mongo 1.12.5 → 2.0.0.beta

data/lib/mongo/functional/logging.rb

@@ -1,85 +0,0 @@
-# Copyright (C) 2009-2013 MongoDB, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-module Mongo
-  module Logging
-
-    module Instrumenter
-      def self.instrument(name, payload = {})
-        yield
-      end
-    end
-
-    @instrumenter = Instrumenter
-
-    def write_logging_startup_message
-      log(:debug, "Logging level is currently :debug which could negatively impact " +
-          "client-side performance. You should set your logging level no lower than " +
-          ":info in production.")
-    end
-
-    # Log a message with the given level.
-    def log(level, msg)
-      return unless @logger
-      case level
-        when :fatal then
-          @logger.fatal "MONGODB [FATAL] #{msg}"
-        when :error then
-          @logger.error "MONGODB [ERROR] #{msg}"
-        when :warn then
-          @logger.warn "MONGODB [WARNING] #{msg}"
-        when :info then
-          @logger.info "MONGODB [INFO] #{msg}"
-        when :debug then
-          @logger.debug "MONGODB [DEBUG] #{msg}"
-        else
-          @logger.debug "MONGODB [DEBUG] #{msg}"
-      end
-    end
-
-    # Execute the block and log the operation described by name and payload.
-    def instrument(name, payload = {})
-      start_time = Time.now
-      res = Logging.instrumenter.instrument(name, payload) do
-        yield
-      end
-      duration = Time.now - start_time
-      log_operation(name, payload, duration)
-      res
-    end
-
-    def self.instrumenter
-      @instrumenter
-    end
-
-    def self.instrumenter=(instrumenter)
-      @instrumenter = instrumenter
-    end
-
-    protected
-
-    def log_operation(name, payload, duration)
-      @logger && @logger.debug do
-        msg = "MONGODB "
-        msg << "(%.1fms) " % (duration * 1000)
-        msg << "#{payload[:database]}['#{payload[:collection]}'].#{name}("
-        msg << payload.values_at(:selector, :document, :documents, :fields ).compact.map(&:inspect).join(', ') + ")"
-        msg << ".skip(#{payload[:skip]})"   if payload[:skip]
-        msg << ".limit(#{payload[:limit]})" if payload[:limit]
-        msg << ".sort(#{payload[:order]})"  if payload[:order]
-        msg
-      end
-    end
-  end
-end

data/lib/mongo/functional/read_preference.rb

@@ -1,183 +0,0 @@
-# Copyright (C) 2009-2013 MongoDB, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-module Mongo
-  module ReadPreference
-    READ_PREFERENCES = [
-      :primary,
-      :primary_preferred,
-      :secondary,
-      :secondary_preferred,
-      :nearest
-    ]
-
-    MONGOS_MODES = {
-      :primary              => 'primary',
-      :primary_preferred    => 'primaryPreferred',
-      :secondary            => 'secondary',
-      :secondary_preferred  => 'secondaryPreferred',
-      :nearest              => 'nearest'
-    }
-
-    # Commands that may be sent to replica-set secondaries, depending on
-    # read preference and tags. All other commands are always run on the primary.
-    SECONDARY_OK_COMMANDS = [
-      'group',
-      'aggregate',
-      'collstats',
-      'dbstats',
-      'count',
-      'distinct',
-      'geonear',
-      'geosearch',
-      'geowalk',
-      'mapreduce',
-      'replsetgetstatus',
-      'ismaster',
-      'parallelcollectionscan',
-      'text'
-    ]
-
-    def self.mongos(mode, tag_sets)
-      if mode != :secondary_preferred || !tag_sets.empty?
-        mongos_read_preference = BSON::OrderedHash[:mode => MONGOS_MODES[mode]]
-        mongos_read_preference[:tags] = tag_sets if !tag_sets.empty?
-      end
-      mongos_read_preference
-    end
-
-    def self.validate(value)
-      if READ_PREFERENCES.include?(value)
-        return true
-      else
-        raise MongoArgumentError, "#{value} is not a valid read preference. " +
-          "Please specify one of the following read preferences as a symbol: #{READ_PREFERENCES}"
-      end
-    end
-
-    # Returns true if it's ok to run the command on a secondary
-    def self.secondary_ok?(selector)
-      command = selector.keys.first.to_s.downcase
-
-      if command == 'mapreduce'
-        out = selector.select { |k, v| k.to_s.downcase == 'out' }.first.last
-        # the server only looks at the first key in the out object
-        return out.respond_to?(:keys) && out.keys.first.to_s.downcase == 'inline'
-      elsif command == 'aggregate'
-        pipeline = selector['pipeline'] || selector[:pipeline]
-        return pipeline.none? { |op| op.key?('$out') || op.key?(:$out) }
-      end
-      SECONDARY_OK_COMMANDS.member?(command)
-    end
-
-    # Returns true if the command should be rerouted to the primary.
-    def self.reroute_cmd_primary?(read_pref, selector)
-      return false if read_pref == :primary
-      !secondary_ok?(selector)
-    end
-
-    # Given a command and read preference, possibly reroute to primary.
-    def self.cmd_read_pref(read_pref, selector)
-      ReadPreference::validate(read_pref)
-      if reroute_cmd_primary?(read_pref, selector)
-        warn "Database command '#{selector.keys.first}' rerouted to primary node"
-        read_pref = :primary
-      end
-      read_pref
-    end
-
-    def read_preference
-      {
-        :mode => @read,
-        :tags => @tag_sets,
-        :latency => @acceptable_latency
-      }
-    end
-
-    def read_pool(read_preference_override={})
-      return primary_pool if mongos?
-
-      read_pref = read_preference.merge(read_preference_override)
-
-      if pinned_pool && pinned_pool[:read_preference] == read_pref
-        pool = pinned_pool[:pool]
-      else
-        unpin_pool
-        pool = select_pool(read_pref)
-      end
-
-      unless pool
-        raise ConnectionFailure, "No replica set member available for query " +
-          "with read preference matching mode #{read_pref[:mode]} and tags " +
-          "matching #{read_pref[:tags]}."
-      end
-
-      pool
-    end
-
-    def select_pool(read_pref)
-      if read_pref[:mode] == :primary && !read_pref[:tags].empty?
-        raise MongoArgumentError, "Read preference :primary cannot be combined with tags"
-      end
-
-      case read_pref[:mode]
-        when :primary
-          primary_pool
-        when :primary_preferred
-          primary_pool || select_secondary_pool(secondary_pools, read_pref)
-        when :secondary
-          select_secondary_pool(secondary_pools, read_pref)
-        when :secondary_preferred
-          select_secondary_pool(secondary_pools, read_pref) || primary_pool
-        when :nearest
-          select_near_pool(pools, read_pref)
-      end
-    end
-
-    def select_secondary_pool(candidates, read_pref)
-      matching_pools = match_tag_sets(secondary_pools, read_pref[:tags])
-      select_near_pools(matching_pools, read_pref).first
-    end
-
-    def select_near_pool(candidates, read_pref)
-      matching_pools = match_tag_sets(candidates, read_pref[:tags])
-      select_near_pools(matching_pools, read_pref).first
-    end
-
-    private
-
-    def select_near_pools(candidates, read_pref)
-      return candidates if candidates.empty?
-      latency = read_pref[:latency]
-      nearest_pool = candidates.min_by(&:ping_time)
-      max_latency = nearest_pool.ping_time + latency
-      near_pools = candidates.select { |candidate| candidate.ping_time <= max_latency }
-      near_pools.shuffle!
-    end
-
-    def match_tag_sets(candidates, tag_sets = [])
-      return candidates if tag_sets.empty?
-      matches = []
-      tag_sets.find do |tag_set|
-        matches = candidates.select do |candidate|
-          tag_set.none? do |k,v|
-            candidate.tags[k.to_s] != v
-          end
-        end
-        !matches.empty?
-      end
-      matches
-    end
-  end
-end

data/lib/mongo/functional/scram.rb

@@ -1,556 +0,0 @@
-# Copyright (C) 2014 MongoDB Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-require 'base64'
-require 'securerandom'
-require 'openssl'
-require 'digest/md5'
-
-module Mongo
-  module Authentication
-
-    # Defines behaviour around a single SCRAM-SHA-1 conversation between the
-    # client and server.
-    #
-    # @since 1.12.0
-    class SCRAM
-
-      # The client key string.
-      #
-      # @since 1.12.0
-      CLIENT_KEY = 'Client Key'.freeze
-
-      # The digest to use for encryption.
-      #
-      # @since 1.12.0
-      DIGEST = OpenSSL::Digest::SHA1.new.freeze
-
-      # The key for the done field in the responses.
-      #
-      # @since 1.12.0
-      DONE = 'done'.freeze
-
-      # The conversation id field.
-      #
-      # @since 1.12.0
-      ID = 'conversationId'.freeze
-
-      # The iterations key in the responses.
-      #
-      # @since 1.12.0
-      ITERATIONS = /i=(\d+)/.freeze
-
-      # The payload field.
-      #
-      # @since 1.12.0
-      PAYLOAD = 'payload'.freeze
-
-      # The rnonce key in the responses.
-      #
-      # @since 1.12.0
-      RNONCE = /r=([^,]*)/.freeze
-
-      # The salt key in the responses.
-      #
-      # @since 1.12.0
-      SALT = /s=([^,]*)/.freeze
-
-      # The server key string.
-      #
-      # @since 1.12.0
-      SERVER_KEY = 'Server Key'.freeze
-
-      # The server signature verifier in the response.
-      #
-      # @since 1.12.0
-      VERIFIER = /v=([^,]*)/.freeze
-
-      # @return [ String ] nonce The initial user nonce.
-      attr_reader :nonce
-
-      # @return [ BSON::OrderedHash ] reply The current reply in the conversation.
-      attr_reader :reply
-
-      # @return [ Hash ] auth The authentication details.
-      attr_reader :auth
-
-      # @return [ String ] hashed_password The user's hashed password
-      attr_reader :hashed_password
-
-      # Continue the SCRAM conversation. This sends the client final message
-      # to the server after setting the reply from the previous server
-      # communication.
-      #
-      # @example Continue the conversation.
-      #   conversation.continue(reply)
-      #
-      # @param [ BSON::OrderedHash ] reply The reply of the previous
-      #   message.
-      #
-      # @return [ BSON::OrderedHash ] The next message to send.
-      #
-      # @since 1.12.0
-      def continue(reply)
-        validate_first_message!(reply)
-        command = BSON::OrderedHash.new
-        command['saslContinue'] = 1
-        command[PAYLOAD] = client_final_message
-        command[ID] = id
-        command
-      end
-
-      # Continue the SCRAM conversation for copydb. This sends the client final message
-      # to the server after setting the reply from the previous server
-      # communication.
-      #
-      # @example Continue the conversation when copying a database.
-      #   conversation.copy_db_continue(reply)
-      #
-      # @param [ BSON::OrderedHash ] reply The reply of the previous
-      #   message.
-      #
-      # @return [ BSON::OrderedHash ] The next message to send.
-      #
-      # @since 1.12.0
-      def copy_db_continue(reply)
-        validate_first_message!(reply)
-        command = BSON::OrderedHash.new
-        command['copydb'] = 1
-        command['fromhost'] = @copy_db[:from_host]
-        command['fromdb'] = @copy_db[:from_db]
-        command['todb'] = @copy_db[:to_db]
-        command[PAYLOAD] = client_final_message
-        command[ID] = id
-        command
-      end
-
-      # Finalize the SCRAM conversation. This is meant to be iterated until
-      # the provided reply indicates the conversation is finished.
-      #
-      # @example Finalize the conversation.
-      #   conversation.finalize(reply)
-      #
-      # @param [ BSON::OrderedHash ] reply The reply of the previous
-      #   message.
-      #
-      # @return [ BSON::OrderedHash ] The next message to send.
-      #
-      # @since 1.12.0
-      def finalize(reply)
-        validate_final_message!(reply)
-        command = BSON::OrderedHash.new
-        command['saslContinue'] = 1
-        command[PAYLOAD] = client_empty_message
-        command[ID] = id
-        command
-      end
-
-      # Start the SCRAM conversation. This returns the first message that
-      # needs to be send to the server.
-      #
-      # @example Start the conversation.
-      #   conversation.start
-      #
-      # @return [ BSON::OrderedHash ] The first SCRAM conversation message.
-      #
-      # @since 1.12.0
-      def start
-        command = BSON::OrderedHash.new
-        command['saslStart'] = 1
-        command['autoAuthorize'] = 1
-        command[PAYLOAD] = client_first_message
-        command['mechanism'] = 'SCRAM-SHA-1'
-        command
-      end
-
-      # Start the SCRAM conversation for copying a database.
-      # This returns the first message that needs to be sent to the server.
-      #
-      # @example Start the copydb conversation.
-      #   conversation.copy_db_start
-      #
-      # @return [ BSON::OrderedHash ] The first SCRAM copy_db conversation message.
-      #
-      # @since 1.12.0
-      def copy_db_start
-        command = BSON::OrderedHash.new
-        command['copydbsaslstart'] = 1
-        command['autoAuthorize'] = 1
-        command['fromhost'] = @copy_db[:from_host]
-        command['fromdb'] = @copy_db[:from_db]
-        command[PAYLOAD] = client_first_message
-        command['mechanism'] = 'SCRAM-SHA-1'
-        command
-      end
-
-      # Get the id of the conversation.
-      #
-      # @example Get the id of the conversation.
-      #   conversation.id
-      #
-      # @return [ Integer ] The conversation id.
-      #
-      # @since 1.12.0
-      def id
-        reply[ID]
-      end
-
-      # Create the new conversation.
-      #
-      # @example Create the new conversation.
-      #   Conversation.new(auth, password)
-      #
-      # @since 1.12.0
-      def initialize(auth, hashed_password, opts={})
-        @auth = auth
-        @hashed_password = hashed_password
-        @nonce = SecureRandom.base64
-        @copy_db = opts[:copy_db] if opts[:copy_db]
-      end
-
-      private
-
-      # Auth message algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def auth_message
-        @auth_message ||= "#{first_bare},#{payload_data},#{without_proof}"
-      end
-
-      # Get the empty client message.
-      #
-      # @api private
-      #
-      # @since 1.12.0
-      def client_empty_message
-        BSON::Binary.new('')
-      end
-
-      # Get the final client message.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def client_final_message
-        BSON::Binary.new("#{without_proof},p=#{client_final}")
-      end
-
-      # Get the client first message
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def client_first_message
-        BSON::Binary.new("n,,#{first_bare}")
-      end
-
-      # Client final implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-7
-      #
-      # @since 1.12.0
-      def client_final
-        @client_final ||= client_proof(client_key, client_signature(stored_key(client_key), auth_message))
-      end
-
-      # Client key algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def client_key
-        @client_key ||= hmac(salted_password, CLIENT_KEY)
-      end
-
-      if Base64.respond_to?(:strict_encode64)
-
-        # Client proof algorithm implementation.
-        #
-        # @api private
-        #
-        # @see http://tools.ietf.org/html/rfc5802#section-3
-        #
-        # @since 1.12.0
-        def client_proof(key, signature)
-          @client_proof ||= Base64.strict_encode64(xor(key, signature))
-        end
-      else
-
-        # Client proof algorithm implementation.
-        #
-        # @api private
-        #
-        # @see http://tools.ietf.org/html/rfc5802#section-3
-        #
-        # @since 1.12.0
-        def client_proof(key, signature)
-          @client_proof ||= Base64.encode64(xor(key, signature)).gsub("\n",'')
-        end
-      end
-
-      # Client signature algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def client_signature(key, message)
-        @client_signature ||= hmac(key, message)
-      end
-
-      if Base64.respond_to?(:strict_decode64)
-
-        # Get the base 64 decoded salt.
-        #
-        # @api private
-        #
-        # @since 1.12.0
-        def decoded_salt
-          @decoded_salt ||= Base64.strict_decode64(salt)
-        end
-      else
-
-        # Get the base 64 decoded salt.
-        #
-        # @api private
-        #
-        # @since 1.12.0
-        def decoded_salt
-          @decoded_salt ||= Base64.decode64(salt)
-        end
-      end
-
-      # First bare implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-7
-      #
-      # @since 1.12.0
-      def first_bare
-        @first_bare ||= "n=#{auth[:username].gsub('=','=3D').gsub(',','=2C')},r=#{nonce}"
-      end
-
-      # H algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-2.2
-      #
-      # @since 1.12.0
-      def h(string)
-        DIGEST.digest(string)
-      end
-
-      if defined?(OpenSSL::PKCS5)
-
-        # HI algorithm implementation.
-        #
-        # @api private
-        #
-        # @see http://tools.ietf.org/html/rfc5802#section-2.2
-        #
-        # @since 1.12.0
-        def hi(data)
-          OpenSSL::PKCS5.pbkdf2_hmac_sha1(data, decoded_salt, iterations, DIGEST.size)
-        end
-      else
-
-        # HI algorithm implementation.
-        #
-        # @api private
-        #
-        # @see http://tools.ietf.org/html/rfc5802#section-2.2
-        #
-        # @since 1.12.0
-        def hi(data)
-          u = hmac(data, decoded_salt + [1].pack("N"))
-          v = u
-          2.upto(iterations) do |i|
-            u = hmac(data, u)
-            v = xor(v, u)
-          end
-          v
-        end
-      end
-
-      # HMAC algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-2.2
-      #
-      # @since 1.12.0
-      def hmac(data, key)
-        OpenSSL::HMAC.digest(DIGEST, data, key)
-      end
-
-      # Get the iterations from the server response.
-      #
-      # @api private
-      #
-      # @since 1.12.0
-      def iterations
-        @iterations ||= payload_data.match(ITERATIONS)[1].to_i
-      end
-
-      # Get the data from the returned payload.
-      #
-      # @api private
-      #
-      # @since 1.12.0
-      def payload_data
-        reply[PAYLOAD].to_s
-      end
-
-      # Get the server nonce from the payload.
-      #
-      # @api private
-      #
-      # @since 1.12.0
-      def rnonce
-        @rnonce ||= payload_data.match(RNONCE)[1]
-      end
-
-      # Gets the salt from the server response.
-      #
-      # @api private
-      #
-      # @since 1.12.0
-      def salt
-        @salt ||= payload_data.match(SALT)[1]
-      end
-
-      # Salted password algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def salted_password
-        @salted_password ||= hi(hashed_password)
-      end
-
-      # Server key algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def server_key
-        @server_key ||= hmac(salted_password, SERVER_KEY)
-      end
-
-      if Base64.respond_to?(:strict_encode64)
-
-        # Server signature algorithm implementation.
-        #
-        # @api private
-        #
-        # @see http://tools.ietf.org/html/rfc5802#section-3
-        #
-        # @since 1.12.0
-        def server_signature
-          @server_signature ||= Base64.strict_encode64(hmac(server_key, auth_message))
-        end
-      else
-
-        # Server signature algorithm implementation.
-        #
-        # @api private
-        #
-        # @see http://tools.ietf.org/html/rfc5802#section-3
-        #
-        # @since 1.12.0
-        def server_signature
-          @server_signature ||= Base64.encode64(hmac(server_key, auth_message)).gsub("\n",'')
-        end
-      end
-
-      # Stored key algorithm implementation.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-3
-      #
-      # @since 1.12.0
-      def stored_key(key)
-        h(key)
-      end
-
-      # Get the verifier token from the server response.
-      #
-      # @api private
-      #
-      # @since 1.12.0
-      def verifier
-        @verifier ||= payload_data.match(VERIFIER)[1]
-      end
-
-      # Get the without proof message.
-      #
-      # @api private
-      #
-      # @see http://tools.ietf.org/html/rfc5802#section-7
-      #
-      # @since 1.12.0
-      def without_proof
-        @without_proof ||= "c=biws,r=#{rnonce}"
-      end
-
-      # XOR operation for two strings.
-      #
-      # @api private
-      #
-      # @since 1.12.0
-      def xor(first, second)
-        first.bytes.zip(second.bytes).map{ |(a,b)| (a ^ b).chr }.join('')
-      end
-
-      def validate_final_message!(reply)
-        validate!(reply)
-        unless verifier == server_signature
-          raise InvalidSignature.new(verifier, server_signature)
-        end
-      end
-
-      def validate_first_message!(reply)
-        validate!(reply)
-        raise InvalidNonce.new(nonce, rnonce) unless rnonce.start_with?(nonce)
-      end
-
-      def validate!(reply)
-        unless Support.ok?(reply)
-          raise AuthenticationError, "Could not authorize user #{auth[:username]} on database #{auth[:db_name]}."
-        end
-        @reply = reply
-      end
-    end
-  end
-end