mongo 1.10.0.rc0 → 1.10.0.rc1

data/lib/mongo/functional.rb

@@ -17,3 +17,5 @@ require 'mongo/functional/logging'
 require 'mongo/functional/read_preference'
 require 'mongo/functional/write_concern'
 require 'mongo/functional/uri_parser'
+
+require 'mongo/functional/sasl_java' if RUBY_PLATFORM =~ /java/

data/lib/mongo/functional/authentication.rb

@@ -19,6 +19,7 @@ module Mongo
 
     DEFAULT_MECHANISM = 'MONGODB-CR'
     MECHANISMS        = ['GSSAPI', 'MONGODB-CR', 'MONGODB-X509', 'PLAIN']
+    EXTRA             = { 'GSSAPI' => [:gssapi_service_name, :canonicalize_host_name] }
 
     # authentication module methods
     class << self
@@ -59,6 +60,15 @@ module Mongo
             "When using the authentication mechanism #{auth[:mechanism]} " +
             "both username and password are required."
         end
+        # if extra opts exist, validate them
+        allowed_keys = EXTRA[auth[:mechanism]]
+        if auth[:extra] && !auth[:extra].empty?
+          invalid_opts = []
+          auth[:extra].keys.each { |k| invalid_opts << k unless allowed_keys.include?(k) }
+          raise MongoArgumentError,
+            "Invalid extra option(s): #{invalid_opts} found. Please check the extra options" +
+            " passed and try again." unless invalid_opts.empty?
+        end
         auth
       end
 
@@ -95,19 +105,22 @@ module Mongo
     #   (if different than the current database).
     # @param mechanism [String] (nil) The authentication mechanism being used
     #   (default: 'MONGODB-CR').
+    # @param extra [Hash] (nil) A optional hash of extra options to be stored with
+    #   the credential set.
     #
     # @raise [MongoArgumentError] Raised if the database has already been used
     #   for authentication. A log out is required before additional auths can
     #   be issued against a given database.
     # @raise [AuthenticationError] Raised if authentication fails.
     # @return [Hash] a hash representing the authentication just added.
-    def add_auth(db_name, username, password=nil, source=nil, mechanism=nil)
+    def add_auth(db_name, username, password=nil, source=nil, mechanism=nil, extra=nil)
       auth = Authentication.validate_credentials({
         :db_name   => db_name,
         :username  => username,
         :password  => password,
         :source    => source,
-        :mechanism => mechanism
+        :mechanism => mechanism,
+        :extra     => extra
       })
 
       if @auths.any? {|a| a[:source] == auth[:source]}
@@ -276,7 +289,9 @@ module Mongo
     # @private
     def issue_gssapi(auth, opts={})
       raise NotImplementedError,
-        "The #{auth[:mechanism]} authentication mechanism is not yet supported."
+         "The #{auth[:mechanism]} authentication mechanism is only supported " +
+         "for JRuby." unless RUBY_PLATFORM =~ /java/
+      Mongo::Sasl::GSSAPI.authenticate(auth[:username], self, opts[:socket], auth[:extra] || {})
     end
 
     # Helper to fetch a nonce value from a given database instance.

data/lib/mongo/functional/sasl_java.rb

@@ -0,0 +1,48 @@
+# Copyright (C) 2009-2013 MongoDB, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'jruby'
+
+include Java
+
+jar_dir = File.join(File.dirname(__FILE__), '../../../ext/jsasl')
+require File.join(jar_dir, 'target/jsasl.jar')
+
+module Mongo
+  module Sasl
+
+    module GSSAPI
+
+      def self.authenticate(username, client, socket, opts={})
+        db            = client.db('$external')
+        hostname      = socket.pool.host
+        servicename   = opts[:gssapi_service_name] || 'mongodb'
+        canonicalize  = opts[:canonicalize_host_name] ? opts[:canonicalize_host_name] : false
+
+        authenticator = org.mongodb.sasl.GSSAPIAuthenticator.new(JRuby.runtime, username, hostname, servicename, canonicalize)
+        token         = BSON::Binary.new(authenticator.initialize_challenge)
+        cmd           = BSON::OrderedHash['saslStart', 1, 'mechanism', 'GSSAPI', 'payload', token, 'autoAuthorize', 1]
+        response      = db.command(cmd, :check_response => false, :socket => socket)
+
+        until response['done'] do
+          token    = BSON::Binary.new(authenticator.evaluate_challenge(response['payload'].to_s))
+          cmd      = BSON::OrderedHash['saslContinue', 1, 'conversationId', response['conversationId'], 'payload', token]
+          response = db.command(cmd, :check_response => false, :socket => socket)
+        end
+        response
+      end
+    end
+
+  end
+end

data/lib/mongo/functional/uri_parser.rb

@@ -42,9 +42,11 @@ module Mongo
     OPT_ATTRS  = [
       :authmechanism,
       :authsource,
+      :canonicalizehostname,
       :connect,
       :connecttimeoutms,
       :fsync,
+      :gssapiservicename,
       :journal,
       :pool_size,
       :readpreference,
@@ -59,71 +61,79 @@ module Mongo
     ]
 
     OPT_VALID = {
-      :authmechanism    => lambda { |arg| Mongo::Authentication.validate_mechanism(arg) },
-      :authsource       => lambda { |arg| arg.length > 0 },
-      :connect          => lambda { |arg| [ 'direct', 'replicaset', 'true', 'false', true, false ].include?(arg) },
-      :connecttimeoutms => lambda { |arg| arg =~ /^\d+$/ },
-      :fsync            => lambda { |arg| ['true', 'false'].include?(arg) },
-      :journal          => lambda { |arg| ['true', 'false'].include?(arg) },
-      :pool_size        => lambda { |arg| arg.to_i > 0 },
-      :readpreference   => lambda { |arg| READ_PREFERENCES.keys.include?(arg) },
-      :replicaset       => lambda { |arg| arg.length > 0 },
-      :safe             => lambda { |arg| ['true', 'false'].include?(arg) },
-      :slaveok          => lambda { |arg| ['true', 'false'].include?(arg) },
-      :sockettimeoutms  => lambda { |arg| arg =~ /^\d+$/ },
-      :ssl              => lambda { |arg| ['true', 'false'].include?(arg) },
-      :w                => lambda { |arg| arg =~ /^\w+$/ },
-      :wtimeout         => lambda { |arg| arg =~ /^\d+$/ },
-      :wtimeoutms       => lambda { |arg| arg =~ /^\d+$/ }
+      :authmechanism        => lambda { |arg| Mongo::Authentication.validate_mechanism(arg) },
+      :authsource           => lambda { |arg| arg.length > 0 },
+      :canonicalizehostname => lambda { |arg| ['true', 'false'].include?(arg) },
+      :connect              => lambda { |arg| [ 'direct', 'replicaset', 'true', 'false', true, false ].include?(arg) },
+      :connecttimeoutms     => lambda { |arg| arg =~ /^\d+$/ },
+      :fsync                => lambda { |arg| ['true', 'false'].include?(arg) },
+      :gssapiservicename    => lambda { |arg| arg.length > 0 },
+      :journal              => lambda { |arg| ['true', 'false'].include?(arg) },
+      :pool_size            => lambda { |arg| arg.to_i > 0 },
+      :readpreference       => lambda { |arg| READ_PREFERENCES.keys.include?(arg) },
+      :replicaset           => lambda { |arg| arg.length > 0 },
+      :safe                 => lambda { |arg| ['true', 'false'].include?(arg) },
+      :slaveok              => lambda { |arg| ['true', 'false'].include?(arg) },
+      :sockettimeoutms      => lambda { |arg| arg =~ /^\d+$/ },
+      :ssl                  => lambda { |arg| ['true', 'false'].include?(arg) },
+      :w                    => lambda { |arg| arg =~ /^\w+$/ },
+      :wtimeout             => lambda { |arg| arg =~ /^\d+$/ },
+      :wtimeoutms           => lambda { |arg| arg =~ /^\d+$/ }
      }
 
     OPT_ERR = {
-      :authmechanism    => "must be one of #{Mongo::Authentication::MECHANISMS.join(', ')}",
-      :authsource       => "must be a string containing the name of the database being used for authentication",
-      :connect          => "must be 'direct', 'replicaset', 'true', or 'false'",
-      :connecttimeoutms => "must be an integer specifying milliseconds",
-      :fsync            => "must be 'true' or 'false'",
-      :journal          => "must be 'true' or 'false'",
-      :pool_size        => "must be an integer greater than zero",
-      :readpreference   => "must be on of #{READ_PREFERENCES.keys.map(&:inspect).join(",")}",
-      :replicaset       => "must be a string containing the name of the replica set to connect to",
-      :safe             => "must be 'true' or 'false'",
-      :slaveok          => "must be 'true' or 'false'",
-      :settimeoutms     => "must be an integer specifying milliseconds",
-      :ssl              => "must be 'true' or 'false'",
-      :w                => "must be an integer indicating number of nodes to replicate to or a string " +
-                           "specifying that replication is required to the majority or nodes with a " +
-                           "particilar getLastErrorMode.",
-      :wtimeout         => "must be an integer specifying milliseconds",
-      :wtimeoutms       => "must be an integer specifying milliseconds"
+      :authmechanism        => "must be one of #{Mongo::Authentication::MECHANISMS.join(', ')}",
+      :authsource           => "must be a string containing the name of the database being used for authentication",
+      :canonicalizehostname => "must be 'true' or 'false'",
+      :connect              => "must be 'direct', 'replicaset', 'true', or 'false'",
+      :connecttimeoutms     => "must be an integer specifying milliseconds",
+      :fsync                => "must be 'true' or 'false'",
+      :gssapiservicename    => "must be a string containing the name of the GSSAPI service",
+      :journal              => "must be 'true' or 'false'",
+      :pool_size            => "must be an integer greater than zero",
+      :readpreference       => "must be on of #{READ_PREFERENCES.keys.map(&:inspect).join(",")}",
+      :replicaset           => "must be a string containing the name of the replica set to connect to",
+      :safe                 => "must be 'true' or 'false'",
+      :slaveok              => "must be 'true' or 'false'",
+      :settimeoutms         => "must be an integer specifying milliseconds",
+      :ssl                  => "must be 'true' or 'false'",
+      :w                    => "must be an integer indicating number of nodes to replicate to or a string " +
+                               "specifying that replication is required to the majority or nodes with a " +
+                               "particilar getLastErrorMode.",
+      :wtimeout             => "must be an integer specifying milliseconds",
+      :wtimeoutms           => "must be an integer specifying milliseconds"
     }
 
     OPT_CONV = {
-      :authmechanism    => lambda { |arg| arg.upcase },
-      :authsource       => lambda { |arg| arg },
-      :connect          => lambda { |arg| arg == 'false' ? false : arg }, # convert 'false' to FalseClass
-      :connecttimeoutms => lambda { |arg| arg.to_f / 1000 }, # stored as seconds
-      :fsync            => lambda { |arg| arg == 'true' ? true : false },
-      :journal          => lambda { |arg| arg == 'true' ? true : false },
-      :pool_size        => lambda { |arg| arg.to_i },
-      :readpreference   => lambda { |arg| READ_PREFERENCES[arg] },
-      :replicaset       => lambda { |arg| arg },
-      :safe             => lambda { |arg| arg == 'true' ? true : false },
-      :slaveok          => lambda { |arg| arg == 'true' ? true : false },
-      :sockettimeoutms  => lambda { |arg| arg.to_f / 1000 }, # stored as seconds
-      :ssl              => lambda { |arg| arg == 'true' ? true : false },
-      :w                => lambda { |arg| Mongo::Support.is_i?(arg) ? arg.to_i : arg.to_sym },
-      :wtimeout         => lambda { |arg| arg.to_i },
-      :wtimeoutms       => lambda { |arg| arg.to_i }
+      :authmechanism        => lambda { |arg| arg.upcase },
+      :authsource           => lambda { |arg| arg },
+      :canonicalizehostname => lambda { |arg| arg == 'true' ? true : false },
+      :connect              => lambda { |arg| arg == 'false' ? false : arg }, # convert 'false' to FalseClass
+      :connecttimeoutms     => lambda { |arg| arg.to_f / 1000 }, # stored as seconds
+      :fsync                => lambda { |arg| arg == 'true' ? true : false },
+      :gssapiservicename    => lambda { |arg| arg },
+      :journal              => lambda { |arg| arg == 'true' ? true : false },
+      :pool_size            => lambda { |arg| arg.to_i },
+      :readpreference       => lambda { |arg| READ_PREFERENCES[arg] },
+      :replicaset           => lambda { |arg| arg },
+      :safe                 => lambda { |arg| arg == 'true' ? true : false },
+      :slaveok              => lambda { |arg| arg == 'true' ? true : false },
+      :sockettimeoutms      => lambda { |arg| arg.to_f / 1000 }, # stored as seconds
+      :ssl                  => lambda { |arg| arg == 'true' ? true : false },
+      :w                    => lambda { |arg| Mongo::Support.is_i?(arg) ? arg.to_i : arg.to_sym },
+      :wtimeout             => lambda { |arg| arg.to_i },
+      :wtimeoutms           => lambda { |arg| arg.to_i }
     }
 
     attr_reader :auths,
                 :authmechanism,
                 :authsource,
+                :canonicalizehostname,
                 :connect,
                 :connecttimeoutms,
                 :db_name,
                 :fsync,
+                :gssapiservicename,
                 :journal,
                 :nodes,
                 :pool_size,
@@ -318,6 +328,8 @@ module Mongo
           :source    => @authsource,
           :mechanism => @authmechanism
         })
+        auth[:extra] = @canonicalizehostname ? { :canonicalize_host_name => @canonicalizehostname } : {}
+        auth[:extra].merge!(:gssapi_service_name => @gssapiservicename) if @gssapiservicename
         @auths << auth
       end
     end

data/lib/mongo/mongo_client.rb

@@ -33,6 +33,8 @@ module Mongo
     APPEND_HEADROOM    = COMMAND_HEADROOM / 2
     SERIALIZE_HEADROOM = APPEND_HEADROOM / 2
 
+    DEFAULT_MAX_WRITE_BATCH_SIZE = 1000
+
     Mutex              = ::Mutex
     ConditionVariable  = ::ConditionVariable
 
@@ -66,7 +68,8 @@ module Mongo
                 :acceptable_latency,
                 :read,
                 :max_wire_version,
-                :min_wire_version
+                :min_wire_version,
+                :max_write_batch_size
 
     # Create a connection to single MongoDB instance.
     #
@@ -87,11 +90,17 @@ module Mongo
     #  @param [Integer] port specify a port number here if only one host is being specified.
     #  @param [Hash] opts hash of optional settings and configuration values.
     #
-    #  @option opts [String, Integer, Symbol] :w (1) Set default number of nodes to which a write
-    #    should be acknowledged
-    #  @option opts [Boolean] :j (false) Set journal acknowledgement
-    #  @option opts [Integer] :wtimeout (nil) Set replica set acknowledgement timeout
-    #  @option opts [Boolean] :fsync (false) Set fsync acknowledgement.
+    # @option opts [String, Integer, Symbol] :w (1) Set default number of nodes to which a write
+    #   should be acknowledged.
+    # @option opts [Integer] :wtimeout (nil) Set replica set acknowledgement timeout.
+    # @option opts [Boolean] :j (false) If true, block until write operations have been committed
+    #   to the journal. Cannot be used in combination with 'fsync'. Prior to MongoDB 2.6 this option was
+    #   ignored if the server was running without journaling. Starting with MongoDB 2.6, write operations will
+    #   fail with an exception if this option is used when the server is running without journaling.
+    # @option opts [Boolean] :fsync (false) If true, and the server is running without journaling, blocks until
+    #   the server has synced all data files to disk. If the server is running with journaling, this acts the same as
+    #   the 'j' option, blocking until write operations have been committed to the journal.
+    #   Cannot be used in combination with 'j'.
     #
     #  Notes about Write-Concern Options:
     #   Write concern options are propagated to objects instantiated from this MongoClient.
@@ -101,7 +110,8 @@ module Mongo
     #  @option opts [Boolean] :ssl (false) If true, create the connection to the server using SSL.
     #  @option opts [String] :ssl_cert (nil) The certificate file used to identify the local connection against MongoDB.
     #  @option opts [String] :ssl_key (nil) The private keyfile used to identify the local connection against MongoDB.
-    #    If included with the :ssl_cert then only :ssl_cert is needed.
+    #    Note that even if the key is stored in the same file as the certificate, both need to be explicitly specified.
+    #    Additionally, note that the driver does not currently support providing a passphrase for the private key.
     #  @option opts [Boolean] :ssl_verify (nil) Specifies whether or not peer certification validation should occur.
     #  @option opts [String] :ssl_ca_cert (nil) The ca_certs file contains a set of concatenated "certification authority"
     #    certificates, which are used to validate certificates passed from the other end of the connection.
@@ -161,6 +171,7 @@ module Mongo
       @max_message_size = nil
       @max_wire_version = nil
       @min_wire_version = nil
+      @max_write_batch_size = nil
 
       check_opts(opts)
       setup(opts.dup)
@@ -231,8 +242,7 @@ module Mongo
       [@host, @port]
     end
 
-    # Fsync, then lock the mongod process against writes. Use this to get
-    # the datafiles in a state safe for snapshotting, backing up, etc.
+    # Flush all pending writes to datafiles.
     #
     # @return [BSON::OrderedHash] the command response
     def lock!
@@ -403,6 +413,7 @@ module Mongo
         @max_message_size = config['maxMessageSizeBytes']
         @max_wire_version = config['maxWireVersion']
         @min_wire_version = config['minWireVersion']
+        @max_write_batch_size = config['maxWriteBatchSize']
         check_wire_version_in_range
         set_primary(host_port)
       end
@@ -482,6 +493,10 @@ module Mongo
       @min_wire_version || 0
     end
 
+    def max_write_batch_size
+      @max_write_batch_size || DEFAULT_MAX_WRITE_BATCH_SIZE
+    end
+
     def wire_version_feature?(feature)
       min_wire_version <= feature && feature <= max_wire_version
     end

data/lib/mongo/mongo_replica_set_client.rb

@@ -47,10 +47,16 @@ module Mongo
     #   @param [Array<String>, Array<Array(String, Integer)>] seeds
     #
     #   @option opts [String, Integer, Symbol] :w (1) Set default number of nodes to which a write
-    #     should be acknowledged
-    #   @option opts [Boolean] :j (false) Set journal acknowledgement
-    #   @option opts [Integer] :wtimeout (nil) Set acknowledgement timeout
-    #   @option opts [Boolean] :fsync (false) Set fsync acknowledgement.
+    #     should be acknowledged.
+    #   @option opts [Integer] :wtimeout (nil) Set replica set acknowledgement timeout.
+    #   @option opts [Boolean] :j (false) If true, block until write operations have been committed
+    #     to the journal. Cannot be used in combination with 'fsync'. Prior to MongoDB 2.6 this option was
+    #     ignored if the server was running without journaling. Starting with MongoDB 2.6, write operations will
+    #     fail with an exception if this option is used when the server is running without journaling.
+    #   @option opts [Boolean] :fsync (false) If true, and the server is running without journaling, blocks until
+    #     the server has synced all data files to disk. If the server is running with journaling, this acts the same as
+    #     the 'j' option, blocking until write operations have been committed to the journal.
+    #     Cannot be used in combination with 'j'.
     #
     #     Notes about write concern options:
     #       Write concern options are propagated to objects instantiated from this MongoReplicaSetClient.
@@ -85,7 +91,8 @@ module Mongo
     #   @option opts [Boolean] :ssl (false) If true, create the connection to the server using SSL.
     #   @option opts [String] :ssl_cert (nil) The certificate file used to identify the local connection against MongoDB.
     #   @option opts [String] :ssl_key (nil) The private keyfile used to identify the local connection against MongoDB.
-    #     If included with the :ssl_cert then only :ssl_cert is needed.
+    #     Note that even if the key is stored in the same file as the certificate, both need to be explicitly specified.
+    #     Additionally, note that the driver does not currently support providing a passphrase for the private key.
     #   @option opts [Boolean] :ssl_verify (nil) Specifies whether or not peer certification validation should occur.
     #   @option opts [String] :ssl_ca_cert (nil) The ca_certs file contains a set of concatenated "certification authority"
     #     certificates, which are used to validate certificates passed from the other end of the connection.
@@ -463,6 +470,10 @@ module Mongo
       local_manager && local_manager.primary_pool && local_manager.primary_pool.node.wire_version_feature?(feature)
     end
 
+    def max_write_batch_size
+      local_manager && local_manager.primary_pool && local_manager.primary_pool.node.max_write_batch_size
+    end
+
     private
 
     # Parse option hash

data/lib/mongo/networking.rb

@@ -104,9 +104,9 @@ module Mongo
           error = "wtimeout" if error == "timeout"
           raise OperationFailure.new(code.to_s + ': ' + error, code, docs[0])
         end
-      elsif num_received == 1 && (jnote = docs[0]['jnote']) # assignment
-        code = Mongo::ErrorCode::BAD_VALUE # as of server version 2.5.5
-        raise OperationFailure.new(code.to_s + ': ' + jnote, code, docs[0])
+      elsif num_received == 1 && (note = docs[0]['jnote'] || docs[0]['wnote']) # assignment
+        code = docs[0]['code'] || Mongo::ErrorCode::BAD_VALUE # as of server version 2.5.5
+        raise OperationFailure.new(code.to_s + ': ' + note, code, docs[0])
       end
 
       docs[0]

data/lib/mongo/utils/conversions.rb

@@ -37,7 +37,7 @@ module Mongo #:nodoc:
         )
       else
         order_by = value.inject({}) do |memo, (key, direction)|
-          memo[key.to_s] = sort_value(direction.to_s.downcase)
+          memo[key.to_s] = sort_value(direction)
           memo
         end
       end
@@ -97,6 +97,7 @@ module Mongo #:nodoc:
     #
     # If the value is invalid then an error will be raised.
     def sort_value(value)
+      return value if value.is_a?(Hash)
       val = value.to_s.downcase
       return 1 if ASCENDING_CONVERSION.include?(val)
       return -1 if DESCENDING_CONVERSION.include?(val)

data/test/functional/authentication_test.rb

@@ -15,16 +15,21 @@
 require 'test_helper'
 require 'shared/authentication/basic_auth_shared'
 require 'shared/authentication/sasl_plain_shared'
+require 'shared/authentication/bulk_api_auth_shared'
+require 'shared/authentication/gssapi_shared'
+
 
 class AuthenticationTest < Test::Unit::TestCase
   include Mongo
   include BasicAuthTests
   include SASLPlainTests
+  include BulkAPIAuthTests
+  include GSSAPITests
 
   def setup
     @client    = MongoClient.new(TEST_HOST, TEST_PORT)
+    @version   = @client.server_version
     @db        = @client[TEST_DB]
     @host_info = host_port
-    init_auth
   end
 end