mongo 2.11.4 → 2.12.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d3363520c62689e2f649389acd84f68b46dba99a62d82c174c77414f66e055dd
-  data.tar.gz: 7b1a54bcc8657047ec15b61cdf39588965fc9328d0ac56aa294f7891ef7fb3e2
+  metadata.gz: d246db379228f5a887c2fdc21098808da28bcfba008dd6d3218475c6d00b112e
+  data.tar.gz: 34be39488f7ce9de6746e03db0524d80815c12bcd384a488734572576f491eec
 SHA512:
-  metadata.gz: 546bfab9a6042f6194f87efc8f19fa92ee9828040d1f34a98045e243cce6f056837e4144856a37803f964cf345724ccfdeb6eb2d407f265b4a02e7a14622f0a1
-  data.tar.gz: 9eb09ae2c44b3cee7cd9c082af7702b0acd4b56674a6c17b3959c05f654987b3b34f6d87c8d74d9863f312addc01a8de090899a879847d014fa0e7c9baa217d6
+  metadata.gz: 1998d33cea6ea9d43e473075b737452c5dff52d0fc7af2ef02b50fa7a56e741f26161bb475e89bba1a4fdfadd31c863b337a9c8dd26bfd5d4a21ccf43a741f7d
+  data.tar.gz: 42aa2fc57a621849a814e2fec41a7e982927303caa4199892b970289c38a620995764c76c6848090c1d74d7af56b1b1f9c99ce12f9de44a05b3255bf510b6f3a

data/CONTRIBUTING.md

@@ -23,7 +23,7 @@ Environment
 We recommend using [rbenv](https://github.com/sstephenson/rbenv) to set up
 the Ruby development and testing environments, though other tools like
 [RVM](https://rvm.io/) will also work. The driver currently supports
-MRI 2.3-2.6 and JRuby 9.2.
+MRI 2.3-2.7 and JRuby 9.2.
 
 A MongoDB cluster is required to run the tests. Setup procedures and
 recommendations for various clusters, as well as how to configure the

data/README.md

@@ -18,7 +18,8 @@ Support & Feedback
 For issues, questions or feedback related to the Ruby driver, please look into
 our [support channels](http://www.mongodb.org/about/support). Please
 do not email any of the Ruby developers directly with issues or
-questions - you're more likely to get an answer quickly on the [mongodb-user list](http://groups.google.com/group/mongodb-user) on Google Groups.
+questions - you're more likely to get an answer quickly on the
+[MongoDB Community Forum](https://community.mongodb.com).
 
 
 Bugs & Feature Requests

data/lib/mongo.rb

@@ -49,6 +49,7 @@ require 'mongo/cluster'
 require 'mongo/cursor'
 require 'mongo/collection'
 require 'mongo/database'
+require 'mongo/crypt'
 require 'mongo/client' # Purposely out-of-order so that database is loaded first
 require 'mongo/dbref'
 require 'mongo/grid'
@@ -58,7 +59,9 @@ require 'mongo/server_selector'
 require 'mongo/session'
 require 'mongo/socket'
 require 'mongo/srv'
+require 'mongo/timeout'
 require 'mongo/uri'
 require 'mongo/version'
 require 'mongo/write_concern'
 require 'mongo/lint'
+require 'mongo/client_encryption'

data/lib/mongo/address.rb

@@ -180,31 +180,44 @@ module Mongo
     # @return [ Mongo::Socket::SSL | Mongo::Socket::TCP | Mongo::Socket::Unix ]
     #   The socket.
     #
-    # @raise [ Exception ] If network connection failed.
+    # @raise [ Mongo::Error ] If network connection failed.
     #
     # @since 2.0.0
     def socket(socket_timeout, ssl_options = {}, options = {})
-      if seed.downcase =~ Unix::MATCH
-        specific_address = Unix.new(seed.downcase)
-        return specific_address.socket(socket_timeout, ssl_options, options)
-      end
+      map_exceptions do
+        if seed.downcase =~ Unix::MATCH
+          specific_address = Unix.new(seed.downcase)
+          return specific_address.socket(socket_timeout, ssl_options, options)
+        end
+
+        options = {
+          connect_timeout: Server::CONNECT_TIMEOUT,
+        }.update(options)
 
-      options = {
-        connect_timeout: Server::CONNECT_TIMEOUT,
-      }.update(options)
-
-      family = (host == LOCALHOST) ? ::Socket::AF_INET : ::Socket::AF_UNSPEC
-      error = nil
-      ::Socket.getaddrinfo(host, nil, family, ::Socket::SOCK_STREAM).each do |info|
-        begin
-          specific_address = FAMILY_MAP[info[4]].new(info[3], port, host)
-          socket = specific_address.socket(socket_timeout, ssl_options, options)
-          return socket
-        rescue IOError, SystemCallError, Error::SocketTimeoutError, Error::SocketError => e
-          error = e
+        # When the driver connects to "localhost", it only attempts IPv4
+        # connections. When the driver connects to other hosts, it will
+        # attempt both IPv4 and IPv6 connections.
+        family = (host == LOCALHOST) ? ::Socket::AF_INET : ::Socket::AF_UNSPEC
+        error = nil
+        # Sometimes Socket#getaddrinfo returns the same info more than once
+        # (multiple identical items in the returned array). It does not make
+        # sense to try to connect to the same address more than once, thus
+        # eliminate duplicates here.
+        infos = ::Socket.getaddrinfo(host, nil, family, ::Socket::SOCK_STREAM)
+        results = infos.map do |info|
+          [info[4], info[3]]
+        end.uniq
+        results.each do |family, address_str|
+          begin
+            specific_address = FAMILY_MAP[family].new(address_str, port, host)
+            socket = specific_address.socket(socket_timeout, ssl_options, options)
+            return socket
+          rescue IOError, SystemCallError, Error::SocketTimeoutError, Error::SocketError => e
+            error = e
+          end
         end
+        raise error
       end
-      raise error
     end
 
     # Get the address as a string.
@@ -237,5 +250,17 @@ module Mongo
         else IPv4.parse(address)
       end
     end
+
+    def map_exceptions
+      begin
+        yield
+      rescue Errno::ETIMEDOUT => e
+        raise Error::SocketTimeoutError, "#{e.class}: #{e} (for #{self})"
+      rescue IOError, SystemCallError => e
+        raise Error::SocketError, "#{e.class}: #{e} (for #{self})"
+      rescue OpenSSL::SSL::SSLError => e
+        raise Error::SocketError, "#{e.class}: #{e} (for #{self}) (#{SSL_ERROR})"
+      end
+    end
   end
 end

data/lib/mongo/auth.rb

@@ -12,6 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+require 'mongo/auth/credential_cache'
 require 'mongo/auth/cr'
 require 'mongo/auth/ldap'
 require 'mongo/auth/scram'

data/lib/mongo/auth/credential_cache.rb

@@ -0,0 +1,51 @@
+# Copyright (C) 2019 MongoDB, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+module Mongo
+  module Auth
+
+    # Cache store for computed SCRAM credentials.
+    #
+    # @api private
+    module CredentialCache
+
+      class << self
+        attr_reader :store
+      end
+
+      module_function def get(key)
+        @store ||= {}
+        @store[key]
+      end
+
+      module_function def set(key, value)
+        @store ||= {}
+        @store[key] = value
+      end
+
+      module_function def cache(key)
+        value = get(key)
+        if value.nil?
+          value = yield
+          set(key, value)
+        end
+        value
+      end
+
+      module_function def clear
+        @store = {}
+      end
+    end
+  end
+end

data/lib/mongo/auth/scram/conversation.rb

@@ -36,6 +36,7 @@ module Mongo
         # The client key string.
         #
         # @since 2.0.0
+        # @deprecated
         CLIENT_KEY = 'Client Key'.freeze
 
         # The key for the done field in the responses.
@@ -78,6 +79,7 @@ module Mongo
         # The server key string.
         #
         # @since 2.0.0
+        # @deprecated
         SERVER_KEY = 'Server Key'.freeze
 
         # The server signature verifier in the response.
@@ -113,12 +115,6 @@ module Mongo
         def continue(reply, connection)
           validate_first_message!(reply, connection.server)
 
-          # The salted password needs to be calculated now; otherwise, if the
-          # client key is cached from a previous authentication, the salt in the
-          # reply will no longer be available for when the salted password is
-          # needed to calculate the server key.
-          salted_password
-
           if connection && connection.features.op_msg_enabled?
             selector = CLIENT_CONTINUE_MESSAGE.merge(
               payload: client_final_message,
@@ -234,7 +230,6 @@ module Mongo
 
           @user = user
           @nonce = SecureRandom.base64
-          @client_key = user.send(:client_key)
           @mechanism = mechanism
         end
 
@@ -301,9 +296,9 @@ module Mongo
         #
         # @since 2.0.0
         def client_key
-          @client_key ||= hmac(salted_password, CLIENT_KEY)
-          user.instance_variable_set(:@client_key, @client_key) unless user.send(:client_key)
-          @client_key
+          @client_key ||= CredentialCache.cache(cache_key(:client_key)) do
+            hmac(salted_password, 'Client Key')
+          end
         end
 
         # Client proof algorithm implementation.
@@ -429,6 +424,11 @@ module Mongo
           @salt ||= payload_data.match(SALT)[1]
         end
 
+        # @api private
+        def cache_key(*extra)
+          [user.password, salt, iterations, @mechanism] + extra
+        end
+
         # Salted password algorithm implementation.
         #
         # @api private
@@ -437,11 +437,13 @@ module Mongo
         #
         # @since 2.0.0
         def salted_password
-          @salted_password ||= case @mechanism
-          when :scram256
-            hi(user.sasl_prepped_password)
-          else
-            hi(user.hashed_password)
+          @salted_password ||= CredentialCache.cache(cache_key(:salted_password)) do
+            case @mechanism
+            when :scram256
+              hi(user.sasl_prepped_password)
+            else
+              hi(user.hashed_password)
+            end
           end
         end
 
@@ -453,7 +455,9 @@ module Mongo
         #
         # @since 2.0.0
         def server_key
-          @server_key ||= hmac(salted_password, SERVER_KEY)
+          @server_key ||= CredentialCache.cache(cache_key(:server_key)) do
+            hmac(salted_password, 'Server Key')
+          end
         end
 
         # Server signature algorithm implementation.

data/lib/mongo/auth/user.rb

@@ -155,8 +155,6 @@ module Mongo
       #   If :password and :pwd are both specified, :password takes precedence.
       # @option options [ Symbol ] :auth_mech The authorization mechanism.
       # @option options [ Array<String>, Array<Hash> ] roles The user roles.
-      # @option options [ String ] :client_key The user's client key cached from a previous
-      #   authentication on the same connection.
       #
       # @since 2.0.0
       def initialize(options)
@@ -186,7 +184,6 @@ module Mongo
         end
         @auth_mech_properties = options[:auth_mech_properties] || {}
         @roles = options[:roles] || []
-        @client_key = options[:client_key]
       end
 
       # Get the specification for the user, used in creation.
@@ -207,11 +204,6 @@ module Mongo
 
       private
 
-      # The client key for the user.
-      #
-      # @return [ String ] The client key for the user.
-      attr_reader :client_key
-
       # Generate default auth source based on the URI and options
       #
       # @api private

data/lib/mongo/auth/user/view.rb

@@ -50,7 +50,7 @@ module Mongo
               db_name: database.name,
               session: session,
               write_concern: options[:write_concern] && WriteConcern.get(options[:write_concern]),
-            ).execute(next_primary(nil, session))
+            ).execute(next_primary(nil, session), client: client)
           end
         end
 
@@ -87,7 +87,7 @@ module Mongo
               db_name: database.name,
               session: session,
               write_concern: options[:write_concern] && WriteConcern.get(options[:write_concern]),
-            ).execute(next_primary(nil, session))
+            ).execute(next_primary(nil, session), client: client)
           end
         end
 
@@ -113,7 +113,7 @@ module Mongo
               db_name: database.name,
               session: session,
               write_concern: options[:write_concern] && WriteConcern.get(options[:write_concern]),
-            ).execute(next_primary(nil, session))
+            ).execute(next_primary(nil, session), client: client)
           end
         end
 
@@ -142,7 +142,7 @@ module Mongo
               user_name: name,
               db_name: database.name,
               session: session
-            ).execute(next_primary(nil, session))
+            ).execute(next_primary(nil, session), client: client)
           end
         end
 

data/lib/mongo/background_thread.rb

@@ -122,7 +122,7 @@ module Mongo
             @thread.join
           end
           break
-        rescue Timeout::Error
+        rescue ::Timeout::Error
         end
       end
 

data/lib/mongo/bulk_write.rb

@@ -203,28 +203,28 @@ module Mongo
 
     def delete_one(documents, server, operation_id, session, txn_num)
       spec = base_spec(operation_id, session).merge(:deletes => documents, :txn_num => txn_num)
-      Operation::Delete.new(spec).bulk_execute(server)
+      Operation::Delete.new(spec).bulk_execute(server, client: client)
     end
 
     def delete_many(documents, server, operation_id, session, txn_num)
       spec = base_spec(operation_id, session).merge(:deletes => documents)
-      Operation::Delete.new(spec).bulk_execute(server)
+      Operation::Delete.new(spec).bulk_execute(server, client: client)
     end
 
     def insert_one(documents, server, operation_id, session, txn_num)
       spec = base_spec(operation_id, session).merge(:documents => documents, :txn_num => txn_num)
-      Operation::Insert.new(spec).bulk_execute(server)
+      Operation::Insert.new(spec).bulk_execute(server, client: client)
     end
 
     def update_one(documents, server, operation_id, session, txn_num)
       spec = base_spec(operation_id, session).merge(:updates => documents, :txn_num => txn_num)
-      Operation::Update.new(spec).bulk_execute(server)
+      Operation::Update.new(spec).bulk_execute(server, client: client)
     end
     alias :replace_one :update_one
 
     def update_many(documents, server, operation_id, session, txn_num)
       spec = base_spec(operation_id, session).merge(:updates => documents)
-      Operation::Update.new(spec).bulk_execute(server)
+      Operation::Update.new(spec).bulk_execute(server, client: client)
     end
   end
 end

data/lib/mongo/client.rb

@@ -27,6 +27,7 @@ module Mongo
     #
     # @since 2.1.0
     CRUD_OPTIONS = [
+      :auto_encryption_options,
       :database,
       :read, :read_concern,
       :write, :write_concern,
@@ -53,6 +54,7 @@ module Mongo
       :auth_mech,
       :auth_mech_properties,
       :auth_source,
+      :auto_encryption_options,
       :cleanup,
       :compressors,
       :connect,
@@ -119,6 +121,10 @@ module Mongo
     # @return [ Hash ] options The configuration options.
     attr_reader :options
 
+    # @return [ Mongo::Crypt::AutoEncrypter ] The object that encapsulates
+    #   auto-encryption behavior
+    attr_reader :encrypter
+
     # Delegate command and collections execution to the current database.
     def_delegators :@database, :command, :collections
 
@@ -369,6 +375,44 @@ module Mongo
     #   See Ruby's Zlib module for valid levels.
     # @option options [ Hash ] :resolv_options For internal driver use only.
     #   Options to pass through to Resolv::DNS constructor for SRV lookups.
+    # @option options [ Hash ] :auto_encryption_options Auto-encryption related
+    #   options.
+    #   - :key_vault_client => Client | nil, a client connected to the MongoDB
+    #     instance containing the encryption key vault
+    #   - :key_vault_namespace => String, the namespace of the key vault in the
+    #     format database.collection
+    #   - :kms_providers => Hash, A hash of key management service configuration
+    #     information. Valid hash keys are :local or :aws. There may be more
+    #     than one kms provider specified.
+    #   - :schema_map => Hash | nil, JSONSchema for one or more collections
+    #     specifying which fields should be encrypted.
+    #     - Note: Schemas supplied in the schema_map only apply to configuring
+    #       automatic encryption for client side encryption. Other validation
+    #       rules in the JSON schema will not be enforced by the driver and will
+    #       result in an error.
+    #     - Note: Supplying a schema_map provides more security than relying on
+    #       JSON Schemas obtained from the server. It protects against a
+    #       malicious server advertising a false JSON Schema, which could trick
+    #       the client into sending unencrypted data that should be encrypted.
+    #   - :bypass_auto_encryption => Boolean, when true, disables auto encryption;
+    #     defaults to false.
+    #   - :extra_options => Hash | nil, options related to spawning mongocryptd
+    #     (this part of the API is subject to change).
+    #
+    #   Notes on automatic encryption:
+    #   - Automatic encryption is an enterprise only feature that only applies
+    #     to operations on a collection.
+    #   - Automatic encryption is not supported for operations on a database or
+    #     view.
+    #   - Automatic encryption requires the authenticated user to have the
+    #     listCollections privilege.
+    #   - At worst, automatic encryption may triple the number of connections
+    #     used by the Client at any one time.
+    #   - If automatic encryption fails on an operation, use a MongoClient
+    #     configured with bypass_auto_encryption: true and use
+    #     ClientEncryption.encrypt to manually encrypt values.
+    #   - Enabling Client Side Encryption reduces the maximum write batch size
+    #     and may have a negative performance impact.
     #
     # @since 2.0.0
     def initialize(addresses_or_uri, options = nil)
@@ -425,12 +469,32 @@ module Mongo
         sdam_proc.call(self)
       end
 
-      @cluster = Cluster.new(addresses, @monitoring, cluster_options.merge(srv_uri: srv_uri))
+      @connect_lock = Mutex.new
+      @connect_lock.synchronize do
+        @cluster = Cluster.new(addresses, @monitoring,
+          cluster_options.merge(srv_uri: srv_uri))
+      end
+
+      begin
+        # Unset monitoring, it will be taken out of cluster from now on
+        remove_instance_variable('@monitoring')
 
-      # Unset monitoring, it will be taken out of cluster from now on
-      remove_instance_variable('@monitoring')
+        if @options[:auto_encryption_options]
+          @connect_lock.synchronize do
+            build_encrypter
+          end
+        end
 
-      yield(self) if block_given?
+        yield(self) if block_given?
+      rescue
+        begin
+          @cluster.disconnect!
+        rescue => e
+          log_warn("Eror disconnecting cluster in client constructor's exception handler: #{e.class}: #{e}")
+          # Drop this exception so that the original exception is raised
+        end
+        raise
+      end
     end
 
     # @api private
@@ -616,6 +680,8 @@ module Mongo
     #
     # @api private
     def update_options(new_options)
+      old_options = @options
+
       validate_new_options!(new_options).tap do |opts|
         # Our options are frozen
         options = @options.dup
@@ -625,8 +691,29 @@ module Mongo
         if options[:write_concern] && opts[:write]
           options.delete(:write_concern)
         end
+
         options.update(opts)
         @options = options.freeze
+
+        auto_encryption_options_changed =
+          @options[:auto_encryption_options] != old_options[:auto_encryption_options]
+
+        # If there are new auto_encryption_options, create a new encrypter.
+        # Otherwise, allow the new client to share an encrypter with the
+        # original client.
+        #
+        # If auto_encryption_options are nil, set @encrypter to nil, but do not
+        # close the encrypter because it may still be used by the original client.
+        if @options[:auto_encryption_options] && auto_encryption_options_changed
+          @connect_lock.synchronize do
+            build_encrypter
+          end
+        elsif @options[:auto_encryption_options].nil?
+          @connect_lock.synchronize do
+            @encrypter = nil
+          end
+        end
+
         validate_options!
         validate_authentication_options!
       end
@@ -664,7 +751,18 @@ module Mongo
     #
     # @since 2.1.0
     def close
-      @cluster.disconnect!
+      @connect_lock.synchronize do
+        do_close
+      end
+      true
+    end
+
+    # Close encrypter and clean up auto-encryption resources.
+    #
+    # @return [ true ] Always true.
+    def close_encrypter
+      @encrypter.close if @encrypter
+
       true
     end
 
@@ -679,9 +777,16 @@ module Mongo
     def reconnect
       addresses = cluster.addresses.map(&:to_s)
 
-      @cluster.disconnect! rescue nil
+      @connect_lock.synchronize do
+        do_close rescue nil
+
+        @cluster = Cluster.new(addresses, monitoring, cluster_options)
+
+        if @options[:auto_encryption_options]
+          build_encrypter
+        end
+      end
 
-      @cluster = Cluster.new(addresses, monitoring, cluster_options)
       true
     end
 
@@ -805,6 +910,13 @@ module Mongo
 
     private
 
+    # Create a new encrypter object using the client's auto encryption options
+    def build_encrypter
+      @encrypter = Crypt::AutoEncrypter.new(
+        @options[:auto_encryption_options].merge(client: self)
+      )
+    end
+
     # Generate default client options based on the URI and options
     # passed into the Client constructor.
     def default_options(options)
@@ -822,6 +934,12 @@ module Mongo
       end
     end
 
+    # Implementation for #close, assumes the connect lock is already acquired.
+    def do_close
+      @cluster.disconnect!
+      close_encrypter
+    end
+
     # If options[:session] is set, validates that session and returns it.
     # If deployment supports sessions, creates a new session and returns it.
     # The session is implicit unless options[:implicit] is given.
@@ -911,7 +1029,11 @@ module Mongo
 
       if auth_mech.nil?
         if user && user.empty?
-          raise Mongo::Auth::InvalidConfiguration.new('empty username is not supported for default auth mechanism')
+          raise Mongo::Auth::InvalidConfiguration, 'Empty username is not supported for default auth mechanism'
+        end
+
+        if auth_source == ''
+          raise Mongo::Auth::InvalidConfiguration, 'Auth source cannot be empty for default auth mechanism'
         end
 
         return
@@ -922,23 +1044,30 @@ module Mongo
       end
 
       if user.nil? && auth_mech != :mongodb_x509
-        raise Mongo::Auth::InvalidConfiguration.new("user is required for mechanism #{auth_mech}")
+        raise Mongo::Auth::InvalidConfiguration, "Username is required for auth mechanism #{auth_mech}"
       end
 
       if password.nil? && ![:gssapi, :mongodb_x509].include?(auth_mech)
-        raise Mongo::Auth::InvalidConfiguration.new("password is required for mechanism #{auth_mech}")
+        raise Mongo::Auth::InvalidConfiguration, "Password is required for auth mechanism #{auth_mech}"
       end
 
       if password && auth_mech == :mongodb_x509
-        raise Mongo::Auth::InvalidConfiguration.new('password is not supported for mongodb_x509')
+        raise Mongo::Auth::InvalidConfiguration, 'Password is not supported for :mongodb_x509 auth mechanism'
       end
 
-      if !['$external', nil].include?(auth_source) && [:gssapi, :mongodb_x509].include?(auth_mech)
-        raise Mongo::Auth::InvalidConfiguration.new("#{auth_source} is an invalid auth source for #{auth_mech}; valid options are $external and nil")
+      if [:gssapi, :mongodb_x509].include?(auth_mech)
+        if !['$external', nil].include?(auth_source)
+          raise Mongo::Auth::InvalidConfiguration, "#{auth_source} is an invalid auth source for #{auth_mech}; valid options are $external and nil"
+        end
+      else
+        # Auth source is the database name, and thus cannot be the empty string.
+        if auth_source == ''
+          raise Mongo::Auth::InvalidConfiguration, "Auth source cannot be empty for auth mechanism #{auth_mech}"
+        end
       end
 
       if mech_properties && auth_mech != :gssapi
-        raise Mongo::Auth::InvalidConfiguration.new("mechanism_properties are not supported for #{auth_mech}")
+        raise Mongo::Auth::InvalidConfiguration, ":mechanism_properties are not supported for auth mechanism #{auth_mech}"
       end
     end