mongo 2.11.2 → 2.13.0.beta1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/CONTRIBUTING.md +8 -36
- data/LICENSE +1 -1
- data/README.md +54 -53
- data/Rakefile +1 -1
- data/lib/mongo.rb +7 -1
- data/lib/mongo/active_support.rb +1 -1
- data/lib/mongo/address.rb +114 -46
- data/lib/mongo/address/ipv4.rb +32 -5
- data/lib/mongo/address/ipv6.rb +32 -5
- data/lib/mongo/address/unix.rb +3 -3
- data/lib/mongo/address/validator.rb +1 -1
- data/lib/mongo/auth.rb +37 -13
- data/lib/mongo/auth/aws.rb +37 -0
- data/lib/mongo/auth/aws/conversation.rb +128 -0
- data/lib/mongo/auth/aws/credentials_retriever.rb +219 -0
- data/lib/mongo/auth/aws/request.rb +257 -0
- data/lib/mongo/auth/base.rb +129 -0
- data/lib/mongo/auth/conversation_base.rb +52 -0
- data/lib/mongo/auth/cr.rb +9 -36
- data/lib/mongo/auth/cr/conversation.rb +24 -69
- data/lib/mongo/auth/credential_cache.rb +51 -0
- data/lib/mongo/auth/gssapi.rb +38 -0
- data/lib/mongo/auth/gssapi/conversation.rb +108 -0
- data/lib/mongo/auth/ldap.rb +9 -34
- data/lib/mongo/auth/ldap/conversation.rb +3 -43
- data/lib/mongo/auth/roles.rb +1 -1
- data/lib/mongo/auth/sasl_conversation_base.rb +111 -0
- data/lib/mongo/auth/scram.rb +39 -51
- data/lib/mongo/auth/scram/conversation.rb +12 -502
- data/lib/mongo/auth/scram256.rb +31 -0
- data/lib/mongo/auth/scram256/conversation.rb +63 -0
- data/lib/mongo/auth/scram_conversation_base.rb +402 -0
- data/lib/mongo/auth/stringprep.rb +5 -4
- data/lib/mongo/auth/stringprep/profiles/sasl.rb +2 -1
- data/lib/mongo/auth/stringprep/tables.rb +2 -1
- data/lib/mongo/auth/stringprep/unicode_normalize/normalize.rb +1 -0
- data/lib/mongo/auth/stringprep/unicode_normalize/tables.rb +1 -0
- data/lib/mongo/auth/user.rb +9 -11
- data/lib/mongo/auth/user/view.rb +5 -5
- data/lib/mongo/auth/x509.rb +14 -32
- data/lib/mongo/auth/x509/conversation.rb +15 -42
- data/lib/mongo/background_thread.rb +12 -3
- data/lib/mongo/bson.rb +1 -1
- data/lib/mongo/bulk_write.rb +61 -26
- data/lib/mongo/bulk_write/combineable.rb +20 -8
- data/lib/mongo/bulk_write/ordered_combiner.rb +1 -1
- data/lib/mongo/bulk_write/result.rb +1 -1
- data/lib/mongo/bulk_write/result_combiner.rb +1 -1
- data/lib/mongo/bulk_write/transformable.rb +9 -10
- data/lib/mongo/bulk_write/unordered_combiner.rb +1 -1
- data/lib/mongo/bulk_write/validatable.rb +5 -1
- data/lib/mongo/client.rb +178 -23
- data/lib/mongo/client_encryption.rb +103 -0
- data/lib/mongo/cluster.rb +130 -52
- data/lib/mongo/cluster/periodic_executor.rb +1 -1
- data/lib/mongo/cluster/reapers/cursor_reaper.rb +19 -7
- data/lib/mongo/cluster/reapers/socket_reaper.rb +1 -1
- data/lib/mongo/cluster/sdam_flow.rb +74 -62
- data/lib/mongo/cluster/topology.rb +19 -2
- data/lib/mongo/cluster/topology/base.rb +1 -1
- data/lib/mongo/cluster/topology/no_replica_set_options.rb +1 -1
- data/lib/mongo/cluster/topology/replica_set_no_primary.rb +1 -1
- data/lib/mongo/cluster/topology/replica_set_with_primary.rb +1 -1
- data/lib/mongo/cluster/topology/sharded.rb +1 -1
- data/lib/mongo/cluster/topology/single.rb +1 -1
- data/lib/mongo/cluster/topology/unknown.rb +1 -1
- data/lib/mongo/cluster_time.rb +1 -1
- data/lib/mongo/collection.rb +25 -5
- data/lib/mongo/collection/view.rb +7 -3
- data/lib/mongo/collection/view/aggregation.rb +7 -4
- data/lib/mongo/collection/view/builder.rb +1 -1
- data/lib/mongo/collection/view/builder/aggregation.rb +1 -1
- data/lib/mongo/collection/view/builder/find_command.rb +9 -1
- data/lib/mongo/collection/view/builder/flags.rb +1 -1
- data/lib/mongo/collection/view/builder/map_reduce.rb +1 -1
- data/lib/mongo/collection/view/builder/modifiers.rb +1 -1
- data/lib/mongo/collection/view/builder/op_query.rb +1 -1
- data/lib/mongo/collection/view/change_stream.rb +15 -9
- data/lib/mongo/collection/view/change_stream/retryable.rb +1 -1
- data/lib/mongo/collection/view/explainable.rb +1 -1
- data/lib/mongo/collection/view/immutable.rb +1 -1
- data/lib/mongo/collection/view/iterable.rb +22 -7
- data/lib/mongo/collection/view/map_reduce.rb +9 -6
- data/lib/mongo/collection/view/readable.rb +16 -8
- data/lib/mongo/collection/view/writable.rb +62 -18
- data/lib/mongo/crypt.rb +33 -0
- data/lib/mongo/crypt/auto_decryption_context.rb +40 -0
- data/lib/mongo/crypt/auto_encrypter.rb +179 -0
- data/lib/mongo/crypt/auto_encryption_context.rb +44 -0
- data/lib/mongo/crypt/binary.rb +155 -0
- data/lib/mongo/crypt/binding.rb +1229 -0
- data/lib/mongo/crypt/context.rb +135 -0
- data/lib/mongo/crypt/data_key_context.rb +162 -0
- data/lib/mongo/crypt/encryption_io.rb +306 -0
- data/lib/mongo/crypt/explicit_decryption_context.rb +40 -0
- data/lib/mongo/crypt/explicit_encrypter.rb +117 -0
- data/lib/mongo/crypt/explicit_encryption_context.rb +89 -0
- data/lib/mongo/crypt/handle.rb +315 -0
- data/lib/mongo/crypt/hooks.rb +90 -0
- data/lib/mongo/crypt/kms_context.rb +67 -0
- data/lib/mongo/crypt/status.rb +131 -0
- data/lib/mongo/cursor.rb +67 -35
- data/lib/mongo/cursor/builder.rb +1 -1
- data/lib/mongo/cursor/builder/get_more_command.rb +1 -1
- data/lib/mongo/cursor/builder/kill_cursors_command.rb +9 -2
- data/lib/mongo/cursor/builder/op_get_more.rb +1 -1
- data/lib/mongo/cursor/builder/op_kill_cursors.rb +9 -2
- data/lib/mongo/database.rb +27 -7
- data/lib/mongo/database/view.rb +15 -6
- data/lib/mongo/dbref.rb +10 -3
- data/lib/mongo/error.rb +30 -3
- data/lib/mongo/error/auth_error.rb +1 -1
- data/lib/mongo/error/bulk_write_error.rb +17 -15
- data/lib/mongo/error/change_stream_resumable.rb +1 -1
- data/lib/mongo/error/closed_stream.rb +1 -1
- data/lib/mongo/error/connection_check_out_timeout.rb +1 -1
- data/lib/mongo/error/connection_perished.rb +23 -0
- data/lib/mongo/error/credential_check_error.rb +26 -0
- data/lib/mongo/error/crypt_error.rb +31 -0
- data/lib/mongo/error/extra_file_chunk.rb +1 -1
- data/lib/mongo/error/{failed_stringprep_validation.rb → failed_string_prep_validation.rb} +0 -0
- data/lib/mongo/error/file_not_found.rb +1 -1
- data/lib/mongo/error/handshake_error.rb +1 -1
- data/lib/mongo/error/insufficient_iteration_count.rb +1 -1
- data/lib/mongo/error/invalid_address.rb +1 -1
- data/lib/mongo/error/invalid_application_name.rb +1 -1
- data/lib/mongo/error/invalid_bulk_operation.rb +1 -1
- data/lib/mongo/error/invalid_bulk_operation_type.rb +1 -1
- data/lib/mongo/error/invalid_collection_name.rb +1 -1
- data/lib/mongo/error/invalid_cursor_operation.rb +27 -0
- data/lib/mongo/error/invalid_database_name.rb +1 -1
- data/lib/mongo/error/invalid_document.rb +1 -1
- data/lib/mongo/error/invalid_file.rb +1 -1
- data/lib/mongo/error/invalid_file_revision.rb +1 -1
- data/lib/mongo/error/invalid_min_pool_size.rb +1 -1
- data/lib/mongo/error/invalid_nonce.rb +2 -2
- data/lib/mongo/error/invalid_read_option.rb +1 -1
- data/lib/mongo/error/invalid_replacement_document.rb +1 -1
- data/lib/mongo/error/invalid_server_auth_response.rb +23 -0
- data/lib/mongo/error/invalid_server_preference.rb +6 -1
- data/lib/mongo/error/invalid_session.rb +1 -1
- data/lib/mongo/error/invalid_signature.rb +1 -1
- data/lib/mongo/error/invalid_transaction_operation.rb +1 -1
- data/lib/mongo/error/invalid_txt_record.rb +1 -1
- data/lib/mongo/error/invalid_update_document.rb +1 -1
- data/lib/mongo/error/invalid_uri.rb +1 -1
- data/lib/mongo/error/invalid_write_concern.rb +1 -1
- data/lib/mongo/error/kms_error.rb +22 -0
- data/lib/mongo/error/lint_error.rb +1 -1
- data/lib/mongo/error/max_bson_size.rb +15 -4
- data/lib/mongo/error/max_message_size.rb +1 -1
- data/lib/mongo/error/mismatched_domain.rb +1 -1
- data/lib/mongo/error/missing_file_chunk.rb +1 -1
- data/lib/mongo/error/missing_password.rb +1 -1
- data/lib/mongo/error/missing_resume_token.rb +1 -1
- data/lib/mongo/error/missing_scram_server_signature.rb +27 -0
- data/lib/mongo/error/mongocryptd_spawn_error.rb +22 -0
- data/lib/mongo/error/multi_index_drop.rb +1 -1
- data/lib/mongo/error/need_primary_server.rb +1 -1
- data/lib/mongo/error/no_server_available.rb +9 -4
- data/lib/mongo/error/no_srv_records.rb +1 -1
- data/lib/mongo/error/notable.rb +17 -17
- data/lib/mongo/error/operation_failure.rb +57 -43
- data/lib/mongo/error/parser.rb +17 -6
- data/lib/mongo/error/pool_closed_error.rb +1 -1
- data/lib/mongo/error/raise_original_error.rb +29 -0
- data/lib/mongo/error/session_ended.rb +1 -1
- data/lib/mongo/error/socket_error.rb +1 -1
- data/lib/mongo/error/socket_timeout_error.rb +1 -1
- data/lib/mongo/error/unchangeable_collection_option.rb +1 -1
- data/lib/mongo/error/unexpected_chunk_length.rb +1 -1
- data/lib/mongo/error/unexpected_response.rb +1 -1
- data/lib/mongo/error/unknown_payload_type.rb +1 -1
- data/lib/mongo/error/unsupported_array_filters.rb +7 -2
- data/lib/mongo/error/unsupported_collation.rb +7 -2
- data/lib/mongo/error/unsupported_features.rb +1 -1
- data/lib/mongo/error/unsupported_message_type.rb +1 -1
- data/lib/mongo/error/unsupported_option.rb +99 -0
- data/lib/mongo/error/write_retryable.rb +1 -1
- data/lib/mongo/event.rb +1 -1
- data/lib/mongo/event/base.rb +1 -1
- data/lib/mongo/event/listeners.rb +1 -1
- data/lib/mongo/event/publisher.rb +1 -1
- data/lib/mongo/event/subscriber.rb +1 -1
- data/lib/mongo/grid.rb +1 -1
- data/lib/mongo/grid/file.rb +1 -1
- data/lib/mongo/grid/file/chunk.rb +1 -1
- data/lib/mongo/grid/file/info.rb +4 -3
- data/lib/mongo/grid/fs_bucket.rb +7 -2
- data/lib/mongo/grid/stream.rb +1 -1
- data/lib/mongo/grid/stream/read.rb +1 -1
- data/lib/mongo/grid/stream/write.rb +1 -1
- data/lib/mongo/id.rb +1 -1
- data/lib/mongo/index.rb +2 -1
- data/lib/mongo/index/view.rb +61 -14
- data/lib/mongo/lint.rb +10 -0
- data/lib/mongo/loggable.rb +1 -1
- data/lib/mongo/logger.rb +1 -1
- data/lib/mongo/monitoring.rb +1 -1
- data/lib/mongo/monitoring/cmap_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/command_log_subscriber.rb +12 -5
- data/lib/mongo/monitoring/event.rb +1 -1
- data/lib/mongo/monitoring/event/cmap.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/base.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_check_out_failed.rb +2 -2
- data/lib/mongo/monitoring/event/cmap/connection_check_out_started.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_checked_in.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_checked_out.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_closed.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_created.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/connection_ready.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/pool_cleared.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/pool_closed.rb +1 -1
- data/lib/mongo/monitoring/event/cmap/pool_created.rb +1 -1
- data/lib/mongo/monitoring/event/command_failed.rb +1 -1
- data/lib/mongo/monitoring/event/command_started.rb +15 -4
- data/lib/mongo/monitoring/event/command_succeeded.rb +1 -1
- data/lib/mongo/monitoring/event/secure.rb +8 -2
- data/lib/mongo/monitoring/event/server_closed.rb +1 -1
- data/lib/mongo/monitoring/event/server_description_changed.rb +1 -1
- data/lib/mongo/monitoring/event/server_heartbeat_failed.rb +1 -1
- data/lib/mongo/monitoring/event/server_heartbeat_started.rb +1 -1
- data/lib/mongo/monitoring/event/server_heartbeat_succeeded.rb +1 -1
- data/lib/mongo/monitoring/event/server_opening.rb +1 -1
- data/lib/mongo/monitoring/event/topology_changed.rb +1 -1
- data/lib/mongo/monitoring/event/topology_closed.rb +1 -1
- data/lib/mongo/monitoring/event/topology_opening.rb +1 -1
- data/lib/mongo/monitoring/publishable.rb +5 -8
- data/lib/mongo/monitoring/sdam_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/server_closed_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/server_description_changed_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/server_opening_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/topology_changed_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/topology_closed_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/topology_opening_log_subscriber.rb +1 -1
- data/lib/mongo/monitoring/unified_sdam_log_subscriber.rb +1 -1
- data/lib/mongo/operation.rb +1 -0
- data/lib/mongo/operation/aggregate.rb +1 -1
- data/lib/mongo/operation/aggregate/command.rb +5 -5
- data/lib/mongo/operation/aggregate/op_msg.rb +1 -1
- data/lib/mongo/operation/aggregate/result.rb +1 -1
- data/lib/mongo/operation/collections_info.rb +3 -33
- data/lib/mongo/operation/collections_info/command.rb +40 -0
- data/lib/mongo/operation/collections_info/result.rb +1 -1
- data/lib/mongo/operation/command.rb +1 -1
- data/lib/mongo/operation/command/command.rb +3 -3
- data/lib/mongo/operation/command/op_msg.rb +1 -1
- data/lib/mongo/operation/count.rb +1 -1
- data/lib/mongo/operation/count/command.rb +3 -3
- data/lib/mongo/operation/count/op_msg.rb +1 -1
- data/lib/mongo/operation/create.rb +1 -1
- data/lib/mongo/operation/create/command.rb +3 -3
- data/lib/mongo/operation/create/op_msg.rb +1 -1
- data/lib/mongo/operation/create_index.rb +1 -1
- data/lib/mongo/operation/create_index/command.rb +4 -4
- data/lib/mongo/operation/create_index/op_msg.rb +6 -3
- data/lib/mongo/operation/create_user.rb +1 -1
- data/lib/mongo/operation/create_user/command.rb +4 -4
- data/lib/mongo/operation/create_user/op_msg.rb +2 -2
- data/lib/mongo/operation/delete.rb +1 -1
- data/lib/mongo/operation/delete/bulk_result.rb +1 -1
- data/lib/mongo/operation/delete/command.rb +4 -4
- data/lib/mongo/operation/delete/legacy.rb +2 -2
- data/lib/mongo/operation/delete/op_msg.rb +5 -5
- data/lib/mongo/operation/delete/result.rb +2 -2
- data/lib/mongo/operation/distinct.rb +1 -1
- data/lib/mongo/operation/distinct/command.rb +3 -3
- data/lib/mongo/operation/distinct/op_msg.rb +1 -1
- data/lib/mongo/operation/drop.rb +1 -1
- data/lib/mongo/operation/drop/command.rb +3 -3
- data/lib/mongo/operation/drop/op_msg.rb +1 -1
- data/lib/mongo/operation/drop_database.rb +1 -1
- data/lib/mongo/operation/drop_database/command.rb +3 -3
- data/lib/mongo/operation/drop_database/op_msg.rb +1 -1
- data/lib/mongo/operation/drop_index.rb +1 -1
- data/lib/mongo/operation/drop_index/command.rb +4 -4
- data/lib/mongo/operation/drop_index/op_msg.rb +2 -2
- data/lib/mongo/operation/explain.rb +1 -1
- data/lib/mongo/operation/explain/command.rb +3 -3
- data/lib/mongo/operation/explain/legacy.rb +3 -3
- data/lib/mongo/operation/explain/op_msg.rb +1 -1
- data/lib/mongo/operation/explain/result.rb +1 -1
- data/lib/mongo/operation/find.rb +1 -1
- data/lib/mongo/operation/find/command.rb +3 -3
- data/lib/mongo/operation/find/legacy.rb +3 -3
- data/lib/mongo/operation/find/legacy/result.rb +1 -1
- data/lib/mongo/operation/find/op_msg.rb +2 -9
- data/lib/mongo/operation/find/result.rb +1 -1
- data/lib/mongo/operation/get_more.rb +1 -1
- data/lib/mongo/operation/get_more/command.rb +3 -3
- data/lib/mongo/operation/get_more/legacy.rb +2 -2
- data/lib/mongo/operation/get_more/op_msg.rb +2 -9
- data/lib/mongo/operation/get_more/result.rb +1 -1
- data/lib/mongo/operation/indexes.rb +1 -1
- data/lib/mongo/operation/indexes/command.rb +3 -3
- data/lib/mongo/operation/indexes/legacy.rb +4 -4
- data/lib/mongo/operation/indexes/op_msg.rb +1 -1
- data/lib/mongo/operation/indexes/result.rb +1 -1
- data/lib/mongo/operation/insert.rb +3 -2
- data/lib/mongo/operation/insert/bulk_result.rb +6 -2
- data/lib/mongo/operation/insert/command.rb +8 -7
- data/lib/mongo/operation/insert/legacy.rb +10 -5
- data/lib/mongo/operation/insert/op_msg.rb +7 -7
- data/lib/mongo/operation/insert/result.rb +7 -4
- data/lib/mongo/operation/kill_cursors.rb +1 -1
- data/lib/mongo/operation/kill_cursors/command.rb +3 -3
- data/lib/mongo/operation/kill_cursors/legacy.rb +2 -2
- data/lib/mongo/operation/kill_cursors/op_msg.rb +1 -1
- data/lib/mongo/operation/list_collections.rb +1 -1
- data/lib/mongo/operation/list_collections/command.rb +4 -4
- data/lib/mongo/operation/list_collections/op_msg.rb +2 -2
- data/lib/mongo/operation/list_collections/result.rb +1 -1
- data/lib/mongo/operation/map_reduce.rb +1 -1
- data/lib/mongo/operation/map_reduce/command.rb +3 -3
- data/lib/mongo/operation/map_reduce/op_msg.rb +1 -1
- data/lib/mongo/operation/map_reduce/result.rb +1 -1
- data/lib/mongo/operation/op_msg_base.rb +3 -3
- data/lib/mongo/operation/parallel_scan.rb +1 -1
- data/lib/mongo/operation/parallel_scan/command.rb +5 -5
- data/lib/mongo/operation/parallel_scan/op_msg.rb +2 -2
- data/lib/mongo/operation/parallel_scan/result.rb +1 -1
- data/lib/mongo/operation/remove_user.rb +1 -1
- data/lib/mongo/operation/remove_user/command.rb +4 -4
- data/lib/mongo/operation/remove_user/op_msg.rb +2 -2
- data/lib/mongo/operation/result.rb +64 -31
- data/lib/mongo/operation/shared/bypass_document_validation.rb +10 -4
- data/lib/mongo/operation/shared/causal_consistency_supported.rb +3 -3
- data/lib/mongo/operation/shared/collections_info_or_list_collections.rb +56 -0
- data/lib/mongo/operation/shared/executable.rb +47 -27
- data/lib/mongo/operation/shared/executable_no_validate.rb +3 -3
- data/lib/mongo/operation/shared/executable_transaction_label.rb +1 -1
- data/lib/mongo/operation/shared/idable.rb +1 -1
- data/lib/mongo/operation/shared/limited.rb +10 -2
- data/lib/mongo/operation/shared/object_id_generator.rb +1 -1
- data/lib/mongo/operation/shared/op_msg_or_command.rb +8 -6
- data/lib/mongo/operation/shared/op_msg_or_find_command.rb +9 -7
- data/lib/mongo/operation/shared/op_msg_or_list_indexes_command.rb +9 -7
- data/lib/mongo/operation/shared/polymorphic_lookup.rb +1 -1
- data/lib/mongo/operation/shared/polymorphic_result.rb +1 -1
- data/lib/mongo/operation/shared/read_preference_supported.rb +74 -22
- data/lib/mongo/operation/shared/response_handling.rb +84 -9
- data/lib/mongo/operation/shared/result/aggregatable.rb +1 -1
- data/lib/mongo/operation/shared/result/use_legacy_error_parser.rb +1 -1
- data/lib/mongo/operation/shared/sessions_supported.rb +86 -22
- data/lib/mongo/operation/shared/specifiable.rb +32 -20
- data/lib/mongo/operation/shared/write.rb +33 -20
- data/lib/mongo/operation/shared/write_concern_supported.rb +6 -6
- data/lib/mongo/operation/update.rb +1 -1
- data/lib/mongo/operation/update/bulk_result.rb +1 -1
- data/lib/mongo/operation/update/command.rb +4 -4
- data/lib/mongo/operation/update/legacy.rb +2 -2
- data/lib/mongo/operation/update/legacy/result.rb +1 -1
- data/lib/mongo/operation/update/op_msg.rb +5 -5
- data/lib/mongo/operation/update/result.rb +2 -2
- data/lib/mongo/operation/update_user.rb +1 -1
- data/lib/mongo/operation/update_user/command.rb +4 -4
- data/lib/mongo/operation/update_user/op_msg.rb +2 -2
- data/lib/mongo/operation/users_info.rb +1 -1
- data/lib/mongo/operation/users_info/command.rb +4 -4
- data/lib/mongo/operation/users_info/op_msg.rb +2 -2
- data/lib/mongo/operation/users_info/result.rb +1 -1
- data/lib/mongo/options.rb +1 -1
- data/lib/mongo/options/mapper.rb +1 -1
- data/lib/mongo/options/redacted.rb +1 -1
- data/lib/mongo/protocol/bit_vector.rb +3 -2
- data/lib/mongo/protocol/compressed.rb +7 -6
- data/lib/mongo/protocol/delete.rb +1 -1
- data/lib/mongo/protocol/get_more.rb +1 -1
- data/lib/mongo/protocol/insert.rb +4 -2
- data/lib/mongo/protocol/kill_cursors.rb +1 -1
- data/lib/mongo/protocol/message.rb +95 -16
- data/lib/mongo/protocol/msg.rb +189 -38
- data/lib/mongo/protocol/query.rb +8 -10
- data/lib/mongo/protocol/registry.rb +1 -1
- data/lib/mongo/protocol/reply.rb +1 -1
- data/lib/mongo/protocol/serializers.rb +51 -16
- data/lib/mongo/protocol/update.rb +1 -1
- data/lib/mongo/retryable.rb +24 -11
- data/lib/mongo/semaphore.rb +1 -1
- data/lib/mongo/server.rb +42 -11
- data/lib/mongo/server/app_metadata.rb +17 -4
- data/lib/mongo/server/connection.rb +40 -126
- data/lib/mongo/server/connection_base.rb +106 -19
- data/lib/mongo/server/connection_common.rb +135 -0
- data/lib/mongo/server/connection_pool.rb +57 -2
- data/lib/mongo/server/connection_pool/populator.rb +2 -2
- data/lib/mongo/server/context.rb +1 -1
- data/lib/mongo/server/description.rb +53 -13
- data/lib/mongo/server/description/features.rb +12 -3
- data/lib/mongo/server/monitor.rb +118 -72
- data/lib/mongo/server/monitor/app_metadata.rb +1 -1
- data/lib/mongo/server/monitor/connection.rb +62 -96
- data/lib/mongo/server/pending_connection.rb +204 -1
- data/lib/mongo/server/round_trip_time_averager.rb +12 -3
- data/lib/mongo/server_selector.rb +2 -1
- data/lib/mongo/server_selector/base.rb +40 -0
- data/lib/mongo/server_selector/nearest.rb +25 -15
- data/lib/mongo/server_selector/primary.rb +23 -22
- data/lib/mongo/server_selector/primary_preferred.rb +25 -15
- data/lib/mongo/server_selector/secondary.rb +25 -15
- data/lib/mongo/server_selector/secondary_preferred.rb +28 -27
- data/lib/mongo/server_selector/selectable.rb +30 -15
- data/lib/mongo/session.rb +15 -4
- data/lib/mongo/session/server_session.rb +1 -1
- data/lib/mongo/session/session_pool.rb +9 -4
- data/lib/mongo/socket.rb +120 -30
- data/lib/mongo/socket/ssl.rb +110 -32
- data/lib/mongo/socket/tcp.rb +41 -24
- data/lib/mongo/socket/unix.rb +14 -6
- data/lib/mongo/srv.rb +1 -1
- data/lib/mongo/srv/monitor.rb +74 -43
- data/lib/mongo/srv/resolver.rb +1 -1
- data/lib/mongo/srv/result.rb +1 -2
- data/lib/mongo/timeout.rb +49 -0
- data/lib/mongo/topology_version.rb +80 -0
- data/lib/mongo/uri.rb +84 -41
- data/lib/mongo/uri/srv_protocol.rb +10 -2
- data/lib/mongo/version.rb +2 -2
- data/lib/mongo/write_concern.rb +1 -1
- data/lib/mongo/write_concern/acknowledged.rb +1 -1
- data/lib/mongo/write_concern/base.rb +1 -1
- data/lib/mongo/write_concern/unacknowledged.rb +1 -1
- data/mongo.gemspec +2 -4
- data/spec/NOTES.aws-auth.md +291 -0
- data/spec/README.aws-auth.md +318 -0
- data/spec/README.md +282 -14
- data/spec/integration/auth_spec.rb +74 -1
- data/spec/integration/aws_auth_request_spec.rb +74 -0
- data/spec/integration/aws_credentials_retriever_spec.rb +103 -0
- data/spec/integration/bson_symbol_spec.rb +34 -0
- data/spec/integration/change_stream_spec.rb +123 -51
- data/spec/integration/{client_options_spec.rb → client_authentication_options_spec.rb} +15 -15
- data/spec/integration/client_construction_aws_auth_spec.rb +191 -0
- data/spec/integration/client_construction_spec.rb +101 -2
- data/spec/integration/client_side_encryption/auto_encryption_bulk_writes_spec.rb +353 -0
- data/spec/integration/client_side_encryption/auto_encryption_command_monitoring_spec.rb +303 -0
- data/spec/integration/client_side_encryption/auto_encryption_mongocryptd_spawn_spec.rb +72 -0
- data/spec/integration/client_side_encryption/auto_encryption_old_wire_version_spec.rb +79 -0
- data/spec/integration/client_side_encryption/auto_encryption_reconnect_spec.rb +221 -0
- data/spec/integration/client_side_encryption/auto_encryption_spec.rb +601 -0
- data/spec/integration/client_side_encryption/bson_size_limit_spec.rb +187 -0
- data/spec/integration/client_side_encryption/bypass_mongocryptd_spawn_spec.rb +78 -0
- data/spec/integration/client_side_encryption/client_close_spec.rb +63 -0
- data/spec/integration/client_side_encryption/corpus_spec.rb +233 -0
- data/spec/integration/client_side_encryption/custom_endpoint_spec.rb +132 -0
- data/spec/integration/client_side_encryption/data_key_spec.rb +165 -0
- data/spec/integration/client_side_encryption/explicit_encryption_spec.rb +114 -0
- data/spec/integration/client_side_encryption/external_key_vault_spec.rb +141 -0
- data/spec/integration/client_side_encryption/views_spec.rb +44 -0
- data/spec/integration/client_update_spec.rb +154 -0
- data/spec/integration/collection_indexes_prose_spec.rb +55 -0
- data/spec/integration/command_monitoring_spec.rb +33 -7
- data/spec/integration/command_spec.rb +55 -19
- data/spec/integration/connect_single_rs_name_spec.rb +5 -3
- data/spec/integration/connection_spec.rb +115 -9
- data/spec/integration/crud_spec.rb +162 -0
- data/spec/integration/cursor_reaping_spec.rb +16 -11
- data/spec/integration/fork_reconnect_spec.rb +143 -0
- data/spec/integration/get_more_spec.rb +10 -3
- data/spec/integration/heartbeat_events_spec.rb +1 -1
- data/spec/integration/read_preference_spec.rb +67 -11
- data/spec/integration/reconnect_spec.rb +7 -7
- data/spec/integration/retryable_errors_spec.rb +35 -16
- data/spec/integration/{retryable_writes_spec.rb → retryable_writes/retryable_writes_36_and_older_spec.rb} +55 -51
- data/spec/integration/retryable_writes/retryable_writes_40_and_newer_spec.rb +401 -0
- data/spec/integration/retryable_writes/shared/adds_diagnostics.rb +15 -0
- data/spec/integration/retryable_writes/shared/does_not_support_retries.rb +24 -0
- data/spec/integration/retryable_writes/shared/only_supports_legacy_retries.rb +25 -0
- data/spec/integration/retryable_writes/shared/performs_legacy_retries.rb +215 -0
- data/spec/integration/retryable_writes/shared/performs_modern_retries.rb +232 -0
- data/spec/integration/retryable_writes/shared/performs_no_retries.rb +110 -0
- data/spec/integration/retryable_writes/shared/supports_legacy_retries.rb +19 -0
- data/spec/integration/retryable_writes/shared/supports_modern_retries.rb +25 -0
- data/spec/integration/retryable_writes/shared/supports_retries.rb +16 -0
- data/spec/integration/sdam_error_handling_spec.rb +116 -18
- data/spec/integration/sdam_events_spec.rb +1 -0
- data/spec/integration/server_spec.rb +42 -26
- data/spec/integration/size_limit_spec.rb +94 -0
- data/spec/integration/srv_monitoring_spec.rb +16 -8
- data/spec/integration/step_down_spec.rb +15 -15
- data/spec/integration/transactions_api_examples_spec.rb +59 -0
- data/spec/integration/transactions_examples_spec.rb +5 -2
- data/spec/integration/x509_auth_spec.rb +109 -0
- data/spec/kerberos/kerberos_spec.rb +91 -0
- data/spec/lite_spec_helper.rb +41 -33
- data/spec/mongo/address/ipv4_spec.rb +1 -1
- data/spec/mongo/address_spec.rb +20 -14
- data/spec/mongo/auth/cr_spec.rb +15 -7
- data/spec/mongo/auth/gssapi/conversation_spec.rb +121 -0
- data/spec/mongo/auth/invalid_mechanism_spec.rb +1 -1
- data/spec/mongo/auth/ldap/conversation_spec.rb +1 -1
- data/spec/mongo/auth/ldap_spec.rb +8 -4
- data/spec/mongo/auth/scram/conversation_spec.rb +120 -334
- data/spec/mongo/auth/scram256/conversation_spec.rb +171 -0
- data/spec/mongo/auth/{scram/negotiation_spec.rb → scram_negotiation_spec.rb} +79 -75
- data/spec/mongo/auth/scram_spec.rb +55 -85
- data/spec/mongo/auth/user/view_spec.rb +39 -7
- data/spec/mongo/auth/user_spec.rb +13 -1
- data/spec/mongo/auth/x509/conversation_spec.rb +1 -1
- data/spec/mongo/auth/x509_spec.rb +13 -9
- data/spec/mongo/auth_spec.rb +4 -4
- data/spec/mongo/bulk_write/result_spec.rb +11 -7
- data/spec/mongo/bulk_write_spec.rb +208 -4
- data/spec/mongo/client_construction_spec.rb +496 -88
- data/spec/mongo/client_encryption_spec.rb +405 -0
- data/spec/mongo/client_spec.rb +21 -2
- data/spec/mongo/cluster/cursor_reaper_spec.rb +12 -8
- data/spec/mongo/cluster/socket_reaper_spec.rb +14 -3
- data/spec/mongo/cluster_spec.rb +23 -2
- data/spec/mongo/collection/view/aggregation_spec.rb +6 -4
- data/spec/mongo/collection/view/builder/find_command_spec.rb +17 -6
- data/spec/mongo/collection/view/change_stream_resume_spec.rb +392 -0
- data/spec/mongo/collection/view/change_stream_spec.rb +3 -321
- data/spec/mongo/collection/view/iterable_spec.rb +38 -0
- data/spec/mongo/collection/view/map_reduce_spec.rb +9 -5
- data/spec/mongo/collection/view/readable_spec.rb +15 -1
- data/spec/mongo/collection/view/writable_spec.rb +208 -1
- data/spec/mongo/collection/view_spec.rb +1 -1
- data/spec/mongo/collection_spec.rb +35 -52
- data/spec/mongo/crypt/auto_decryption_context_spec.rb +90 -0
- data/spec/mongo/crypt/auto_encrypter_spec.rb +187 -0
- data/spec/mongo/crypt/auto_encryption_context_spec.rb +107 -0
- data/spec/mongo/crypt/binary_spec.rb +115 -0
- data/spec/mongo/crypt/binding/binary_spec.rb +56 -0
- data/spec/mongo/crypt/binding/context_spec.rb +257 -0
- data/spec/mongo/crypt/binding/helpers_spec.rb +46 -0
- data/spec/mongo/crypt/binding/mongocrypt_spec.rb +144 -0
- data/spec/mongo/crypt/binding/status_spec.rb +99 -0
- data/spec/mongo/crypt/binding/version_spec.rb +22 -0
- data/spec/mongo/crypt/binding_unloaded_spec.rb +20 -0
- data/spec/mongo/crypt/data_key_context_spec.rb +213 -0
- data/spec/mongo/crypt/encryption_io_spec.rb +136 -0
- data/spec/mongo/crypt/explicit_decryption_context_spec.rb +72 -0
- data/spec/mongo/crypt/explicit_encryption_context_spec.rb +170 -0
- data/spec/mongo/crypt/handle_spec.rb +232 -0
- data/spec/mongo/crypt/helpers/mongo_crypt_spec_helper.rb +108 -0
- data/spec/mongo/crypt/status_spec.rb +152 -0
- data/spec/mongo/cursor/builder/get_more_command_spec.rb +6 -1
- data/spec/mongo/cursor/builder/op_get_more_spec.rb +6 -1
- data/spec/mongo/cursor/builder/op_kill_cursors_spec.rb +61 -0
- data/spec/mongo/cursor_spec.rb +33 -5
- data/spec/mongo/database_spec.rb +26 -2
- data/spec/mongo/error/bulk_write_error_spec.rb +49 -0
- data/spec/mongo/error/crypt_error_spec.rb +26 -0
- data/spec/mongo/error/max_bson_size_spec.rb +35 -0
- data/spec/mongo/error/no_server_available_spec.rb +11 -1
- data/spec/mongo/error/notable_spec.rb +59 -0
- data/spec/mongo/error/operation_failure_heavy_spec.rb +58 -0
- data/spec/mongo/error/operation_failure_spec.rb +130 -72
- data/spec/mongo/error/unsupported_option_spec.rb +54 -0
- data/spec/mongo/grid/fs_bucket_spec.rb +18 -0
- data/spec/mongo/grid/stream/write_spec.rb +32 -0
- data/spec/mongo/index/view_spec.rb +166 -0
- data/spec/mongo/operation/aggregate/result_spec.rb +6 -1
- data/spec/mongo/operation/aggregate_spec.rb +1 -1
- data/spec/mongo/operation/collections_info_spec.rb +1 -1
- data/spec/mongo/operation/command_spec.rb +3 -3
- data/spec/mongo/operation/create_index_spec.rb +3 -3
- data/spec/mongo/operation/create_user_spec.rb +3 -3
- data/spec/mongo/operation/delete/bulk_spec.rb +18 -6
- data/spec/mongo/operation/delete/op_msg_spec.rb +23 -20
- data/spec/mongo/operation/delete_spec.rb +7 -7
- data/spec/mongo/operation/drop_index_spec.rb +2 -2
- data/spec/mongo/operation/find/legacy_spec.rb +27 -6
- data/spec/mongo/operation/get_more_spec.rb +6 -1
- data/spec/mongo/operation/indexes_spec.rb +1 -1
- data/spec/mongo/operation/insert/bulk_spec.rb +21 -7
- data/spec/mongo/operation/insert/command_spec.rb +4 -0
- data/spec/mongo/operation/insert/op_msg_spec.rb +25 -20
- data/spec/mongo/operation/insert_spec.rb +12 -12
- data/spec/mongo/operation/limited_spec.rb +5 -3
- data/spec/mongo/operation/map_reduce_spec.rb +2 -2
- data/spec/mongo/operation/read_preference_legacy_spec.rb +363 -0
- data/spec/mongo/operation/read_preference_op_msg_spec.rb +304 -0
- data/spec/mongo/operation/remove_user_spec.rb +3 -3
- data/spec/mongo/operation/result_spec.rb +6 -1
- data/spec/mongo/operation/update/bulk_spec.rb +18 -6
- data/spec/mongo/operation/update/command_spec.rb +4 -0
- data/spec/mongo/operation/update/op_msg_spec.rb +25 -20
- data/spec/mongo/operation/update_spec.rb +7 -7
- data/spec/mongo/operation/update_user_spec.rb +1 -1
- data/spec/mongo/protocol/compressed_spec.rb +2 -3
- data/spec/mongo/protocol/delete_spec.rb +9 -8
- data/spec/mongo/protocol/get_more_spec.rb +9 -8
- data/spec/mongo/protocol/insert_spec.rb +9 -8
- data/spec/mongo/protocol/kill_cursors_spec.rb +6 -5
- data/spec/mongo/protocol/msg_spec.rb +57 -53
- data/spec/mongo/protocol/query_spec.rb +12 -12
- data/spec/mongo/protocol/registry_spec.rb +1 -1
- data/spec/mongo/protocol/reply_spec.rb +1 -1
- data/spec/mongo/protocol/update_spec.rb +10 -9
- data/spec/mongo/retryable_spec.rb +71 -70
- data/spec/mongo/server/app_metadata_shared.rb +56 -0
- data/spec/mongo/server/app_metadata_spec.rb +8 -1
- data/spec/mongo/server/connection_auth_spec.rb +31 -12
- data/spec/mongo/server/connection_pool_spec.rb +1 -32
- data/spec/mongo/server/connection_spec.rb +143 -74
- data/spec/mongo/server/monitor/app_metadata_spec.rb +8 -1
- data/spec/mongo/server/monitor/connection_spec.rb +7 -81
- data/spec/mongo/server/monitor_spec.rb +76 -17
- data/spec/mongo/server/round_trip_time_averager_spec.rb +5 -3
- data/spec/mongo/server_selector/nearest_spec.rb +1 -0
- data/spec/mongo/server_selector/primary_preferred_spec.rb +1 -0
- data/spec/mongo/server_selector/primary_spec.rb +18 -0
- data/spec/mongo/server_selector/secondary_preferred_spec.rb +18 -1
- data/spec/mongo/server_selector/secondary_spec.rb +1 -0
- data/spec/mongo/server_selector_spec.rb +0 -1
- data/spec/mongo/session/session_pool_spec.rb +7 -3
- data/spec/mongo/socket/ssl_spec.rb +134 -100
- data/spec/mongo/socket/tcp_spec.rb +3 -11
- data/spec/mongo/socket/unix_spec.rb +2 -2
- data/spec/mongo/socket_spec.rb +9 -9
- data/spec/mongo/srv/monitor_spec.rb +88 -69
- data/spec/mongo/timeout_spec.rb +39 -0
- data/spec/mongo/uri/srv_protocol_spec.rb +2 -2
- data/spec/mongo/uri_spec.rb +74 -12
- data/spec/mongo/write_concern_spec.rb +13 -1
- data/spec/{support → runners}/auth.rb +19 -7
- data/spec/runners/change_streams/outcome.rb +42 -0
- data/spec/runners/change_streams/spec.rb +57 -0
- data/spec/runners/change_streams/test.rb +229 -0
- data/spec/{support → runners}/cmap.rb +1 -1
- data/spec/{support → runners}/cmap/verifier.rb +1 -1
- data/spec/{support → runners}/command_monitoring.rb +2 -2
- data/spec/runners/connection_string.rb +359 -4
- data/spec/{support → runners}/crud.rb +11 -11
- data/spec/{support → runners}/crud/context.rb +1 -1
- data/spec/{support → runners}/crud/operation.rb +127 -33
- data/spec/{support → runners}/crud/outcome.rb +1 -1
- data/spec/{support → runners}/crud/requirement.rb +1 -1
- data/spec/{support → runners}/crud/spec.rb +13 -1
- data/spec/{support → runners}/crud/test.rb +8 -26
- data/spec/runners/crud/test_base.rb +69 -0
- data/spec/{support → runners}/crud/verifier.rb +29 -13
- data/spec/{support → runners}/gridfs.rb +1 -1
- data/spec/{support/server_discovery_and_monitoring.rb → runners/sdam.rb} +41 -22
- data/spec/runners/sdam/verifier.rb +26 -8
- data/spec/{support → runners}/sdam_monitoring.rb +1 -1
- data/spec/{support → runners}/server_selection.rb +0 -0
- data/spec/{support → runners}/server_selection_rtt.rb +0 -0
- data/spec/{support → runners}/transactions.rb +10 -13
- data/spec/{support → runners}/transactions/context.rb +1 -1
- data/spec/{support → runners}/transactions/operation.rb +5 -1
- data/spec/{support → runners}/transactions/spec.rb +1 -1
- data/spec/{support → runners}/transactions/test.rb +82 -56
- data/spec/spec_helper.rb +0 -5
- data/spec/spec_tests/auth_spec.rb +5 -3
- data/spec/spec_tests/change_streams_spec.rb +39 -4
- data/spec/spec_tests/client_side_encryption_spec.rb +11 -0
- data/spec/spec_tests/cmap_spec.rb +5 -0
- data/spec/spec_tests/command_monitoring_spec.rb +3 -0
- data/spec/spec_tests/connection_string_spec.rb +3 -1
- data/spec/spec_tests/crud_spec.rb +2 -0
- data/spec/spec_tests/data/auth/connection-string.yml +69 -0
- data/spec/spec_tests/data/change_streams/change-streams-errors.yml +30 -0
- data/spec/spec_tests/data/change_streams/change-streams-resume-errorLabels.yml +1105 -0
- data/spec/spec_tests/data/change_streams/change-streams-resume-whitelist.yml +1107 -0
- data/spec/spec_tests/data/change_streams/change-streams.yml +5 -4
- data/spec/spec_tests/data/client_side_encryption/aggregate.yml +134 -0
- data/spec/spec_tests/data/client_side_encryption/badQueries.yml +526 -0
- data/spec/spec_tests/data/client_side_encryption/badSchema.yml +73 -0
- data/spec/spec_tests/data/client_side_encryption/basic.yml +116 -0
- data/spec/spec_tests/data/client_side_encryption/bulk.yml +88 -0
- data/spec/spec_tests/data/client_side_encryption/bypassAutoEncryption.yml +100 -0
- data/spec/spec_tests/data/client_side_encryption/bypassedCommand.yml +42 -0
- data/spec/spec_tests/data/client_side_encryption/count.yml +61 -0
- data/spec/spec_tests/data/client_side_encryption/countDocuments.yml +59 -0
- data/spec/spec_tests/data/client_side_encryption/delete.yml +105 -0
- data/spec/spec_tests/data/client_side_encryption/distinct.yml +73 -0
- data/spec/spec_tests/data/client_side_encryption/explain.yml +64 -0
- data/spec/spec_tests/data/client_side_encryption/find.yml +119 -0
- data/spec/spec_tests/data/client_side_encryption/findOneAndDelete.yml +57 -0
- data/spec/spec_tests/data/client_side_encryption/findOneAndReplace.yml +57 -0
- data/spec/spec_tests/data/client_side_encryption/findOneAndUpdate.yml +57 -0
- data/spec/spec_tests/data/client_side_encryption/getMore.yml +68 -0
- data/spec/spec_tests/data/client_side_encryption/insert.yml +102 -0
- data/spec/spec_tests/data/client_side_encryption/keyAltName.yml +71 -0
- data/spec/spec_tests/data/client_side_encryption/localKMS.yml +54 -0
- data/spec/spec_tests/data/client_side_encryption/localSchema.yml +72 -0
- data/spec/spec_tests/data/client_side_encryption/malformedCiphertext.yml +69 -0
- data/spec/spec_tests/data/client_side_encryption/maxWireVersion.yml +20 -0
- data/spec/spec_tests/data/client_side_encryption/missingKey.yml +49 -0
- data/spec/spec_tests/data/client_side_encryption/replaceOne.yml +64 -0
- data/spec/spec_tests/data/client_side_encryption/types.yml +527 -0
- data/spec/spec_tests/data/client_side_encryption/unsupportedCommand.yml +25 -0
- data/spec/spec_tests/data/client_side_encryption/updateMany.yml +77 -0
- data/spec/spec_tests/data/client_side_encryption/updateOne.yml +171 -0
- data/spec/spec_tests/data/crud_v2/aggregate-merge.yml +1 -1
- data/spec/spec_tests/data/crud_v2/bulkWrite-arrayFilters.yml +33 -11
- data/spec/spec_tests/data/crud_v2/bulkWrite-delete-hint-clientError.yml +63 -0
- data/spec/spec_tests/data/crud_v2/bulkWrite-delete-hint-serverError.yml +92 -0
- data/spec/spec_tests/data/crud_v2/bulkWrite-delete-hint.yml +103 -0
- data/spec/spec_tests/data/crud_v2/bulkWrite-update-hint-clientError.yml +90 -0
- data/spec/spec_tests/data/crud_v2/bulkWrite-update-hint-serverError.yml +147 -0
- data/spec/spec_tests/data/crud_v2/bulkWrite-update-hint.yml +164 -0
- data/spec/spec_tests/data/crud_v2/deleteMany-hint-clientError.yml +43 -0
- data/spec/spec_tests/data/crud_v2/deleteMany-hint-serverError.yml +62 -0
- data/spec/spec_tests/data/crud_v2/deleteMany-hint.yml +58 -0
- data/spec/spec_tests/data/crud_v2/deleteOne-hint-clientError.yml +41 -0
- data/spec/spec_tests/data/crud_v2/deleteOne-hint-serverError.yml +60 -0
- data/spec/spec_tests/data/crud_v2/deleteOne-hint.yml +57 -0
- data/spec/spec_tests/data/crud_v2/find-allowdiskuse-clientError.yml +28 -0
- data/spec/spec_tests/data/crud_v2/find-allowdiskuse-serverError.yml +44 -0
- data/spec/spec_tests/data/crud_v2/find-allowdiskuse.yml +50 -0
- data/spec/spec_tests/data/crud_v2/findOneAndDelete-hint-clientError.yml +45 -0
- data/spec/spec_tests/data/crud_v2/findOneAndDelete-hint-serverError.yml +60 -0
- data/spec/spec_tests/data/crud_v2/findOneAndDelete-hint.yml +56 -0
- data/spec/spec_tests/data/crud_v2/findOneAndReplace-hint-clientError.yml +40 -0
- data/spec/spec_tests/data/crud_v2/findOneAndReplace-hint-serverError.yml +59 -0
- data/spec/spec_tests/data/crud_v2/findOneAndReplace-hint.yml +55 -0
- data/spec/spec_tests/data/crud_v2/findOneAndUpdate-hint-clientError.yml +40 -0
- data/spec/spec_tests/data/crud_v2/findOneAndUpdate-hint-serverError.yml +58 -0
- data/spec/spec_tests/data/crud_v2/findOneAndUpdate-hint.yml +55 -0
- data/spec/spec_tests/data/crud_v2/replaceOne-hint.yml +61 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-bulkWrite-delete-hint-clientError.yml +60 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-bulkWrite-update-hint-clientError.yml +88 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-deleteMany-hint-clientError.yml +40 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-deleteOne-hint-clientError.yml +38 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-findOneAndDelete-hint-clientError.yml +42 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-findOneAndReplace-hint-clientError.yml +40 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-findOneAndUpdate-hint-clientError.yml +40 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-replaceOne-hint-clientError.yml +40 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-updateMany-hint-clientError.yml +43 -0
- data/spec/spec_tests/data/crud_v2/unacknowledged-updateOne-hint-clientError.yml +40 -0
- data/spec/spec_tests/data/crud_v2/updateMany-hint-clientError.yml +45 -0
- data/spec/spec_tests/data/crud_v2/updateMany-hint-serverError.yml +66 -0
- data/spec/spec_tests/data/crud_v2/updateMany-hint.yml +65 -0
- data/spec/spec_tests/data/crud_v2/updateOne-hint-clientError.yml +43 -0
- data/spec/spec_tests/data/crud_v2/updateOne-hint-serverError.yml +62 -0
- data/spec/spec_tests/data/crud_v2/updateOne-hint.yml +61 -0
- data/spec/spec_tests/data/crud_v2/updateWithPipelines.yml +65 -0
- data/spec/spec_tests/data/dns_seedlist_discovery/direct-connection-false.yml +10 -0
- data/spec/spec_tests/data/dns_seedlist_discovery/direct-connection-true.yml +5 -0
- data/spec/spec_tests/data/read_write_concern/connection-string/write-concern.yml +1 -4
- data/spec/spec_tests/data/read_write_concern/operation/default-write-concern-2.6.yml +215 -0
- data/spec/spec_tests/data/read_write_concern/operation/default-write-concern-3.2.yml +58 -0
- data/spec/spec_tests/data/read_write_concern/operation/default-write-concern-3.4.yml +95 -0
- data/spec/spec_tests/data/read_write_concern/operation/default-write-concern-4.2.yml +36 -0
- data/spec/spec_tests/data/retryable_writes/bulkWrite-errorLabels.yml +77 -0
- data/spec/spec_tests/data/retryable_writes/bulkWrite-serverErrors.yml +37 -0
- data/spec/spec_tests/data/retryable_writes/deleteOne-errorLabels.yml +48 -0
- data/spec/spec_tests/data/retryable_writes/deleteOne-serverErrors.yml +22 -0
- data/spec/spec_tests/data/retryable_writes/findOneAndDelete-errorLabels.yml +49 -0
- data/spec/spec_tests/data/retryable_writes/findOneAndDelete-serverErrors.yml +23 -0
- data/spec/spec_tests/data/retryable_writes/findOneAndReplace-errorLabels.yml +52 -0
- data/spec/spec_tests/data/retryable_writes/findOneAndReplace-serverErrors.yml +25 -0
- data/spec/spec_tests/data/retryable_writes/findOneAndUpdate-errorLabels.yml +52 -0
- data/spec/spec_tests/data/retryable_writes/findOneAndUpdate-serverErrors.yml +24 -0
- data/spec/spec_tests/data/retryable_writes/insertMany-errorLabels.yml +54 -0
- data/spec/spec_tests/data/retryable_writes/insertMany-serverErrors.yml +24 -0
- data/spec/spec_tests/data/retryable_writes/insertOne-errorLabels.yml +44 -0
- data/spec/spec_tests/data/retryable_writes/insertOne-serverErrors.yml +90 -0
- data/spec/spec_tests/data/retryable_writes/replaceOne-errorLabels.yml +53 -0
- data/spec/spec_tests/data/retryable_writes/replaceOne-serverErrors.yml +23 -0
- data/spec/spec_tests/data/retryable_writes/updateOne-errorLabels.yml +53 -0
- data/spec/spec_tests/data/retryable_writes/updateOne-serverErrors.yml +23 -0
- data/spec/spec_tests/data/sdam/errors/error_handling_handshake.yml +54 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-network-error.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-network-timeout-error.yml +37 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-greater-InterruptedAtShutdown.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-greater-InterruptedDueToReplStateChange.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-greater-NotMaster.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-greater-NotMasterNoSlaveOk.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-greater-NotMasterOrSecondary.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-greater-PrimarySteppedDown.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-greater-ShutdownInProgress.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-missing-InterruptedAtShutdown.yml +51 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-missing-InterruptedDueToReplStateChange.yml +51 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-missing-NotMaster.yml +51 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-missing-NotMasterNoSlaveOk.yml +51 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-missing-NotMasterOrSecondary.yml +51 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-missing-PrimarySteppedDown.yml +51 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-missing-ShutdownInProgress.yml +51 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-proccessId-changed-InterruptedAtShutdown.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-proccessId-changed-InterruptedDueToReplStateChange.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-proccessId-changed-NotMaster.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-proccessId-changed-NotMasterNoSlaveOk.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-proccessId-changed-NotMasterOrSecondary.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-proccessId-changed-PrimarySteppedDown.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/non-stale-topologyVersion-proccessId-changed-ShutdownInProgress.yml +60 -0
- data/spec/spec_tests/data/sdam/errors/post-42-InterruptedAtShutdown.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/post-42-InterruptedDueToReplStateChange.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/post-42-NotMaster.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/post-42-NotMasterNoSlaveOk.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/post-42-NotMasterOrSecondary.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/post-42-PrimarySteppedDown.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/post-42-ShutdownInProgress.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/pre-42-InterruptedAtShutdown.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/pre-42-InterruptedDueToReplStateChange.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/pre-42-NotMaster.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/pre-42-NotMasterNoSlaveOk.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/pre-42-NotMasterOrSecondary.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/pre-42-PrimarySteppedDown.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/pre-42-ShutdownInProgress.yml +46 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-InterruptedAtShutdown.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-InterruptedDueToReplStateChange.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-NotMaster.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-NotMasterNoSlaveOk.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-NotMasterOrSecondary.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-PrimarySteppedDown.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-ShutdownInProgress.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-InterruptedAtShutdown.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-InterruptedDueToReplStateChange.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-NotMaster.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-NotMasterNoSlaveOk.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-NotMasterOrSecondary.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-PrimarySteppedDown.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-ShutdownInProgress.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-network.yml +80 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-afterHandshakeCompletes-timeout.yml +80 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-InterruptedAtShutdown.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-InterruptedDueToReplStateChange.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-NotMaster.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-NotMasterNoSlaveOk.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-NotMasterOrSecondary.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-PrimarySteppedDown.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-ShutdownInProgress.yml +89 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-network.yml +80 -0
- data/spec/spec_tests/data/sdam/errors/stale-generation-beforeHandshakeCompletes-timeout.yml +80 -0
- data/spec/spec_tests/data/sdam/errors/stale-topologyVersion-InterruptedAtShutdown.yml +64 -0
- data/spec/spec_tests/data/sdam/errors/stale-topologyVersion-InterruptedDueToReplStateChange.yml +64 -0
- data/spec/spec_tests/data/sdam/errors/stale-topologyVersion-NotMaster.yml +64 -0
- data/spec/spec_tests/data/sdam/errors/stale-topologyVersion-NotMasterNoSlaveOk.yml +64 -0
- data/spec/spec_tests/data/sdam/errors/stale-topologyVersion-NotMasterOrSecondary.yml +64 -0
- data/spec/spec_tests/data/sdam/errors/stale-topologyVersion-PrimarySteppedDown.yml +64 -0
- data/spec/spec_tests/data/sdam/errors/stale-topologyVersion-ShutdownInProgress.yml +64 -0
- data/spec/spec_tests/data/sdam/rs/compatible.yml +2 -0
- data/spec/spec_tests/data/sdam/rs/compatible_unknown.yml +2 -0
- data/spec/spec_tests/data/sdam/rs/discover_arbiters.yml +2 -2
- data/spec/spec_tests/data/sdam/rs/discover_arbiters_replicaset.yml +43 -0
- data/spec/spec_tests/data/sdam/rs/discover_ghost.yml +35 -0
- data/spec/spec_tests/data/sdam/rs/{ghost_discovered.yml → discover_ghost_replicaset.yml} +1 -1
- data/spec/spec_tests/data/sdam/rs/discover_hidden.yml +50 -0
- data/spec/spec_tests/data/sdam/rs/discover_hidden_replicaset.yml +50 -0
- data/spec/spec_tests/data/sdam/rs/discover_passives.yml +2 -2
- data/spec/spec_tests/data/sdam/rs/discover_passives_replicaset.yml +81 -0
- data/spec/spec_tests/data/sdam/rs/discover_primary.yml +2 -2
- data/spec/spec_tests/data/sdam/rs/discover_primary_replicaset.yml +42 -0
- data/spec/spec_tests/data/sdam/rs/discover_rsother.yml +49 -0
- data/spec/spec_tests/data/sdam/rs/{rsother_discovered.yml → discover_rsother_replicaset.yml} +1 -1
- data/spec/spec_tests/data/sdam/rs/discover_secondary.yml +2 -2
- data/spec/spec_tests/data/sdam/rs/discover_secondary_replicaset.yml +43 -0
- data/spec/spec_tests/data/sdam/rs/incompatible_arbiter.yml +2 -0
- data/spec/spec_tests/data/sdam/rs/incompatible_ghost.yml +4 -4
- data/spec/spec_tests/data/sdam/rs/incompatible_other.yml +3 -1
- data/spec/spec_tests/data/sdam/rs/primary_mismatched_me.yml +23 -27
- data/spec/spec_tests/data/sdam/rs/primary_mismatched_me_not_removed.yml +73 -0
- data/spec/spec_tests/data/sdam/rs/primary_to_no_primary_mismatched_me.yml +79 -56
- data/spec/spec_tests/data/sdam/rs/repeated.yml +101 -0
- data/spec/spec_tests/data/sdam/rs/replicaset_rsnp.yml +20 -0
- data/spec/spec_tests/data/sdam/rs/{primary_address_change.yml → ruby_primary_address_change.yml} +2 -0
- data/spec/spec_tests/data/sdam/rs/{secondary_wrong_set_name_with_primary_second.yml → ruby_secondary_wrong_set_name_with_primary_second.yml} +0 -0
- data/spec/spec_tests/data/sdam/rs/secondary_mismatched_me.yml +3 -2
- data/spec/spec_tests/data/sdam/rs/too_new.yml +2 -0
- data/spec/spec_tests/data/sdam/rs/topology_version_equal.yml +66 -0
- data/spec/spec_tests/data/sdam/rs/topology_version_greater.yml +189 -0
- data/spec/spec_tests/data/sdam/rs/topology_version_less.yml +62 -0
- data/spec/spec_tests/data/sdam/sharded/discover_single_mongos.yml +23 -0
- data/spec/spec_tests/data/sdam/sharded/{primary_address_change.yml → ruby_primary_different_address.yml} +1 -1
- data/spec/spec_tests/data/sdam/sharded/{primary_mismatched_me.yml → ruby_primary_mismatched_me.yml} +1 -1
- data/spec/spec_tests/data/sdam/single/direct_connection_external_ip.yml +1 -1
- data/spec/spec_tests/data/sdam/single/direct_connection_mongos.yml +2 -2
- data/spec/spec_tests/data/sdam/single/direct_connection_replicaset.yml +22 -0
- data/spec/spec_tests/data/sdam/single/direct_connection_rsarbiter.yml +2 -2
- data/spec/spec_tests/data/sdam/single/direct_connection_rsprimary.yml +2 -2
- data/spec/spec_tests/data/sdam/single/direct_connection_rssecondary.yml +2 -2
- data/spec/spec_tests/data/sdam/single/direct_connection_slave.yml +1 -1
- data/spec/spec_tests/data/sdam/single/direct_connection_standalone.yml +2 -2
- data/spec/spec_tests/data/sdam/single/{unavailable_seed.yml → direct_connection_unavailable_seed.yml} +2 -2
- data/spec/spec_tests/data/sdam/single/direct_connection_wrong_set_name.yml +38 -0
- data/spec/spec_tests/data/sdam/{sharded/single_mongos.yml → single/discover_standalone.yml} +7 -6
- data/spec/spec_tests/data/sdam/single/discover_unavailable_seed.yml +28 -0
- data/spec/spec_tests/data/sdam/single/{primary_address_change.yml → ruby_primary_different_address.yml} +1 -1
- data/spec/spec_tests/data/sdam/single/{primary_mismatched_me.yml → ruby_primary_mismatched_me.yml} +1 -1
- data/spec/spec_tests/data/sdam/single/too_old_then_upgraded.yml +46 -0
- data/spec/spec_tests/data/sdam_monitoring/{replica_set_with_primary_change.yml → replica_set_primary_address_change.yml} +27 -5
- data/spec/spec_tests/data/sdam_monitoring/replica_set_with_me_mismatch.yml +26 -74
- data/spec/spec_tests/data/sdam_monitoring/replica_set_with_removal.yml +20 -16
- data/spec/spec_tests/data/sdam_monitoring/standalone_suppress_equal_description_changes.yml +73 -0
- data/spec/spec_tests/data/transactions/create-collection.yml +131 -0
- data/spec/spec_tests/data/transactions/create-index.yml +152 -0
- data/spec/spec_tests/data/transactions/error-labels.yml +87 -21
- data/spec/spec_tests/data/transactions/mongos-recovery-token.yml +1 -0
- data/spec/spec_tests/data/transactions/pin-mongos.yml +2 -3
- data/spec/spec_tests/data/transactions/retryable-abort-errorLabels.yml +124 -0
- data/spec/spec_tests/data/transactions/retryable-abort.yml +17 -2
- data/spec/spec_tests/data/transactions/retryable-commit-errorLabels.yml +132 -0
- data/spec/spec_tests/data/transactions/retryable-commit.yml +24 -9
- data/spec/spec_tests/data/uri_options/auth-options.yml +10 -0
- data/spec/spec_tests/data/uri_options/connection-options.yml +43 -0
- data/spec/spec_tests/data/uri_options/ruby-auth-options.yml +12 -0
- data/spec/spec_tests/data/uri_options/ruby-connection-options.yml +57 -0
- data/spec/spec_tests/data/uri_options/tls-options.yml +75 -4
- data/spec/spec_tests/dns_seedlist_discovery_spec.rb +3 -1
- data/spec/spec_tests/gridfs_spec.rb +2 -0
- data/spec/spec_tests/max_staleness_spec.rb +3 -1
- data/spec/spec_tests/read_write_concern_connection_string_spec.rb +3 -1
- data/spec/spec_tests/read_write_concern_operaton_spec.rb +10 -0
- data/spec/spec_tests/retryable_reads_spec.rb +2 -0
- data/spec/spec_tests/retryable_writes_spec.rb +8 -1
- data/spec/spec_tests/sdam_monitoring_spec.rb +3 -1
- data/spec/spec_tests/sdam_spec.rb +70 -1
- data/spec/spec_tests/server_selection_rtt_spec.rb +2 -0
- data/spec/spec_tests/server_selection_spec.rb +2 -0
- data/spec/spec_tests/transactions_api_spec.rb +5 -0
- data/spec/spec_tests/transactions_spec.rb +5 -0
- data/spec/spec_tests/uri_options_spec.rb +8 -8
- data/spec/stress/cleanup_spec.rb +43 -0
- data/spec/stress/connection_pool_stress_spec.rb +1 -5
- data/spec/stress/connection_pool_timing_spec.rb +9 -9
- data/spec/stress/fork_reconnect_stress_spec.rb +109 -0
- data/spec/support/authorization.rb +1 -11
- data/spec/support/aws_utils.rb +62 -0
- data/spec/support/aws_utils/base.rb +134 -0
- data/spec/support/aws_utils/inspector.rb +224 -0
- data/spec/support/aws_utils/orchestrator.rb +370 -0
- data/spec/support/aws_utils/provisioner.rb +360 -0
- data/spec/support/background_thread_registry.rb +6 -2
- data/spec/support/certificates/README.md +4 -0
- data/spec/support/certificates/server-second-level-bundle.pem +77 -77
- data/spec/support/certificates/server-second-level.crt +52 -52
- data/spec/support/certificates/server-second-level.key +25 -25
- data/spec/support/certificates/server-second-level.pem +77 -77
- data/spec/support/client_registry.rb +24 -27
- data/spec/support/cluster_config.rb +10 -1
- data/spec/support/cluster_tools.rb +11 -4
- data/spec/support/common_shortcuts.rb +55 -0
- data/spec/support/constraints.rb +43 -7
- data/spec/support/crypt.rb +154 -0
- data/spec/support/crypt/corpus/corpus-key-aws.json +33 -0
- data/spec/support/crypt/corpus/corpus-key-local.json +31 -0
- data/spec/support/crypt/corpus/corpus-schema.json +2057 -0
- data/spec/support/crypt/corpus/corpus.json +3657 -0
- data/spec/support/crypt/corpus/corpus_encrypted.json +4152 -0
- data/spec/support/crypt/data_keys/key_document_aws.json +34 -0
- data/spec/support/crypt/data_keys/key_document_local.json +31 -0
- data/spec/support/crypt/external/external-key.json +31 -0
- data/spec/support/crypt/external/external-schema.json +19 -0
- data/spec/support/crypt/limits/limits-doc.json +102 -0
- data/spec/support/crypt/limits/limits-key.json +31 -0
- data/spec/support/crypt/limits/limits-schema.json +1405 -0
- data/spec/support/crypt/schema_maps/schema_map_aws.json +17 -0
- data/spec/support/crypt/schema_maps/schema_map_aws_key_alt_names.json +12 -0
- data/spec/support/crypt/schema_maps/schema_map_local.json +18 -0
- data/spec/support/crypt/schema_maps/schema_map_local_key_alt_names.json +12 -0
- data/spec/support/event_subscriber.rb +94 -84
- data/spec/support/lite_constraints.rb +74 -1
- data/spec/support/matchers.rb +19 -0
- data/spec/support/shared/protocol.rb +2 -0
- data/spec/support/shared/scram_conversation.rb +100 -0
- data/spec/support/shared/server_selector.rb +81 -1
- data/spec/support/shared/session.rb +29 -21
- data/spec/support/spec_config.rb +92 -22
- data/spec/support/spec_setup.rb +8 -4
- data/spec/support/utils.rb +263 -32
- metadata +1285 -682
- metadata.gz.sig +0 -0
- data/lib/mongo/cluster/srv_monitor.rb +0 -127
- data/lib/mongo/server/connectable.rb +0 -107
- data/lib/mongo/srv/warning_result.rb +0 -35
- data/spec/enterprise_auth/kerberos_spec.rb +0 -58
- data/spec/mongo/cluster/srv_monitor_spec.rb +0 -214
- data/spec/mongo/operation/read_preference_spec.rb +0 -245
- data/spec/support/change_streams.rb +0 -262
- data/spec/support/change_streams/operation.rb +0 -89
- data/spec/support/connection_string.rb +0 -354
- data/spec/support/crud/test_base.rb +0 -22
data/lib/mongo/auth/roles.rb
CHANGED
|
@@ -0,0 +1,111 @@
|
|
|
1
|
+
# Copyright (C) 2020 MongoDB Inc.
|
|
2
|
+
#
|
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
|
+
# you may not use this file except in compliance with the License.
|
|
5
|
+
# You may obtain a copy of the License at
|
|
6
|
+
#
|
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
8
|
+
#
|
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
12
|
+
# See the License for the specific language governing permissions and
|
|
13
|
+
# limitations under the License.
|
|
14
|
+
|
|
15
|
+
module Mongo
|
|
16
|
+
module Auth
|
|
17
|
+
|
|
18
|
+
# Defines common behavior around SASL conversations between
|
|
19
|
+
# the client and the server.
|
|
20
|
+
#
|
|
21
|
+
# @api private
|
|
22
|
+
class SaslConversationBase < ConversationBase
|
|
23
|
+
|
|
24
|
+
# The base client first message.
|
|
25
|
+
CLIENT_FIRST_MESSAGE = { saslStart: 1, autoAuthorize: 1 }.freeze
|
|
26
|
+
|
|
27
|
+
# The base client continue message.
|
|
28
|
+
CLIENT_CONTINUE_MESSAGE = { saslContinue: 1 }.freeze
|
|
29
|
+
|
|
30
|
+
# Start the SASL conversation. This returns the first message that
|
|
31
|
+
# needs to be sent to the server.
|
|
32
|
+
#
|
|
33
|
+
# @param [ Server::Connection ] connection The connection being authenticated.
|
|
34
|
+
#
|
|
35
|
+
# @return [ Protocol::Message ] The first SASL conversation message.
|
|
36
|
+
def start(connection)
|
|
37
|
+
selector = client_first_document
|
|
38
|
+
if connection && connection.features.op_msg_enabled?
|
|
39
|
+
selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
|
|
40
|
+
cluster_time = connection.mongos? && connection.cluster_time
|
|
41
|
+
selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
|
|
42
|
+
Protocol::Msg.new([], {}, selector)
|
|
43
|
+
else
|
|
44
|
+
Protocol::Query.new(
|
|
45
|
+
user.auth_source,
|
|
46
|
+
Database::COMMAND,
|
|
47
|
+
selector,
|
|
48
|
+
limit: -1,
|
|
49
|
+
)
|
|
50
|
+
end
|
|
51
|
+
end
|
|
52
|
+
|
|
53
|
+
private
|
|
54
|
+
|
|
55
|
+
# Gets the auth mechanism name for the conversation class.
|
|
56
|
+
#
|
|
57
|
+
# Example return: SCRAM-SHA-1.
|
|
58
|
+
#
|
|
59
|
+
# @return [ String ] Auth mechanism name.
|
|
60
|
+
def auth_mechanism_name
|
|
61
|
+
# self.class.name is e.g. Mongo::Auth::Scram256::Mechanism.
|
|
62
|
+
# We need Mongo::Auth::Scram::MECHANISM.
|
|
63
|
+
# Pull out the Scram256 part, get that class off of Auth,
|
|
64
|
+
# then get the value of MECHANISM constant in Scram256.
|
|
65
|
+
# With ActiveSupport, this method would be:
|
|
66
|
+
# self.class.module_parent.const_get(:MECHANISM)
|
|
67
|
+
parts = self.class.name.split('::')
|
|
68
|
+
parts.pop
|
|
69
|
+
Auth.const_get(parts.last).const_get(:MECHANISM)
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
def client_first_message_options
|
|
73
|
+
nil
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def client_first_document
|
|
77
|
+
payload = client_first_payload
|
|
78
|
+
if Lint.enabled?
|
|
79
|
+
unless payload.is_a?(String)
|
|
80
|
+
raise Error::LintError, "Payload must be a string but is a #{payload.class}: #{payload}"
|
|
81
|
+
end
|
|
82
|
+
end
|
|
83
|
+
doc = CLIENT_FIRST_MESSAGE.merge(
|
|
84
|
+
mechanism: auth_mechanism_name,
|
|
85
|
+
payload: BSON::Binary.new(payload),
|
|
86
|
+
)
|
|
87
|
+
if options = client_first_message_options
|
|
88
|
+
# Short SCRAM conversation,
|
|
89
|
+
# https://jira.mongodb.org/browse/DRIVERS-707
|
|
90
|
+
doc[:options] = options
|
|
91
|
+
end
|
|
92
|
+
doc
|
|
93
|
+
end
|
|
94
|
+
|
|
95
|
+
# Helper method to validate that server nonce starts with the client
|
|
96
|
+
# nonce.
|
|
97
|
+
#
|
|
98
|
+
# Note that this class does not define the client_nonce or server_nonce
|
|
99
|
+
# attributes - derived classes must do so.
|
|
100
|
+
def validate_server_nonce!
|
|
101
|
+
if client_nonce.nil? || client_nonce.empty?
|
|
102
|
+
raise ArgumentError, 'Cannot validate server nonce when client nonce is nil or empty'
|
|
103
|
+
end
|
|
104
|
+
|
|
105
|
+
unless server_nonce.start_with?(client_nonce)
|
|
106
|
+
raise Error::InvalidNonce.new(client_nonce, server_nonce)
|
|
107
|
+
end
|
|
108
|
+
end
|
|
109
|
+
end
|
|
110
|
+
end
|
|
111
|
+
end
|
data/lib/mongo/auth/scram.rb
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (C) 2014-
|
|
1
|
+
# Copyright (C) 2014-2020 MongoDB Inc.
|
|
2
2
|
#
|
|
3
3
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
4
|
# you may not use this file except in compliance with the License.
|
|
@@ -12,73 +12,61 @@
|
|
|
12
12
|
# See the License for the specific language governing permissions and
|
|
13
13
|
# limitations under the License.
|
|
14
14
|
|
|
15
|
-
require 'mongo/auth/scram/conversation'
|
|
16
|
-
|
|
17
15
|
module Mongo
|
|
18
16
|
module Auth
|
|
19
17
|
|
|
20
18
|
# Defines behavior for SCRAM authentication.
|
|
21
19
|
#
|
|
22
|
-
# @since 2.0.0
|
|
23
20
|
# @api private
|
|
24
|
-
class
|
|
21
|
+
class Scram < Base
|
|
25
22
|
|
|
26
|
-
# The authentication mechanism string
|
|
27
|
-
|
|
28
|
-
# @since 2.6.0
|
|
29
|
-
SCRAM_SHA_1_MECHANISM = 'SCRAM-SHA-1'.freeze
|
|
23
|
+
# The authentication mechanism string.
|
|
24
|
+
MECHANISM = 'SCRAM-SHA-1'.freeze
|
|
30
25
|
|
|
31
|
-
#
|
|
26
|
+
# Initializes the Scram authenticator.
|
|
32
27
|
#
|
|
33
|
-
# @
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
# Map the user-specified authentication mechanism to the proper names of the mechanisms.
|
|
28
|
+
# @param [ Auth::User ] user The user to authenticate.
|
|
29
|
+
# @param [ Mongo::Connection ] connection The connection to authenticate over.
|
|
37
30
|
#
|
|
38
|
-
# @
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
31
|
+
# @option opts [ String | nil ] speculative_auth_client_nonce The client
|
|
32
|
+
# nonce used in speculative auth on the specified connection that
|
|
33
|
+
# produced the specified speculative auth result.
|
|
34
|
+
# @option opts [ BSON::Document | nil ] speculative_auth_result The
|
|
35
|
+
# value of speculativeAuthenticate field of ismaster response of
|
|
36
|
+
# the handshake on the specified connection.
|
|
37
|
+
def initialize(user, connection, **opts)
|
|
38
|
+
super
|
|
39
|
+
@speculative_auth_client_nonce = opts[:speculative_auth_client_nonce]
|
|
40
|
+
@speculative_auth_result = opts[:speculative_auth_result]
|
|
41
|
+
end
|
|
43
42
|
|
|
44
|
-
# @return [
|
|
45
|
-
|
|
43
|
+
# @return [ String | nil ] The client nonce used in speculative auth on
|
|
44
|
+
# the current connection.
|
|
45
|
+
attr_reader :speculative_auth_client_nonce
|
|
46
46
|
|
|
47
|
-
#
|
|
48
|
-
#
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
# @since 2.0.0
|
|
55
|
-
def initialize(user)
|
|
56
|
-
@user = user
|
|
47
|
+
# @return [ BSON::Document | nil ] The value of speculativeAuthenticate
|
|
48
|
+
# field of ismaster response of the handshake on the current connection.
|
|
49
|
+
attr_reader :speculative_auth_result
|
|
50
|
+
|
|
51
|
+
def conversation
|
|
52
|
+
@conversation ||= self.class.const_get(:Conversation).new(
|
|
53
|
+
user, connection, client_nonce: speculative_auth_client_nonce)
|
|
57
54
|
end
|
|
58
55
|
|
|
59
|
-
# Log the user in on the
|
|
60
|
-
#
|
|
61
|
-
# @example Log the user in.
|
|
62
|
-
# user.login(connection)
|
|
63
|
-
#
|
|
64
|
-
# @param [ Mongo::Connection ] connection The connection to log into.
|
|
56
|
+
# Log the user in on the current connection.
|
|
65
57
|
#
|
|
66
|
-
# @return [
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
reply = connection.dispatch([ conversation.continue(reply, connection) ])
|
|
75
|
-
connection.update_cluster_time(Operation::Result.new(reply))
|
|
76
|
-
until reply.documents[0][Conversation::DONE]
|
|
77
|
-
reply = connection.dispatch([ conversation.finalize(reply, connection) ])
|
|
78
|
-
connection.update_cluster_time(Operation::Result.new(reply))
|
|
58
|
+
# @return [ BSON::Document ] The document of the authentication response.
|
|
59
|
+
def login
|
|
60
|
+
converse_multi_step(connection, conversation,
|
|
61
|
+
speculative_auth_result: speculative_auth_result,
|
|
62
|
+
).tap do
|
|
63
|
+
unless conversation.server_verified?
|
|
64
|
+
raise Error::MissingScramServerSignature
|
|
65
|
+
end
|
|
79
66
|
end
|
|
80
|
-
reply
|
|
81
67
|
end
|
|
82
68
|
end
|
|
83
69
|
end
|
|
84
70
|
end
|
|
71
|
+
|
|
72
|
+
require 'mongo/auth/scram/conversation'
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
# Copyright (C) 2014-
|
|
1
|
+
# Copyright (C) 2014-2020 MongoDB Inc.
|
|
2
2
|
#
|
|
3
3
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
4
4
|
# you may not use this file except in compliance with the License.
|
|
@@ -14,342 +14,16 @@
|
|
|
14
14
|
|
|
15
15
|
module Mongo
|
|
16
16
|
module Auth
|
|
17
|
-
class
|
|
17
|
+
class Scram
|
|
18
18
|
|
|
19
|
-
# Defines behavior around a single SCRAM-SHA-1
|
|
19
|
+
# Defines behavior around a single SCRAM-SHA-1 conversation between
|
|
20
20
|
# the client and server.
|
|
21
21
|
#
|
|
22
|
-
# @since 2.0.0
|
|
23
22
|
# @api private
|
|
24
|
-
class Conversation
|
|
25
|
-
|
|
26
|
-
# The base client continue message.
|
|
27
|
-
#
|
|
28
|
-
# @since 2.0.0
|
|
29
|
-
CLIENT_CONTINUE_MESSAGE = { saslContinue: 1 }.freeze
|
|
30
|
-
|
|
31
|
-
# The base client first message.
|
|
32
|
-
#
|
|
33
|
-
# @since 2.0.0
|
|
34
|
-
CLIENT_FIRST_MESSAGE = { saslStart: 1, autoAuthorize: 1 }.freeze
|
|
35
|
-
|
|
36
|
-
# The client key string.
|
|
37
|
-
#
|
|
38
|
-
# @since 2.0.0
|
|
39
|
-
CLIENT_KEY = 'Client Key'.freeze
|
|
40
|
-
|
|
41
|
-
# The key for the done field in the responses.
|
|
42
|
-
#
|
|
43
|
-
# @since 2.0.0
|
|
44
|
-
DONE = 'done'.freeze
|
|
45
|
-
|
|
46
|
-
# The conversation id field.
|
|
47
|
-
#
|
|
48
|
-
# @since 2.0.0
|
|
49
|
-
ID = 'conversationId'.freeze
|
|
50
|
-
|
|
51
|
-
# The iterations key in the responses.
|
|
52
|
-
#
|
|
53
|
-
# @since 2.0.0
|
|
54
|
-
ITERATIONS = /i=(\d+)/.freeze
|
|
55
|
-
|
|
56
|
-
# The minimum iteration count for SCRAM-SHA-256.
|
|
57
|
-
#
|
|
58
|
-
# @api private
|
|
59
|
-
#
|
|
60
|
-
# @since 2.6.0
|
|
61
|
-
MIN_ITER_COUNT = 4096
|
|
62
|
-
|
|
63
|
-
# The payload field.
|
|
64
|
-
#
|
|
65
|
-
# @since 2.0.0
|
|
66
|
-
PAYLOAD = 'payload'.freeze
|
|
67
|
-
|
|
68
|
-
# The rnonce key in the responses.
|
|
69
|
-
#
|
|
70
|
-
# @since 2.0.0
|
|
71
|
-
RNONCE = /r=([^,]*)/.freeze
|
|
72
|
-
|
|
73
|
-
# The salt key in the responses.
|
|
74
|
-
#
|
|
75
|
-
# @since 2.0.0
|
|
76
|
-
SALT = /s=([^,]*)/.freeze
|
|
77
|
-
|
|
78
|
-
# The server key string.
|
|
79
|
-
#
|
|
80
|
-
# @since 2.0.0
|
|
81
|
-
SERVER_KEY = 'Server Key'.freeze
|
|
82
|
-
|
|
83
|
-
# The server signature verifier in the response.
|
|
84
|
-
#
|
|
85
|
-
# @since 2.0.0
|
|
86
|
-
VERIFIER = /v=([^,]*)/.freeze
|
|
87
|
-
|
|
88
|
-
# @return [ String ] nonce The initial user nonce.
|
|
89
|
-
attr_reader :nonce
|
|
90
|
-
|
|
91
|
-
# @return [ Protocol::Message ] reply The current reply in the
|
|
92
|
-
# conversation.
|
|
93
|
-
attr_reader :reply
|
|
94
|
-
|
|
95
|
-
# @return [ User ] user The user for the conversation.
|
|
96
|
-
attr_reader :user
|
|
97
|
-
|
|
98
|
-
# Continue the SCRAM conversation. This sends the client final message
|
|
99
|
-
# to the server after setting the reply from the previous server
|
|
100
|
-
# communication.
|
|
101
|
-
#
|
|
102
|
-
# @example Continue the conversation.
|
|
103
|
-
# conversation.continue(reply)
|
|
104
|
-
#
|
|
105
|
-
# @param [ Protocol::Message ] reply The reply of the previous
|
|
106
|
-
# message.
|
|
107
|
-
# @param [ Server::Connection ] connection The connection being
|
|
108
|
-
# authenticated.
|
|
109
|
-
#
|
|
110
|
-
# @return [ Protocol::Message ] The next message to send.
|
|
111
|
-
#
|
|
112
|
-
# @since 2.0.0
|
|
113
|
-
def continue(reply, connection)
|
|
114
|
-
validate_first_message!(reply, connection.server)
|
|
115
|
-
|
|
116
|
-
# The salted password needs to be calculated now; otherwise, if the
|
|
117
|
-
# client key is cached from a previous authentication, the salt in the
|
|
118
|
-
# reply will no longer be available for when the salted password is
|
|
119
|
-
# needed to calculate the server key.
|
|
120
|
-
salted_password
|
|
121
|
-
|
|
122
|
-
if connection && connection.features.op_msg_enabled?
|
|
123
|
-
selector = CLIENT_CONTINUE_MESSAGE.merge(
|
|
124
|
-
payload: client_final_message,
|
|
125
|
-
conversationId: id,
|
|
126
|
-
)
|
|
127
|
-
selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
|
|
128
|
-
cluster_time = connection.mongos? && connection.cluster_time
|
|
129
|
-
selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
|
|
130
|
-
Protocol::Msg.new([], {}, selector)
|
|
131
|
-
else
|
|
132
|
-
Protocol::Query.new(
|
|
133
|
-
user.auth_source,
|
|
134
|
-
Database::COMMAND,
|
|
135
|
-
CLIENT_CONTINUE_MESSAGE.merge(
|
|
136
|
-
payload: client_final_message,
|
|
137
|
-
conversationId: id,
|
|
138
|
-
),
|
|
139
|
-
limit: -1,
|
|
140
|
-
)
|
|
141
|
-
end
|
|
142
|
-
end
|
|
143
|
-
|
|
144
|
-
# Finalize the SCRAM conversation. This is meant to be iterated until
|
|
145
|
-
# the provided reply indicates the conversation is finished.
|
|
146
|
-
#
|
|
147
|
-
# @param [ Protocol::Message ] reply The reply of the previous
|
|
148
|
-
# message.
|
|
149
|
-
# @param [ Server::Connection ] connection The connection being authenticated.
|
|
150
|
-
#
|
|
151
|
-
# @return [ Protocol::Query ] The next message to send.
|
|
152
|
-
#
|
|
153
|
-
# @since 2.0.0
|
|
154
|
-
def finalize(reply, connection)
|
|
155
|
-
validate_final_message!(reply, connection.server)
|
|
156
|
-
if connection && connection.features.op_msg_enabled?
|
|
157
|
-
selector = CLIENT_CONTINUE_MESSAGE.merge(
|
|
158
|
-
payload: client_empty_message,
|
|
159
|
-
conversationId: id,
|
|
160
|
-
)
|
|
161
|
-
selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
|
|
162
|
-
cluster_time = connection.mongos? && connection.cluster_time
|
|
163
|
-
selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
|
|
164
|
-
Protocol::Msg.new([], {}, selector)
|
|
165
|
-
else
|
|
166
|
-
Protocol::Query.new(
|
|
167
|
-
user.auth_source,
|
|
168
|
-
Database::COMMAND,
|
|
169
|
-
CLIENT_CONTINUE_MESSAGE.merge(
|
|
170
|
-
payload: client_empty_message,
|
|
171
|
-
conversationId: id,
|
|
172
|
-
),
|
|
173
|
-
limit: -1,
|
|
174
|
-
)
|
|
175
|
-
end
|
|
176
|
-
end
|
|
177
|
-
|
|
178
|
-
# Start the SCRAM conversation. This returns the first message that
|
|
179
|
-
# needs to be sent to the server.
|
|
180
|
-
#
|
|
181
|
-
# @param [ Server::Connection ] connection The connection being authenticated.
|
|
182
|
-
#
|
|
183
|
-
# @return [ Protocol::Query ] The first SCRAM conversation message.
|
|
184
|
-
#
|
|
185
|
-
# @since 2.0.0
|
|
186
|
-
def start(connection)
|
|
187
|
-
if connection && connection.features.op_msg_enabled?
|
|
188
|
-
selector = CLIENT_FIRST_MESSAGE.merge(
|
|
189
|
-
payload: client_first_message, mechanism: full_mechanism)
|
|
190
|
-
selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
|
|
191
|
-
cluster_time = connection.mongos? && connection.cluster_time
|
|
192
|
-
selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
|
|
193
|
-
Protocol::Msg.new([], {}, selector)
|
|
194
|
-
else
|
|
195
|
-
Protocol::Query.new(
|
|
196
|
-
user.auth_source,
|
|
197
|
-
Database::COMMAND,
|
|
198
|
-
CLIENT_FIRST_MESSAGE.merge(
|
|
199
|
-
payload: client_first_message, mechanism: full_mechanism),
|
|
200
|
-
limit: -1,
|
|
201
|
-
)
|
|
202
|
-
end
|
|
203
|
-
end
|
|
204
|
-
|
|
205
|
-
def full_mechanism
|
|
206
|
-
MECHANISMS[@mechanism]
|
|
207
|
-
end
|
|
208
|
-
|
|
209
|
-
# Get the id of the conversation.
|
|
210
|
-
#
|
|
211
|
-
# @example Get the id of the conversation.
|
|
212
|
-
# conversation.id
|
|
213
|
-
#
|
|
214
|
-
# @return [ Integer ] The conversation id.
|
|
215
|
-
#
|
|
216
|
-
# @since 2.0.0
|
|
217
|
-
def id
|
|
218
|
-
reply.documents[0][ID]
|
|
219
|
-
end
|
|
220
|
-
|
|
221
|
-
# Create the new conversation.
|
|
222
|
-
#
|
|
223
|
-
# @example Create the new conversation.
|
|
224
|
-
# Conversation.new(user, mechanism)
|
|
225
|
-
#
|
|
226
|
-
# @param [ Auth::User ] user The user to converse about.
|
|
227
|
-
# @param [ Symbol ] mechanism Authentication mechanism.
|
|
228
|
-
#
|
|
229
|
-
# @since 2.0.0
|
|
230
|
-
def initialize(user, mechanism)
|
|
231
|
-
unless [:scram, :scram256].include?(mechanism)
|
|
232
|
-
raise InvalidMechanism.new(mechanism)
|
|
233
|
-
end
|
|
234
|
-
|
|
235
|
-
@user = user
|
|
236
|
-
@nonce = SecureRandom.base64
|
|
237
|
-
@client_key = user.send(:client_key)
|
|
238
|
-
@mechanism = mechanism
|
|
239
|
-
end
|
|
23
|
+
class Conversation < ScramConversationBase
|
|
240
24
|
|
|
241
25
|
private
|
|
242
26
|
|
|
243
|
-
# Auth message algorithm implementation.
|
|
244
|
-
#
|
|
245
|
-
# @api private
|
|
246
|
-
#
|
|
247
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
248
|
-
#
|
|
249
|
-
# @since 2.0.0
|
|
250
|
-
def auth_message
|
|
251
|
-
@auth_message ||= "#{first_bare},#{reply.documents[0][PAYLOAD].data},#{without_proof}"
|
|
252
|
-
end
|
|
253
|
-
|
|
254
|
-
# Get the empty client message.
|
|
255
|
-
#
|
|
256
|
-
# @api private
|
|
257
|
-
#
|
|
258
|
-
# @since 2.0.0
|
|
259
|
-
def client_empty_message
|
|
260
|
-
BSON::Binary.new('')
|
|
261
|
-
end
|
|
262
|
-
|
|
263
|
-
# Get the final client message.
|
|
264
|
-
#
|
|
265
|
-
# @api private
|
|
266
|
-
#
|
|
267
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
268
|
-
#
|
|
269
|
-
# @since 2.0.0
|
|
270
|
-
def client_final_message
|
|
271
|
-
BSON::Binary.new("#{without_proof},p=#{client_final}")
|
|
272
|
-
end
|
|
273
|
-
|
|
274
|
-
# Get the client first message
|
|
275
|
-
#
|
|
276
|
-
# @api private
|
|
277
|
-
#
|
|
278
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
279
|
-
#
|
|
280
|
-
# @since 2.0.0
|
|
281
|
-
def client_first_message
|
|
282
|
-
BSON::Binary.new("n,,#{first_bare}")
|
|
283
|
-
end
|
|
284
|
-
|
|
285
|
-
# Client final implementation.
|
|
286
|
-
#
|
|
287
|
-
# @api private
|
|
288
|
-
#
|
|
289
|
-
# @see http://tools.ietf.org/html/rfc5802#section-7
|
|
290
|
-
#
|
|
291
|
-
# @since 2.0.0
|
|
292
|
-
def client_final
|
|
293
|
-
@client_final ||= client_proof(client_key, client_signature(stored_key(client_key), auth_message))
|
|
294
|
-
end
|
|
295
|
-
|
|
296
|
-
# Client key algorithm implementation.
|
|
297
|
-
#
|
|
298
|
-
# @api private
|
|
299
|
-
#
|
|
300
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
301
|
-
#
|
|
302
|
-
# @since 2.0.0
|
|
303
|
-
def client_key
|
|
304
|
-
@client_key ||= hmac(salted_password, CLIENT_KEY)
|
|
305
|
-
user.instance_variable_set(:@client_key, @client_key) unless user.send(:client_key)
|
|
306
|
-
@client_key
|
|
307
|
-
end
|
|
308
|
-
|
|
309
|
-
# Client proof algorithm implementation.
|
|
310
|
-
#
|
|
311
|
-
# @api private
|
|
312
|
-
#
|
|
313
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
314
|
-
#
|
|
315
|
-
# @since 2.0.0
|
|
316
|
-
def client_proof(key, signature)
|
|
317
|
-
@client_proof ||= Base64.strict_encode64(xor(key, signature))
|
|
318
|
-
end
|
|
319
|
-
|
|
320
|
-
# Client signature algorithm implementation.
|
|
321
|
-
#
|
|
322
|
-
# @api private
|
|
323
|
-
#
|
|
324
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
325
|
-
#
|
|
326
|
-
# @since 2.0.0
|
|
327
|
-
def client_signature(key, message)
|
|
328
|
-
@client_signature ||= hmac(key, message)
|
|
329
|
-
end
|
|
330
|
-
|
|
331
|
-
# First bare implementation.
|
|
332
|
-
#
|
|
333
|
-
# @api private
|
|
334
|
-
#
|
|
335
|
-
# @see http://tools.ietf.org/html/rfc5802#section-7
|
|
336
|
-
#
|
|
337
|
-
# @since 2.0.0
|
|
338
|
-
def first_bare
|
|
339
|
-
@first_bare ||= "n=#{user.encoded_name},r=#{nonce}"
|
|
340
|
-
end
|
|
341
|
-
|
|
342
|
-
# H algorithm implementation.
|
|
343
|
-
#
|
|
344
|
-
# @api private
|
|
345
|
-
#
|
|
346
|
-
# @see http://tools.ietf.org/html/rfc5802#section-2.2
|
|
347
|
-
#
|
|
348
|
-
# @since 2.0.0
|
|
349
|
-
def h(string)
|
|
350
|
-
digest.digest(string)
|
|
351
|
-
end
|
|
352
|
-
|
|
353
27
|
# HI algorithm implementation.
|
|
354
28
|
#
|
|
355
29
|
# @api private
|
|
@@ -358,75 +32,12 @@ module Mongo
|
|
|
358
32
|
#
|
|
359
33
|
# @since 2.0.0
|
|
360
34
|
def hi(data)
|
|
361
|
-
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
digest.size,
|
|
368
|
-
digest
|
|
369
|
-
)
|
|
370
|
-
else
|
|
371
|
-
OpenSSL::PKCS5.pbkdf2_hmac_sha1(
|
|
372
|
-
data,
|
|
373
|
-
Base64.strict_decode64(salt),
|
|
374
|
-
iterations,
|
|
375
|
-
digest.size
|
|
376
|
-
)
|
|
377
|
-
end
|
|
378
|
-
end
|
|
379
|
-
|
|
380
|
-
# HMAC algorithm implementation.
|
|
381
|
-
#
|
|
382
|
-
# @api private
|
|
383
|
-
#
|
|
384
|
-
# @see http://tools.ietf.org/html/rfc5802#section-2.2
|
|
385
|
-
#
|
|
386
|
-
# @since 2.0.0
|
|
387
|
-
def hmac(data, key)
|
|
388
|
-
OpenSSL::HMAC.digest(digest, data, key)
|
|
389
|
-
end
|
|
390
|
-
|
|
391
|
-
# Get the iterations from the server response.
|
|
392
|
-
#
|
|
393
|
-
# @api private
|
|
394
|
-
#
|
|
395
|
-
# @since 2.0.0
|
|
396
|
-
def iterations
|
|
397
|
-
@iterations ||= payload_data.match(ITERATIONS)[1].to_i.tap do |i|
|
|
398
|
-
if i < MIN_ITER_COUNT
|
|
399
|
-
raise Error::InsufficientIterationCount.new(
|
|
400
|
-
Error::InsufficientIterationCount.message(MIN_ITER_COUNT, i))
|
|
401
|
-
end
|
|
402
|
-
end
|
|
403
|
-
end
|
|
404
|
-
|
|
405
|
-
# Get the data from the returned payload.
|
|
406
|
-
#
|
|
407
|
-
# @api private
|
|
408
|
-
#
|
|
409
|
-
# @since 2.0.0
|
|
410
|
-
def payload_data
|
|
411
|
-
reply.documents[0][PAYLOAD].data
|
|
412
|
-
end
|
|
413
|
-
|
|
414
|
-
# Get the server nonce from the payload.
|
|
415
|
-
#
|
|
416
|
-
# @api private
|
|
417
|
-
#
|
|
418
|
-
# @since 2.0.0
|
|
419
|
-
def rnonce
|
|
420
|
-
@rnonce ||= payload_data.match(RNONCE)[1]
|
|
421
|
-
end
|
|
422
|
-
|
|
423
|
-
# Gets the salt from the server response.
|
|
424
|
-
#
|
|
425
|
-
# @api private
|
|
426
|
-
#
|
|
427
|
-
# @since 2.0.0
|
|
428
|
-
def salt
|
|
429
|
-
@salt ||= payload_data.match(SALT)[1]
|
|
35
|
+
OpenSSL::PKCS5.pbkdf2_hmac_sha1(
|
|
36
|
+
data,
|
|
37
|
+
salt,
|
|
38
|
+
iterations,
|
|
39
|
+
digest.size,
|
|
40
|
+
)
|
|
430
41
|
end
|
|
431
42
|
|
|
432
43
|
# Salted password algorithm implementation.
|
|
@@ -437,114 +48,13 @@ module Mongo
|
|
|
437
48
|
#
|
|
438
49
|
# @since 2.0.0
|
|
439
50
|
def salted_password
|
|
440
|
-
@salted_password ||=
|
|
441
|
-
when :scram256
|
|
442
|
-
hi(user.sasl_prepped_password)
|
|
443
|
-
else
|
|
51
|
+
@salted_password ||= CredentialCache.cache(cache_key(:salted_password)) do
|
|
444
52
|
hi(user.hashed_password)
|
|
445
53
|
end
|
|
446
54
|
end
|
|
447
55
|
|
|
448
|
-
# Server key algorithm implementation.
|
|
449
|
-
#
|
|
450
|
-
# @api private
|
|
451
|
-
#
|
|
452
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
453
|
-
#
|
|
454
|
-
# @since 2.0.0
|
|
455
|
-
def server_key
|
|
456
|
-
@server_key ||= hmac(salted_password, SERVER_KEY)
|
|
457
|
-
end
|
|
458
|
-
|
|
459
|
-
# Server signature algorithm implementation.
|
|
460
|
-
#
|
|
461
|
-
# @api private
|
|
462
|
-
#
|
|
463
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
464
|
-
#
|
|
465
|
-
# @since 2.0.0
|
|
466
|
-
def server_signature
|
|
467
|
-
@server_signature ||= Base64.strict_encode64(hmac(server_key, auth_message))
|
|
468
|
-
end
|
|
469
|
-
|
|
470
|
-
# Stored key algorithm implementation.
|
|
471
|
-
#
|
|
472
|
-
# @api private
|
|
473
|
-
#
|
|
474
|
-
# @see http://tools.ietf.org/html/rfc5802#section-3
|
|
475
|
-
#
|
|
476
|
-
# @since 2.0.0
|
|
477
|
-
def stored_key(key)
|
|
478
|
-
h(key)
|
|
479
|
-
end
|
|
480
|
-
|
|
481
|
-
# Get the verifier token from the server response.
|
|
482
|
-
#
|
|
483
|
-
# @api private
|
|
484
|
-
#
|
|
485
|
-
# @since 2.0.0
|
|
486
|
-
def verifier
|
|
487
|
-
@verifier ||= payload_data.match(VERIFIER)[1]
|
|
488
|
-
end
|
|
489
|
-
|
|
490
|
-
# Get the without proof message.
|
|
491
|
-
#
|
|
492
|
-
# @api private
|
|
493
|
-
#
|
|
494
|
-
# @see http://tools.ietf.org/html/rfc5802#section-7
|
|
495
|
-
#
|
|
496
|
-
# @since 2.0.0
|
|
497
|
-
def without_proof
|
|
498
|
-
@without_proof ||= "c=biws,r=#{rnonce}"
|
|
499
|
-
end
|
|
500
|
-
|
|
501
|
-
# XOR operation for two strings.
|
|
502
|
-
#
|
|
503
|
-
# @api private
|
|
504
|
-
#
|
|
505
|
-
# @since 2.0.0
|
|
506
|
-
def xor(first, second)
|
|
507
|
-
first.bytes.zip(second.bytes).map{ |(a,b)| (a ^ b).chr }.join('')
|
|
508
|
-
end
|
|
509
|
-
|
|
510
|
-
def compare_digest(a, b)
|
|
511
|
-
check = a.bytesize ^ b.bytesize
|
|
512
|
-
a.bytes.zip(b.bytes){ |x, y| check |= x ^ y.to_i }
|
|
513
|
-
check == 0
|
|
514
|
-
end
|
|
515
|
-
|
|
516
|
-
def validate_final_message!(reply, server)
|
|
517
|
-
validate!(reply, server)
|
|
518
|
-
unless compare_digest(verifier, server_signature)
|
|
519
|
-
raise Error::InvalidSignature.new(verifier, server_signature)
|
|
520
|
-
end
|
|
521
|
-
end
|
|
522
|
-
|
|
523
|
-
def validate_first_message!(reply, server)
|
|
524
|
-
validate!(reply, server)
|
|
525
|
-
raise Error::InvalidNonce.new(nonce, rnonce) unless rnonce.start_with?(nonce)
|
|
526
|
-
end
|
|
527
|
-
|
|
528
|
-
def validate!(reply, server)
|
|
529
|
-
if reply.documents[0][Operation::Result::OK] != 1
|
|
530
|
-
raise Unauthorized.new(user,
|
|
531
|
-
used_mechanism: full_mechanism,
|
|
532
|
-
message: reply.documents[0]['errmsg'],
|
|
533
|
-
server: server,
|
|
534
|
-
)
|
|
535
|
-
end
|
|
536
|
-
@reply = reply
|
|
537
|
-
end
|
|
538
|
-
|
|
539
|
-
private
|
|
540
|
-
|
|
541
56
|
def digest
|
|
542
|
-
@digest ||=
|
|
543
|
-
when :scram256
|
|
544
|
-
OpenSSL::Digest::SHA256.new.freeze
|
|
545
|
-
else
|
|
546
|
-
OpenSSL::Digest::SHA1.new.freeze
|
|
547
|
-
end
|
|
57
|
+
@digest ||= OpenSSL::Digest::SHA1.new.freeze
|
|
548
58
|
end
|
|
549
59
|
end
|
|
550
60
|
end
|