mongo 1.11.1 → 1.12.0.rc0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 047647bfd88def86157a8e4e25df514da21a1364
-  data.tar.gz: 7fd48a7694323f7e4759b94f12058b5e34a6bba4
+  metadata.gz: 0c376366d59154151291d12a0a859a6db8850416
+  data.tar.gz: 7d92d814592073a3f2548fea9b2960e241c98502
 SHA512:
-  metadata.gz: 3b360776478001d2b41342764c13dd209954c0bbcf73c5b87dc4f2169d3e42bd27c6650514ca281a1146c33d1d2624edf653cf8ddd51e3ff8f9e37c9bf4505d3
-  data.tar.gz: e4a9d033eb058e0424ecae35599a27be0a7c68e56b2a0557dcbc42a331e940a0c42c73f0b1c1eeb3b76d977fe63a84df5b7310bc001feeb2f8441518e163b2eb
+  metadata.gz: dc0c717e7741c0871d80af3b6f65be1bd8908a2e0364c6bf17106056f5d71ea4677f410a4cacf0a6ec85181486a2e3eb5392a1b09472c0d728ac9c3dcaecd027
+  data.tar.gz: fd7c88744f849a3cdec1a1e514a2028d4391615028dceb3c48edb0fbe5b6f87a1bceae1745cbc96ad2c0f96f0380897d6f1a9668d4a620adb9d52b0b32c67fe5

data/VERSION

@@ -1 +1 @@
-1.11.1
+1.12.0.rc0

data/lib/mongo/collection.rb

@@ -717,11 +717,13 @@ module Mongo
 
       if result.key?('cursor')
         cursor_info = result['cursor']
+        pinned_pool = @connection.pinned_pool
+        pinned_pool = pinned_pool[:pool] if pinned_pool.respond_to?(:keys)
 
         seed = {
           :cursor_id => cursor_info['id'],
           :first_batch => cursor_info['firstBatch'],
-          :pool => @connection.pinned_pool
+          :pool => pinned_pool
         }
 
         return Cursor.new(self, seed.merge!(opts))
@@ -887,10 +889,13 @@ module Mongo
       result                       = @db.command(cmd, command_options(opts))
 
       result['cursors'].collect do |cursor_info|
+        pinned_pool = @connection.pinned_pool
+        pinned_pool = pinned_pool[:pool] if pinned_pool.respond_to?(:keys)
+
         seed = {
           :cursor_id   => cursor_info['cursor']['id'],
           :first_batch => cursor_info['cursor']['firstBatch'],
-          :pool        => @connection.pinned_pool
+          :pool        => pinned_pool
         }
         Cursor.new(self, seed.merge!(opts))
       end
@@ -1024,7 +1029,7 @@ module Mongo
     #
     # @return [Hash] options that apply to this collection.
     def options
-      @db.collections_info(@name).next_document['options']
+      @db.collections_info(@name).first['options']
     end
 
     # Return stats on the collection. Uses MongoDB's collstats command.

data/lib/mongo/collection_writer.rb

@@ -55,7 +55,7 @@ module Mongo
       @max_write_batch_size = @collection.db.connection.max_write_batch_size
       docs = documents.dup
       catch(:error) do
-        until docs.empty? || (!errors.empty? && !collect_on_error) # process documents a batch at a time
+        until docs.empty? || (!errors.empty? && !collect_on_error && !continue_on_error) # process documents a batch at a time
           batch_docs = []
           batch_message_initialize(message, op_type, continue_on_error, write_concern)
           while !docs.empty? && batch_docs.size < @max_write_batch_size

data/lib/mongo/connection/socket/unix_socket.rb

@@ -33,7 +33,7 @@ module Mongo
 
       @socket_address  = Socket.pack_sockaddr_un(@address)
       @socket          = Socket.new(Socket::AF_UNIX, Socket::SOCK_STREAM, 0)
-      connect
+      connect(@socket, @socket_address)
     end
   end
 end

data/lib/mongo/cursor.rb

@@ -564,9 +564,11 @@ module Mongo
         ensure
           socket.checkin unless @socket || socket.nil?
         end
-        if !@socket && !@command
+
+        if pin_pool?(results.first)
           @connection.pin_pool(socket.pool, read_preference)
         end
+
         @returned += @n_received
         @cache += results
         @query_run = true
@@ -728,5 +730,10 @@ module Mongo
       end
       indexes.join("_")
     end
+
+    def pin_pool?(response)
+      ( response && (response['cursor'] || response['cursors']) ) ||
+        ( !@socket && !@command )
+    end
   end
 end

data/lib/mongo/db.rb

@@ -217,27 +217,25 @@ module Mongo
     #
     # @return [Hash] an object representing the user.
     def add_user(username, password=nil, read_only=false, opts={})
-      begin
-        user_info = command(:usersInfo => username)
-        if user_info.key?('users') && !user_info['users'].empty?
-          create_or_update_user(:updateUser, username, password, read_only, opts)
-        else
-          create_or_update_user(:createUser, username, password, read_only, opts)
-        end
-          # MongoDB >= 2.5.3 requires the use of commands to manage users.
-          # "Command not found" error didn't return an error code (59) before
-          # MongoDB 2.4.7 so we assume that a nil error code means the usersInfo
-          # command doesn't exist and we should fall back to the legacy add user code.
-      rescue OperationFailure => ex
-        if Mongo::ErrorCode::COMMAND_NOT_FOUND_CODES.include?(ex.error_code)
-          legacy_add_user(username, password, read_only, opts)
-        elsif ex.error_code == Mongo::ErrorCode::UNAUTHORIZED
-          # In MongoDB > 2.7 the localhost exception was narrowed, and the usersInfo
-          # command is no longer allowed.  In this case, add the first user.
-          create_or_update_user(:createUser, username, password, read_only, opts)
-        else
-          raise ex
-        end
+      user_info = command(:usersInfo => username)
+      if user_info.key?('users') && !user_info['users'].empty?
+        create_or_update_user(:updateUser, username, password, read_only, opts)
+      else
+        create_or_update_user(:createUser, username, password, read_only, opts)
+      end
+        # MongoDB >= 2.5.3 requires the use of commands to manage users.
+        # "Command not found" error didn't return an error code (59) before
+        # MongoDB 2.4.7 so we assume that a nil error code means the usersInfo
+        # command doesn't exist and we should fall back to the legacy add user code.
+    rescue OperationFailure => ex
+      if Mongo::ErrorCode::COMMAND_NOT_FOUND_CODES.include?(ex.error_code)
+        legacy_add_user(username, password, read_only, opts)
+      elsif ex.error_code == Mongo::ErrorCode::UNAUTHORIZED
+        # In MongoDB > 2.7 the localhost exception was narrowed, and the usersInfo
+        # command is no longer allowed.  In this case, add the first user.
+        create_or_update_user(:createUser, username, password, read_only, opts)
+      else
+        raise ex
       end
     end
 
@@ -261,9 +259,14 @@ module Mongo
     #
     # @return [Array]
     def collection_names
-      names = collections_info.collect { |doc| doc['name'] || '' }
-      names = names.delete_if {|name| name.index(@name).nil? || name.index('$')}
-      names.map {|name| name.sub(@name + '.', '')}
+      if @client.wire_version_feature?(Mongo::MongoClient::MONGODB_2_8)
+        names = collections_info.collect { |doc| doc['name'] || '' }
+        names.delete_if do |name|
+          name.index('$')
+        end
+      else
+        legacy_collection_names
+      end
     end
 
     # Get an array of Collection instances, one for each collection in this database.
@@ -281,11 +284,15 @@ module Mongo
     #
     # @param [String] coll_name return info for the specified collection only.
     #
-    # @return [Mongo::Cursor]
+    # @return [Array] List of collection info.
     def collections_info(coll_name=nil)
-      selector = {}
-      selector[:name] = full_collection_name(coll_name) if coll_name
-      Cursor.new(Collection.new(SYSTEM_NAMESPACE_COLLECTION, self), :selector => selector)
+      if @client.wire_version_feature?(Mongo::MongoClient::MONGODB_2_8)
+        cmd = BSON::OrderedHash[:listCollections, 1]
+        cmd.merge!(:filter => { :name => coll_name }) if coll_name
+        self.command(cmd)['collections']
+      else
+        legacy_collections_info(coll_name).to_a
+      end
     end
 
     # Create a collection.
@@ -482,12 +489,14 @@ module Mongo
     # @return [Hash] keys are index names and the values are lists of [key, type] pairs
     #   defining the index.
     def index_information(collection_name)
-      sel  = {:ns => full_collection_name(collection_name)}
-      info = {}
-      Cursor.new(Collection.new(SYSTEM_INDEX_COLLECTION, self), :selector => sel).each do |index|
-        info[index['name']] = index
+      if @client.wire_version_feature?(Mongo::MongoClient::MONGODB_2_8)
+        result = self.command(:listIndexes => collection_name)['indexes']
+      else
+        result = legacy_list_indexes(collection_name)
+      end
+      result.reduce({}) do |info, index|
+        info.merge!(index['name'] => index)
       end
-      info
     end
 
     # Return stats on this database. Uses MongoDB's dbstats command.
@@ -736,5 +745,24 @@ module Mongo
       end
       user
     end
+
+    def legacy_list_indexes(collection_name)
+      sel  = {:ns => full_collection_name(collection_name)}
+      Cursor.new(Collection.new(SYSTEM_INDEX_COLLECTION, self), :selector => sel)
+    end
+
+    def legacy_collections_info(coll_name=nil)
+      selector = {}
+      selector[:name] = full_collection_name(coll_name) if coll_name
+      Cursor.new(Collection.new(SYSTEM_NAMESPACE_COLLECTION, self), :selector => selector)
+    end
+
+    def legacy_collection_names
+      names = legacy_collections_info.collect { |doc| doc['name'] || '' }
+      names = names.delete_if do |name|
+        name.index(@name).nil? || name.index('$')
+      end
+      names.map {|name| name.sub(@name + '.', '')}
+    end
   end
 end

data/lib/mongo/exception.rb

@@ -85,4 +85,61 @@ module Mongo
 
   # Raised for bulk write errors.
   class BulkWriteError < OperationFailure; end
+
+  # This exception is raised when the server nonce returned does not
+  # match the client nonce sent to it.
+  #
+  # @since 1.12.0
+  class InvalidNonce < OperationFailure
+
+    # @return [ String ] nonce The client nonce.
+    attr_reader :nonce
+
+    # @return [ String ] rnonce The server nonce.
+    attr_reader :rnonce
+
+    # Instantiate the new exception.
+    #
+    # @example Create the exception.
+    #   InvalidNonce.new(nonce, rnonce)
+    #
+    # @param [ String ] nonce The client nonce.
+    # @param [ String ] rnonce The server nonce.
+    #
+    # @since 1.12.0
+    def initialize(nonce, rnonce)
+      @nonce = nonce
+      @rnonce = rnonce
+      super("Expected server rnonce '#{rnonce}' to start with client nonce '#{nonce}'.")
+    end
+  end
+
+  # This exception is raised when the server verifier does not match the
+  # expected signature on the client.
+  #
+  # @since 1.12.0
+  class InvalidSignature < OperationFailure
+
+    # @return [ String ] verifier The server verifier string.
+    attr_reader :verifier
+
+    # @return [ String ] server_signature The expected server signature.
+    attr_reader :server_signature
+
+    # Create the new exception.
+    #
+    # @example Create the new exception.
+    #   InvalidSignature.new(verifier, server_signature)
+    #
+    # @param [ String ] verifier The verifier returned from the server.
+    # @param [ String ] server_signature The expected value from the
+    #   server.
+    #
+    # @since 1.12.0
+    def initialize(verifier, server_signature)
+      @verifier = verifier
+      @server_signature = server_signature
+      super("Expected server verifier '#{verifier}' to match '#{server_signature}'.")
+    end
+  end
 end

data/lib/mongo/functional.rb

@@ -17,3 +17,4 @@ require 'mongo/functional/logging'
 require 'mongo/functional/read_preference'
 require 'mongo/functional/write_concern'
 require 'mongo/functional/uri_parser'
+require 'mongo/functional/scram'

data/lib/mongo/functional/authentication.rb

@@ -18,8 +18,11 @@ module Mongo
   module Authentication
 
     DEFAULT_MECHANISM = 'MONGODB-CR'
-    MECHANISMS        = ['GSSAPI', 'MONGODB-CR', 'MONGODB-X509', 'PLAIN']
-    EXTRA             = { 'GSSAPI' => [:gssapi_service_name, :canonicalize_host_name] }
+    MECHANISMS        = ['GSSAPI', 'MONGODB-CR', 'MONGODB-X509', 'PLAIN', 'SCRAM-SHA-1']
+    MECHANISM_ERROR   = "Must use one of #{MECHANISMS.join(', ')} " +
+                          "authentication mechanisms."
+    EXTRA             = { 'GSSAPI' => [:service_name, :canonicalize_host_name,
+                                       :service_realm] }
 
     # authentication module methods
     class << self
@@ -49,15 +52,13 @@ module Mongo
       # @raise [MongoArgumentError] if the credential set is invalid.
       # @return [Hash] The validated credential set.
       def validate_credentials(auth)
-        # set the default auth mechanism if not defined
-        auth[:mechanism] ||= DEFAULT_MECHANISM
-
         # set the default auth source if not defined
         auth[:source] = auth[:source] || auth[:db_name] || 'admin'
 
-        if (auth[:mechanism] == 'MONGODB-CR' || auth[:mechanism] == 'PLAIN') && !auth[:password]
+        if password_required?(auth[:mechanism]) && !auth[:password]
           raise MongoArgumentError,
-            "When using the authentication mechanism #{auth[:mechanism]} " +
+            "When using the authentication mechanism " +
+            "#{auth[:mechanism].nil? ? 'MONGODB-CR or SCRAM-SHA-1' : auth[:mechanism]} " +
             "both username and password are required."
         end
         # if extra opts exist, validate them
@@ -92,6 +93,19 @@ module Mongo
       def hash_password(username, password)
         Digest::MD5.hexdigest("#{username}:mongo:#{password}")
       end
+
+      private
+
+      # Does the authentication require a password?
+      #
+      # @param [ String ] mech The authentication mechanism.
+      #
+      # @return [ true, false ] If a password is required.
+      #
+      # @since 1.12.0
+      def password_required?(mech)
+        mech == 'MONGODB-CR' || mech == 'PLAIN' || mech == 'SCRAM-SHA-1' || mech.nil?
+      end
     end
 
     # Saves a cache of authentication credentials to the current
@@ -104,7 +118,7 @@ module Mongo
     # @param source [String] (nil) The authentication source database
     #   (if different than the current database).
     # @param mechanism [String] (nil) The authentication mechanism being used
-    #   (default: 'MONGODB-CR').
+    #   (default: 'MONGODB-CR' or 'SCRAM-SHA-1' if server version >= 2.7.8).
     # @param extra [Hash] (nil) A optional hash of extra options to be stored with
     #   the credential set.
     #
@@ -131,8 +145,8 @@ module Mongo
       end
 
       begin
-        socket = self.checkout_reader(:mode => :primary_preferred)
-        self.issue_authentication(auth, :socket => socket)
+        socket = checkout_reader(:mode => :primary_preferred)
+        issue_authentication(auth, :socket => socket)
       ensure
         socket.checkin if socket
       end
@@ -148,7 +162,10 @@ module Mongo
     # @return [Boolean] The result of the operation.
     def remove_auth(db_name)
       return false unless @auths
-      @auths.reject! { |a| a[:source] == db_name } ? true : false
+      auths = @auths.to_a
+      removed = auths.reject! { |a| a[:source] == db_name }
+      @auths = Set.new(auths)
+      !!removed
     end
 
     # Remove all authentication information stored in this connection.
@@ -190,6 +207,11 @@ module Mongo
     # @raise [AuthenticationError] Raised if the authentication fails.
     # @return [Boolean] Result of the authentication operation.
     def issue_authentication(auth, opts={})
+      # set the default auth mechanism if not defined
+      auth[:mechanism] ||= default_mechanism
+
+      raise MongoArgumentError,
+        MECHANISM_ERROR unless MECHANISMS.include?(auth[:mechanism])
       result = case auth[:mechanism]
         when 'MONGODB-CR'
           issue_cr(auth, opts)
@@ -199,6 +221,8 @@ module Mongo
           issue_plain(auth, opts)
         when 'GSSAPI'
           issue_gssapi(auth, opts)
+        when 'SCRAM-SHA-1'
+          issue_scram(auth, opts)
       end
 
       unless Support.ok?(result)
@@ -212,6 +236,86 @@ module Mongo
 
     private
 
+    def default_mechanism
+      max_wire_version >= 3 ? 'SCRAM-SHA-1' : DEFAULT_MECHANISM
+    end
+
+    # Handles copying a database with SCRAM-SHA-1 authentication.
+    #
+    # @api private
+    #
+    # @param [ String ] username The user to authenticate on the
+    #   'from' database.
+    # @param [ String ] password The password for the user authenticated
+    #   on the 'from' database.
+    # @param [ String ] from_host The host of the 'from' database.
+    # @param [ String ] from_db Name of the database to copy from.
+    # @param [ String ] to_db Name of the database to copy to.
+    #
+    # @return [ Hash ] The result of the copydb operation.
+    #
+    # @since 1.12.0
+    def copy_db_scram(username, password, from_host, from_db, to_db)
+      auth = { :db_name   => from_db,
+               :username  => username,
+               :password  => password }
+
+      socket = checkout_reader(:mode => :primary_preferred)
+
+      copy_db = { :from_host => from_host, :from_db => from_db, :to_db => to_db }
+      scram = SCRAM.new(auth, Authentication.hash_password(username, password),
+                        { :copy_db => copy_db })
+      result = auth_command(scram.copy_db_start, socket, 'admin').first
+      result = auth_command(scram.copy_db_continue(result), socket, 'admin').first
+      until result['done']
+        result = auth_command(scram.copy_db_continue(result), socket, 'admin').first
+      end
+      socket.checkin
+      result
+    end
+
+    # Handles copying a database with MONGODB-CR authentication.
+    #
+    # @api private
+    #
+    # @param [ String ] username The user to authenticate on the
+    #   'from' database.
+    # @param [ String ] password The password for the user authenticated
+    #   on the 'from' database.
+    # @param [ String ] from_host The host of the 'from' database.
+    # @param [ String ] from_db Name of the database to copy from.
+    # @param [ String ] to_db Name of the database to copy to.
+    #
+    # @return [ Hash ] The result of the copydb operation.
+    #
+    # @since 1.12.0
+    def copy_db_mongodb_cr(username, password, from_host, from_db, to_db)
+      oh = BSON::OrderedHash.new
+      oh[:copydb]   = 1
+      oh[:fromhost] = from_host
+      oh[:fromdb]   = from_db
+      oh[:todb]     = to_db
+
+      socket = checkout_reader(:mode => :primary_preferred)
+
+      if username || password
+        unless username && password
+          raise MongoArgumentError,
+            'Both username and password must be supplied for authentication.'
+        end
+        nonce_cmd = BSON::OrderedHash.new
+        nonce_cmd[:copydbgetnonce] = 1
+        nonce_cmd[:fromhost] = from_host
+        result = auth_command(nonce_cmd, socket, 'admin').first
+        oh[:nonce] = result['nonce']
+        oh[:username] = username
+        oh[:key] = Authentication.auth_key(username, password, oh[:nonce])
+      end
+      result = auth_command(oh, socket, 'admin').first
+      socket.checkin
+      result
+    end
+
     # Handles issuing authentication commands for the MONGODB-CR auth mechanism.
     #
     # @param auth [Hash] The authentication credentials to be used.
@@ -287,6 +391,29 @@ module Mongo
       raise "In order to use Kerberos, please add the mongo-kerberos gem to your dependencies"
     end
 
+    # Handles issuing SCRAM-SHA-1 authentication.
+    #
+    # @api private
+    #
+    # @param [ Hash ] auth The authentication credentials.
+    # @param [ Hash ] opts The options.
+    #
+    # @options opts [ Socket ] socket The Socket instance to use.
+    #
+    # @return [ Hash ] The result of the authentication operation.
+    #
+    # @since 1.12.0
+    def issue_scram(auth, opts = {})
+      db_name = auth[:source]
+      scram = SCRAM.new(auth, Authentication.hash_password(auth[:username], auth[:password]))
+      result = auth_command(scram.start, opts[:socket], db_name).first
+      result = auth_command(scram.continue(result), opts[:socket], db_name).first
+      until result['done']
+        result = auth_command(scram.finalize(result), opts[:socket], db_name).first
+      end
+      result
+    end
+
     # Helper to fetch a nonce value from a given database instance.
     #
     # @param database [Mongo::DB] The DB instance to use for issue the nonce command.