mongo 2.13.3 → 2.14.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (197) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/lib/mongo/address/ipv4.rb +1 -1
  4. data/lib/mongo/address/ipv6.rb +1 -1
  5. data/lib/mongo/address.rb +1 -1
  6. data/lib/mongo/bulk_write.rb +17 -0
  7. data/lib/mongo/caching_cursor.rb +74 -0
  8. data/lib/mongo/client.rb +47 -8
  9. data/lib/mongo/cluster/topology/single.rb +1 -1
  10. data/lib/mongo/cluster.rb +3 -3
  11. data/lib/mongo/collection/view/aggregation.rb +25 -4
  12. data/lib/mongo/collection/view/builder/find_command.rb +38 -18
  13. data/lib/mongo/collection/view/explainable.rb +27 -8
  14. data/lib/mongo/collection/view/iterable.rb +72 -12
  15. data/lib/mongo/collection/view/readable.rb +12 -2
  16. data/lib/mongo/collection/view/writable.rb +15 -1
  17. data/lib/mongo/collection/view.rb +24 -20
  18. data/lib/mongo/collection.rb +26 -2
  19. data/lib/mongo/crypt/encryption_io.rb +6 -6
  20. data/lib/mongo/cursor.rb +1 -0
  21. data/lib/mongo/database/view.rb +1 -1
  22. data/lib/mongo/database.rb +8 -14
  23. data/lib/mongo/error/invalid_read_concern.rb +28 -0
  24. data/lib/mongo/error/server_certificate_revoked.rb +22 -0
  25. data/lib/mongo/error/unsupported_option.rb +14 -12
  26. data/lib/mongo/error.rb +2 -0
  27. data/lib/mongo/grid/fs_bucket.rb +37 -37
  28. data/lib/mongo/lint.rb +2 -1
  29. data/lib/mongo/logger.rb +3 -3
  30. data/lib/mongo/operation/aggregate/result.rb +9 -8
  31. data/lib/mongo/operation/collections_info/command.rb +0 -5
  32. data/lib/mongo/operation/collections_info/result.rb +3 -16
  33. data/lib/mongo/operation/delete/bulk_result.rb +2 -0
  34. data/lib/mongo/operation/delete/result.rb +3 -0
  35. data/lib/mongo/operation/explain/command.rb +4 -0
  36. data/lib/mongo/operation/explain/legacy.rb +4 -0
  37. data/lib/mongo/operation/explain/op_msg.rb +6 -0
  38. data/lib/mongo/operation/explain/result.rb +3 -0
  39. data/lib/mongo/operation/find/legacy/result.rb +2 -0
  40. data/lib/mongo/operation/find/result.rb +3 -0
  41. data/lib/mongo/operation/get_more/result.rb +3 -0
  42. data/lib/mongo/operation/indexes/result.rb +5 -0
  43. data/lib/mongo/operation/insert/bulk_result.rb +5 -0
  44. data/lib/mongo/operation/insert/result.rb +5 -0
  45. data/lib/mongo/operation/list_collections/result.rb +5 -0
  46. data/lib/mongo/operation/map_reduce/result.rb +10 -0
  47. data/lib/mongo/operation/parallel_scan/command.rb +2 -1
  48. data/lib/mongo/operation/parallel_scan/result.rb +4 -0
  49. data/lib/mongo/operation/result.rb +35 -6
  50. data/lib/mongo/operation/shared/bypass_document_validation.rb +1 -0
  51. data/lib/mongo/operation/shared/causal_consistency_supported.rb +1 -0
  52. data/lib/mongo/operation/shared/collections_info_or_list_collections.rb +2 -0
  53. data/lib/mongo/operation/shared/executable.rb +1 -0
  54. data/lib/mongo/operation/shared/idable.rb +2 -1
  55. data/lib/mongo/operation/shared/limited.rb +1 -0
  56. data/lib/mongo/operation/shared/object_id_generator.rb +1 -0
  57. data/lib/mongo/operation/shared/read_preference_supported.rb +36 -38
  58. data/lib/mongo/operation/shared/result/aggregatable.rb +1 -0
  59. data/lib/mongo/operation/shared/sessions_supported.rb +3 -3
  60. data/lib/mongo/operation/shared/specifiable.rb +1 -0
  61. data/lib/mongo/operation/shared/write.rb +1 -0
  62. data/lib/mongo/operation/shared/write_concern_supported.rb +1 -0
  63. data/lib/mongo/operation/update/legacy/result.rb +7 -0
  64. data/lib/mongo/operation/update/result.rb +8 -0
  65. data/lib/mongo/operation/users_info/result.rb +3 -0
  66. data/lib/mongo/operation.rb +2 -0
  67. data/lib/mongo/protocol/msg.rb +2 -2
  68. data/lib/mongo/protocol/query.rb +11 -11
  69. data/lib/mongo/query_cache.rb +242 -0
  70. data/lib/mongo/retryable.rb +8 -1
  71. data/lib/mongo/server/connection_common.rb +2 -2
  72. data/lib/mongo/server/connection_pool.rb +3 -0
  73. data/lib/mongo/server/monitor/connection.rb +3 -3
  74. data/lib/mongo/server/monitor.rb +1 -1
  75. data/lib/mongo/server/pending_connection.rb +2 -2
  76. data/lib/mongo/server/push_monitor.rb +1 -1
  77. data/lib/mongo/server.rb +5 -1
  78. data/lib/mongo/server_selector/base.rb +5 -1
  79. data/lib/mongo/server_selector/secondary_preferred.rb +7 -2
  80. data/lib/mongo/session.rb +3 -0
  81. data/lib/mongo/socket/ocsp_cache.rb +97 -0
  82. data/lib/mongo/socket/ocsp_verifier.rb +368 -0
  83. data/lib/mongo/socket/ssl.rb +45 -24
  84. data/lib/mongo/socket.rb +6 -4
  85. data/lib/mongo/srv/monitor.rb +7 -13
  86. data/lib/mongo/srv/resolver.rb +14 -10
  87. data/lib/mongo/timeout.rb +2 -0
  88. data/lib/mongo/uri/options_mapper.rb +582 -0
  89. data/lib/mongo/uri/srv_protocol.rb +3 -2
  90. data/lib/mongo/uri.rb +21 -390
  91. data/lib/mongo/utils.rb +12 -1
  92. data/lib/mongo/version.rb +1 -1
  93. data/lib/mongo.rb +9 -0
  94. data/spec/NOTES.aws-auth.md +12 -7
  95. data/spec/README.md +56 -1
  96. data/spec/integration/bson_symbol_spec.rb +2 -4
  97. data/spec/integration/bulk_write_spec.rb +48 -0
  98. data/spec/integration/client_authentication_options_spec.rb +55 -28
  99. data/spec/integration/connection_pool_populator_spec.rb +3 -1
  100. data/spec/integration/cursor_reaping_spec.rb +53 -17
  101. data/spec/integration/ocsp_connectivity_spec.rb +26 -0
  102. data/spec/integration/ocsp_verifier_cache_spec.rb +188 -0
  103. data/spec/integration/ocsp_verifier_spec.rb +334 -0
  104. data/spec/integration/query_cache_spec.rb +1045 -0
  105. data/spec/integration/query_cache_transactions_spec.rb +179 -0
  106. data/spec/integration/retryable_writes/retryable_writes_40_and_newer_spec.rb +1 -0
  107. data/spec/integration/retryable_writes/shared/performs_legacy_retries.rb +2 -0
  108. data/spec/integration/sdam_error_handling_spec.rb +69 -18
  109. data/spec/integration/sdam_events_spec.rb +7 -8
  110. data/spec/integration/server_selection_spec.rb +36 -0
  111. data/spec/integration/srv_monitoring_spec.rb +38 -3
  112. data/spec/integration/srv_spec.rb +56 -0
  113. data/spec/lite_spec_helper.rb +4 -2
  114. data/spec/mongo/address_spec.rb +1 -1
  115. data/spec/mongo/caching_cursor_spec.rb +70 -0
  116. data/spec/mongo/client_construction_spec.rb +54 -1
  117. data/spec/mongo/client_encryption_spec.rb +10 -16
  118. data/spec/mongo/client_spec.rb +40 -0
  119. data/spec/mongo/cluster/topology/single_spec.rb +14 -5
  120. data/spec/mongo/cluster_spec.rb +3 -0
  121. data/spec/mongo/collection/view/explainable_spec.rb +87 -4
  122. data/spec/mongo/collection/view/map_reduce_spec.rb +2 -0
  123. data/spec/mongo/collection_spec.rb +60 -0
  124. data/spec/mongo/crypt/auto_decryption_context_spec.rb +1 -1
  125. data/spec/mongo/crypt/auto_encryption_context_spec.rb +1 -1
  126. data/spec/mongo/crypt/data_key_context_spec.rb +1 -1
  127. data/spec/mongo/crypt/explicit_decryption_context_spec.rb +1 -1
  128. data/spec/mongo/crypt/explicit_encryption_context_spec.rb +1 -1
  129. data/spec/mongo/database_spec.rb +44 -64
  130. data/spec/mongo/error/no_server_available_spec.rb +1 -1
  131. data/spec/mongo/index/view_spec.rb +2 -4
  132. data/spec/mongo/logger_spec.rb +13 -11
  133. data/spec/mongo/operation/read_preference_legacy_spec.rb +19 -9
  134. data/spec/mongo/operation/read_preference_op_msg_spec.rb +3 -3
  135. data/spec/mongo/query_cache_spec.rb +279 -0
  136. data/spec/mongo/server/app_metadata_shared.rb +7 -33
  137. data/spec/mongo/server/connection_pool_spec.rb +7 -3
  138. data/spec/mongo/server/connection_spec.rb +14 -7
  139. data/spec/mongo/server_selector/secondary_preferred_spec.rb +6 -6
  140. data/spec/mongo/socket/ssl_spec.rb +1 -1
  141. data/spec/mongo/socket_spec.rb +1 -1
  142. data/spec/mongo/uri/srv_protocol_spec.rb +64 -33
  143. data/spec/mongo/uri_option_parsing_spec.rb +11 -11
  144. data/spec/mongo/uri_spec.rb +68 -41
  145. data/spec/mongo/utils_spec.rb +39 -0
  146. data/spec/runners/auth.rb +3 -0
  147. data/spec/runners/connection_string.rb +35 -124
  148. data/spec/runners/transactions/operation.rb +2 -13
  149. data/spec/spec_tests/cmap_spec.rb +7 -3
  150. data/spec/spec_tests/data/change_streams/change-streams-errors.yml +0 -1
  151. data/spec/spec_tests/data/change_streams/change-streams.yml +0 -1
  152. data/spec/spec_tests/data/cmap/pool-checkout-connection.yml +6 -2
  153. data/spec/spec_tests/data/cmap/pool-create-min-size.yml +3 -0
  154. data/spec/spec_tests/data/connection_string/valid-warnings.yml +24 -0
  155. data/spec/spec_tests/data/sdam_monitoring/discovered_standalone.yml +1 -3
  156. data/spec/spec_tests/data/sdam_monitoring/standalone.yml +2 -2
  157. data/spec/spec_tests/data/sdam_monitoring/standalone_repeated.yml +2 -2
  158. data/spec/spec_tests/data/sdam_monitoring/standalone_suppress_equal_description_changes.yml +2 -2
  159. data/spec/spec_tests/data/sdam_monitoring/standalone_to_rs_with_me_mismatch.yml +2 -2
  160. data/spec/spec_tests/data/uri_options/auth-options.yml +25 -0
  161. data/spec/spec_tests/data/uri_options/compression-options.yml +6 -3
  162. data/spec/spec_tests/data/uri_options/read-preference-options.yml +24 -0
  163. data/spec/spec_tests/data/uri_options/ruby-connection-options.yml +1 -0
  164. data/spec/spec_tests/data/uri_options/tls-options.yml +160 -4
  165. data/spec/spec_tests/dns_seedlist_discovery_spec.rb +9 -1
  166. data/spec/spec_tests/uri_options_spec.rb +31 -33
  167. data/spec/support/certificates/atlas-ocsp-ca.crt +28 -0
  168. data/spec/support/certificates/atlas-ocsp.crt +41 -0
  169. data/spec/support/client_registry.rb +4 -8
  170. data/spec/support/client_registry_macros.rb +4 -4
  171. data/spec/support/common_shortcuts.rb +45 -0
  172. data/spec/support/constraints.rb +23 -0
  173. data/spec/support/lite_constraints.rb +24 -0
  174. data/spec/support/matchers.rb +16 -0
  175. data/spec/support/ocsp +1 -0
  176. data/spec/support/session_registry.rb +52 -0
  177. data/spec/support/spec_config.rb +22 -12
  178. data/spec/support/spec_setup.rb +38 -48
  179. data/spec/support/utils.rb +19 -1
  180. data.tar.gz.sig +1 -3
  181. metadata +938 -933
  182. metadata.gz.sig +0 -0
  183. data/spec/integration/secondary_reads_spec.rb +0 -102
  184. data/spec/shared/LICENSE +0 -20
  185. data/spec/shared/bin/get-mongodb-download-url +0 -17
  186. data/spec/shared/lib/mrss/child_process_helper.rb +0 -80
  187. data/spec/shared/lib/mrss/cluster_config.rb +0 -221
  188. data/spec/shared/lib/mrss/constraints.rb +0 -346
  189. data/spec/shared/lib/mrss/docker_runner.rb +0 -265
  190. data/spec/shared/lib/mrss/lite_constraints.rb +0 -191
  191. data/spec/shared/lib/mrss/server_version_registry.rb +0 -115
  192. data/spec/shared/lib/mrss/spec_organizer.rb +0 -152
  193. data/spec/shared/lib/mrss/utils.rb +0 -15
  194. data/spec/shared/share/Dockerfile.erb +0 -231
  195. data/spec/shared/shlib/distro.sh +0 -73
  196. data/spec/shared/shlib/server.sh +0 -290
  197. data/spec/shared/shlib/set_env.sh +0 -128
@@ -0,0 +1,334 @@
1
+ require 'lite_spec_helper'
2
+ require 'webrick'
3
+
4
+ describe Mongo::Socket::OcspVerifier do
5
+ require_ocsp_verifier
6
+
7
+ shared_examples 'verifies' do
8
+ context 'mri' do
9
+ fails_on_jruby
10
+
11
+ it 'verifies' do
12
+ verifier.verify.should be true
13
+ end
14
+ end
15
+
16
+ context 'jruby' do
17
+ require_jruby
18
+
19
+ # JRuby does not return OCSP endpoints, therefore we never perform
20
+ # any validation.
21
+ # https://github.com/jruby/jruby-openssl/issues/210
22
+ it 'does not verify' do
23
+ verifier.verify.should be false
24
+ end
25
+ end
26
+ end
27
+
28
+ shared_examples 'fails verification' do
29
+ context 'mri' do
30
+ fails_on_jruby
31
+
32
+ it 'raises an exception' do
33
+ lambda do
34
+ verifier.verify
35
+ # Redirect tests receive responses from port 8101,
36
+ # tests without redirects receive responses from port 8100.
37
+ end.should raise_error(Mongo::Error::ServerCertificateRevoked, %r,TLS certificate of 'foo' has been revoked according to 'http://localhost:810[01]/status',)
38
+ end
39
+
40
+ it 'does not wait for the timeout' do
41
+ lambda do
42
+ lambda do
43
+ verifier.verify
44
+ end.should raise_error(Mongo::Error::ServerCertificateRevoked)
45
+ end.should take_shorter_than 3
46
+ end
47
+ end
48
+
49
+ context 'jruby' do
50
+ require_jruby
51
+
52
+ # JRuby does not return OCSP endpoints, therefore we never perform
53
+ # any validation.
54
+ # https://github.com/jruby/jruby-openssl/issues/210
55
+ it 'does not verify' do
56
+ verifier.verify.should be false
57
+ end
58
+ end
59
+ end
60
+
61
+ shared_examples 'does not verify' do
62
+ it 'does not verify and does not raise an exception' do
63
+ verifier.verify.should be false
64
+ end
65
+ end
66
+
67
+ shared_context 'basic verifier' do
68
+
69
+ let(:cert) { OpenSSL::X509::Certificate.new(File.read(cert_path)) }
70
+ let(:ca_cert) { OpenSSL::X509::Certificate.new(File.read(ca_cert_path)) }
71
+
72
+ let(:cert_store) do
73
+ OpenSSL::X509::Store.new.tap do |store|
74
+ store.add_cert(ca_cert)
75
+ end
76
+ end
77
+
78
+ let(:verifier) do
79
+ described_class.new('foo', cert, ca_cert, cert_store, timeout: 3)
80
+ end
81
+ end
82
+
83
+ shared_context 'verifier' do |opts|
84
+ algorithm = opts[:algorithm]
85
+
86
+ let(:cert_path) { SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/server.pem") }
87
+ let(:ca_cert_path) { SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem") }
88
+
89
+ include_context 'basic verifier'
90
+ end
91
+
92
+ %w(rsa ecdsa).each do |algorithm|
93
+ context "when using #{algorithm} cert" do
94
+ include_context 'verifier', algorithm: algorithm
95
+
96
+ context 'responder not responding' do
97
+ include_examples 'does not verify'
98
+
99
+ it 'does not wait for the timeout' do
100
+ # Loopback interface should be refusing connections, which will make
101
+ # the operation complete quickly.
102
+ lambda do
103
+ verifier.verify
104
+ end.should take_shorter_than 3
105
+ end
106
+ end
107
+
108
+ %w(ca delegate).each do |responder_cert|
109
+ responder_cert_file_name = {
110
+ 'ca' => 'ca',
111
+ 'delegate' => 'ocsp-responder',
112
+ }.fetch(responder_cert)
113
+
114
+ context "when responder uses #{responder_cert} cert" do
115
+ context 'good response' do
116
+ with_ocsp_mock(
117
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem"),
118
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.crt"),
119
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.key"),
120
+ )
121
+
122
+ include_examples 'verifies'
123
+
124
+ it 'does not wait for the timeout' do
125
+ lambda do
126
+ verifier.verify
127
+ end.should take_shorter_than 3
128
+ end
129
+ end
130
+
131
+ context 'revoked response' do
132
+ with_ocsp_mock(
133
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem"),
134
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.crt"),
135
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.key"),
136
+ fault: 'revoked'
137
+ )
138
+
139
+ include_examples 'fails verification'
140
+ end
141
+
142
+ context 'unknown response' do
143
+ with_ocsp_mock(
144
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem"),
145
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.crt"),
146
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.key"),
147
+ fault: 'unknown',
148
+ )
149
+
150
+ include_examples 'does not verify'
151
+
152
+ it 'does not wait for the timeout' do
153
+ lambda do
154
+ verifier.verify
155
+ end.should take_shorter_than 3
156
+ end
157
+ end
158
+ end
159
+ end
160
+ end
161
+ end
162
+
163
+ context 'when OCSP responder redirects' do
164
+ algorithm = 'rsa'
165
+ responder_cert_file_name = 'ca'
166
+ let(:algorithm) { 'rsa' }
167
+ let(:responder_cert_file_name) { 'ca' }
168
+
169
+ context 'one time' do
170
+
171
+ around do |example|
172
+ server = WEBrick::HTTPServer.new(Port: 8100)
173
+ server.mount_proc '/' do |req, res|
174
+ res.status = 303
175
+ res['locAtion'] = "http://localhost:8101#{req.path}"
176
+ res.body = "See http://localhost:8101#{req.path}"
177
+ end
178
+ Thread.new { server.start }
179
+ begin
180
+ example.run
181
+ ensure
182
+ server.shutdown
183
+ end
184
+ end
185
+
186
+ include_context 'verifier', algorithm: algorithm
187
+
188
+ context 'good response' do
189
+ with_ocsp_mock(
190
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem"),
191
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.crt"),
192
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.key"),
193
+ port: 8101,
194
+ )
195
+
196
+ include_examples 'verifies'
197
+
198
+ it 'does not wait for the timeout' do
199
+ lambda do
200
+ verifier.verify
201
+ end.should take_shorter_than 3
202
+ end
203
+ end
204
+
205
+ context 'revoked response' do
206
+ with_ocsp_mock(
207
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem"),
208
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.crt"),
209
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.key"),
210
+ fault: 'revoked',
211
+ port: 8101,
212
+ )
213
+
214
+ include_examples 'fails verification'
215
+ end
216
+
217
+ context 'unknown response' do
218
+ with_ocsp_mock(
219
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem"),
220
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.crt"),
221
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.key"),
222
+ fault: 'unknown',
223
+ port: 8101,
224
+ )
225
+
226
+ include_examples 'does not verify'
227
+
228
+ it 'does not wait for the timeout' do
229
+ lambda do
230
+ verifier.verify
231
+ end.should take_shorter_than 3
232
+ end
233
+ end
234
+ end
235
+
236
+ context 'infinitely' do
237
+ with_ocsp_mock(
238
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/ca.pem"),
239
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.crt"),
240
+ SpecConfig.instance.ocsp_files_dir.join("#{algorithm}/#{responder_cert_file_name}.key"),
241
+ port: 8101,
242
+ )
243
+
244
+ around do |example|
245
+ server = WEBrick::HTTPServer.new(Port: 8100)
246
+ server.mount_proc '/' do |req, res|
247
+ res.status = 303
248
+ res['locAtion'] = req.path
249
+ res.body = "See #{req.path} indefinitely"
250
+ end
251
+ Thread.new { server.start }
252
+ begin
253
+ example.run
254
+ ensure
255
+ server.shutdown
256
+ end
257
+ end
258
+
259
+ include_context 'verifier', algorithm: algorithm
260
+ include_examples 'does not verify'
261
+ end
262
+ end
263
+
264
+ context 'responder returns unexpected status code' do
265
+
266
+ include_context 'verifier', algorithm: 'rsa'
267
+
268
+ context '40x / 50x' do
269
+ around do |example|
270
+ server = WEBrick::HTTPServer.new(Port: 8100)
271
+ server.mount_proc '/' do |req, res|
272
+ res.status = code
273
+ res.body = "HTTP #{code}"
274
+ end
275
+ Thread.new { server.start }
276
+ begin
277
+ example.run
278
+ ensure
279
+ server.shutdown
280
+ end
281
+ end
282
+
283
+ [400, 404, 500, 503].each do |_code|
284
+ context "code #{_code}" do
285
+ let(:code) { _code }
286
+ include_examples 'does not verify'
287
+ end
288
+ end
289
+ end
290
+
291
+ context '204' do
292
+ around do |example|
293
+ server = WEBrick::HTTPServer.new(Port: 8100)
294
+ server.mount_proc '/' do |req, res|
295
+ res.status = 204
296
+ end
297
+ Thread.new { server.start }
298
+ begin
299
+ example.run
300
+ ensure
301
+ server.shutdown
302
+ end
303
+ end
304
+
305
+ context "code 204" do
306
+ let(:code) { 204 }
307
+ include_examples 'does not verify'
308
+ end
309
+ end
310
+ end
311
+
312
+ context 'responder URI has no path' do
313
+ require_external_connectivity
314
+
315
+ include_context 'basic verifier'
316
+
317
+ let(:cert_path) { File.join(File.dirname(__FILE__), '../support/certificates/atlas-ocsp.crt') }
318
+ let(:ca_cert_path) { File.join(File.dirname(__FILE__), '../support/certificates/atlas-ocsp-ca.crt') }
319
+ let(:cert_store) do
320
+ OpenSSL::X509::Store.new.tap do |store|
321
+ store.set_default_paths
322
+ end
323
+ end
324
+
325
+ before do
326
+ URI.parse(verifier.ocsp_uris.first).path.should == ''
327
+ end
328
+
329
+ it 'verifies' do
330
+ # TODO This test might fail if the certificate expires?
331
+ verifier.verify.should be true
332
+ end
333
+ end
334
+ end