:00
database_versioning.js SERVER-34459 Clear in-memory database versions on setFCV downgrade on shard primaries and secondaries 2018-04-13 18:27:07 -04:00
dateutil.js
discover_topology.js SERVER-36198 Remove 'internalQueryAllowAllPathsIndexes' server parameter 2018-10-03 22:36:02 +01:00
expired.pem
feature_compatibility_version.js SERVER-35655 Update FCV constants throughout server code. 2018-07-02 10:50:53 -04:00
fixture_helpers.js SERVER-34302 Add passthrough suite(s) replacing single-collection $changeStream with whole-db streams filtered by namespace 2018-04-19 11:21:12 +01:00
fsm_serial_client.js
ftdc.js
fts.js
geo_math.js
geo_near_random.js SERVER-35043, SERVER-22949: move geoNear implementation into aggregation 2018-06-18 23:34:49 -04:00
get_index_helpers.js
global_snapshot_reads_util.js SERVER-36313 Re-enable global snapshot find and aggregate tests 2018-08-02 14:14:03 -04:00
host_ipaddr.js
index_bigkeys.js SERVER-36281 Test upgrade/downgrade behaviors for unlimited index key length 2018-08-21 23:06:50 -04:00
json_schema_test_runner.js
key1
key1_644
key2
kill_sessions.js
localhostnameCN.pem
localhostnameSAN.pem
mockkrb5.conf
mockservice.keytab
mockuser.keytab
mongodbauthorizationgrant.cnf SERVER-33549 Refactor OpenSSL to use common ASN.1 code and add test 2018-03-15 13:24:39 -04:00
mongoebench.js SERVER-35537 Create mongoebench for running benchRun against mobile. 2018-07-10 01:39:36 -04:00
mql_model_mongod_test_runner.js WRITING-2731 Build integration test running script for testing the mql-model command line tool 2018-06-09 08:56:32 -04:00
namespace_utils.js SERVER-29134: Support change streams on an entire database in a sharded cluster 2018-04-11 15:53:03 -04:00
not_yet_valid.pem
parallel_shell_helpers.js SERVER-34615 Make UUIDCatalog updates for renameCollection atomic 2018-06-06 16:54:44 -04:00
parallelTester.js SERVER-36721 Prevent list_all_local_sessions.js from being run with other 2018-09-25 12:02:50 -04:00
password_protected.pem
pin_getmore_cursor.js SERVER-37003 Minor change to test for cursor field of curOp for getMore 2018-09-28 15:45:24 -04:00
profiler.js SERVER-33135 Delete code for OP_COMMAND 2018-07-30 13:57:10 -04:00
python.js SERVER-36614 Add handling of __exec config expansions 2018-09-18 12:53:49 +00:00
read_committed_lib.js
README.ssl SERVER-34735 Extract structured data from X509 subject names 2018-05-15 22:11:45 -04:00
retryable_writes_util.js SERVER-35591 Remove MMAPv1 testing 2018-06-25 16:47:18 -04:00
server.pem
sessions_collection.js
smoke.pem
specific_secondary_reader_mongo.js SERVER-32883 Add concurrency_replication_causal_consistency suite 2018-05-23 18:01:13 -04:00
ssl_test.js
stats.js
test_background_ops.js
testconfig
trace_missing_docs.js
trusted-ca.pem
trusted-client.pem
trusted-client.pfx SERVER-32979 Windows Certificate Selectors 2018-03-23 11:28:17 -04:00
trusted-server.pem
trusted-server.pfx SERVER-34139 Add certificate selector for Apple for SecureTransport 2018-04-02 19:58:23 -04:00
uuid_util.js
write_concern_util.js SERVER-35814 ensure that prepareTransaction waits for writeConcern 2018-08-23 13:17:42 -04:00

client-self-signed.pem represents the same RDN as client.pem, but using itself as a CA:

openssl req -nodes -new -subj '/CN=client/OU=KernelUser/O=MongoDB/L=New York City/ST=New York/C=US' -out css.csr -keyout css.rsa
openssl rsa -in css.rsa -out css.key
openssl x509 -in css.csr -out jstests/libs/client-self-signed.pem -req -signkey client-self-signed.key -days 3650
cat css.key >> jstests/libs/client-self-signed.pem
rm css.{csr,rsa,key}

---------------------------
client-multivalue-rdn.pem represents the same RDN as client.pem, but grouping some elements together:

openssl req -new -nodes -subj '/CN=client+OU=KernelUser+O=MongoDB/L=New York City+ST=New York+C=US' -multivalue-rdn \
            -keyout client-multivalue-rdn.key -out client-multivalue-rdn.csr
openssl rsa -in client-multivalue-rdn.key -out client-multivalue-rdn.rsa
openssl x509 -in client-multivalue-rdn.csr -out client-multivalue-rdn.pem -req -CA ca.pem -days 3650 -CAcreateserial
cat client-multivalue-rdn.rsa >> client-multivalue-rdn.pem
rm ca.srl client-multivalue-rdn.key client-multivalue-rdn.rsa client-multivalue-rdn.csr

---------------------------

The other ceriticates in this directory come from x509gen.
How to generate a certificate with a custom extension:

1. Generate a normal certificate signing request without an extension
2. Make a copy of the system openssl.cnf and append this text to the file
    On Redhat/Fedora, openssl.cnf is in /etc/pki/tls

See jstests\libs\mongodbauthorizationgrant.cnf for how to generate the text with the
'openssl asn1parse' command.

[MongoDBAuthorizationGrant]
1.3.6.1.4.1.34601.2.1.1 = DER:312B300F0C066261636B75700C0561646D696E30180C0F72656164416E7944617461626173650C0561646D696E

3. Sign the certificate and add the custom extension
4. Make a new pem with the certificate and key

Example Commands
----------------
openssl req -config openssl.cnf -newkey rsa:2048 -nodes -keyout roles.key -out roles.csr

Example with subject name:
openssl req -config openssl.cnf -newkey rsa:2048 -nodes -keyout roles.key -out roles.csr -subj "/C=US/ST=New York/L=New York City/O=MongoDB/OU=KernelUser/CN=client/emailAddress=example@mongodb.com"

openssl x509 -req -sha256 -in roles.csr -days 3650 -out roles.pem -extfile openssl.cnf -extensions MongoDBAuthorizationGrant -CA jstests/libs/ca.pem -CAcreateserial

openssl rsa -in roles.key -out roles2.key

cat roles.pem roles2.key > roles_final.pem


Example Commands for UTF-8
--------------------------
openssl req -new -utf8 -nameopt multiline,utf8  -config .\jstests\libs\client_utf8.cnf -newkey rsa:2048 -nodes -keyout roles.key -out roles.csr