mongo 2.13.3 → 2.14.0.rc1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/lib/mongo/address/ipv4.rb +1 -1
- data/lib/mongo/address/ipv6.rb +1 -1
- data/lib/mongo/address.rb +1 -1
- data/lib/mongo/bulk_write.rb +17 -0
- data/lib/mongo/caching_cursor.rb +74 -0
- data/lib/mongo/client.rb +47 -8
- data/lib/mongo/cluster/topology/single.rb +1 -1
- data/lib/mongo/cluster.rb +3 -3
- data/lib/mongo/collection/view/aggregation.rb +25 -4
- data/lib/mongo/collection/view/builder/find_command.rb +38 -18
- data/lib/mongo/collection/view/explainable.rb +27 -8
- data/lib/mongo/collection/view/iterable.rb +72 -12
- data/lib/mongo/collection/view/readable.rb +12 -2
- data/lib/mongo/collection/view/writable.rb +15 -1
- data/lib/mongo/collection/view.rb +24 -20
- data/lib/mongo/collection.rb +26 -2
- data/lib/mongo/crypt/encryption_io.rb +6 -6
- data/lib/mongo/cursor.rb +1 -0
- data/lib/mongo/database/view.rb +1 -1
- data/lib/mongo/database.rb +8 -14
- data/lib/mongo/error/invalid_read_concern.rb +28 -0
- data/lib/mongo/error/server_certificate_revoked.rb +22 -0
- data/lib/mongo/error/unsupported_option.rb +14 -12
- data/lib/mongo/error.rb +2 -0
- data/lib/mongo/grid/fs_bucket.rb +37 -37
- data/lib/mongo/lint.rb +2 -1
- data/lib/mongo/logger.rb +3 -3
- data/lib/mongo/operation/aggregate/result.rb +9 -8
- data/lib/mongo/operation/collections_info/command.rb +0 -5
- data/lib/mongo/operation/collections_info/result.rb +3 -16
- data/lib/mongo/operation/delete/bulk_result.rb +2 -0
- data/lib/mongo/operation/delete/result.rb +3 -0
- data/lib/mongo/operation/explain/command.rb +4 -0
- data/lib/mongo/operation/explain/legacy.rb +4 -0
- data/lib/mongo/operation/explain/op_msg.rb +6 -0
- data/lib/mongo/operation/explain/result.rb +3 -0
- data/lib/mongo/operation/find/legacy/result.rb +2 -0
- data/lib/mongo/operation/find/result.rb +3 -0
- data/lib/mongo/operation/get_more/result.rb +3 -0
- data/lib/mongo/operation/indexes/result.rb +5 -0
- data/lib/mongo/operation/insert/bulk_result.rb +5 -0
- data/lib/mongo/operation/insert/result.rb +5 -0
- data/lib/mongo/operation/list_collections/result.rb +5 -0
- data/lib/mongo/operation/map_reduce/result.rb +10 -0
- data/lib/mongo/operation/parallel_scan/command.rb +2 -1
- data/lib/mongo/operation/parallel_scan/result.rb +4 -0
- data/lib/mongo/operation/result.rb +35 -6
- data/lib/mongo/operation/shared/bypass_document_validation.rb +1 -0
- data/lib/mongo/operation/shared/causal_consistency_supported.rb +1 -0
- data/lib/mongo/operation/shared/collections_info_or_list_collections.rb +2 -0
- data/lib/mongo/operation/shared/executable.rb +1 -0
- data/lib/mongo/operation/shared/idable.rb +2 -1
- data/lib/mongo/operation/shared/limited.rb +1 -0
- data/lib/mongo/operation/shared/object_id_generator.rb +1 -0
- data/lib/mongo/operation/shared/read_preference_supported.rb +36 -38
- data/lib/mongo/operation/shared/result/aggregatable.rb +1 -0
- data/lib/mongo/operation/shared/sessions_supported.rb +3 -3
- data/lib/mongo/operation/shared/specifiable.rb +1 -0
- data/lib/mongo/operation/shared/write.rb +1 -0
- data/lib/mongo/operation/shared/write_concern_supported.rb +1 -0
- data/lib/mongo/operation/update/legacy/result.rb +7 -0
- data/lib/mongo/operation/update/result.rb +8 -0
- data/lib/mongo/operation/users_info/result.rb +3 -0
- data/lib/mongo/operation.rb +2 -0
- data/lib/mongo/protocol/msg.rb +2 -2
- data/lib/mongo/protocol/query.rb +11 -11
- data/lib/mongo/query_cache.rb +242 -0
- data/lib/mongo/retryable.rb +8 -1
- data/lib/mongo/server/connection_common.rb +2 -2
- data/lib/mongo/server/connection_pool.rb +3 -0
- data/lib/mongo/server/monitor/connection.rb +3 -3
- data/lib/mongo/server/monitor.rb +1 -1
- data/lib/mongo/server/pending_connection.rb +2 -2
- data/lib/mongo/server/push_monitor.rb +1 -1
- data/lib/mongo/server.rb +5 -1
- data/lib/mongo/server_selector/base.rb +5 -1
- data/lib/mongo/server_selector/secondary_preferred.rb +7 -2
- data/lib/mongo/session.rb +3 -0
- data/lib/mongo/socket/ocsp_cache.rb +97 -0
- data/lib/mongo/socket/ocsp_verifier.rb +368 -0
- data/lib/mongo/socket/ssl.rb +45 -24
- data/lib/mongo/socket.rb +6 -4
- data/lib/mongo/srv/monitor.rb +7 -13
- data/lib/mongo/srv/resolver.rb +14 -10
- data/lib/mongo/timeout.rb +2 -0
- data/lib/mongo/uri/options_mapper.rb +582 -0
- data/lib/mongo/uri/srv_protocol.rb +3 -2
- data/lib/mongo/uri.rb +21 -390
- data/lib/mongo/utils.rb +12 -1
- data/lib/mongo/version.rb +1 -1
- data/lib/mongo.rb +9 -0
- data/spec/NOTES.aws-auth.md +12 -7
- data/spec/README.md +56 -1
- data/spec/integration/bson_symbol_spec.rb +2 -4
- data/spec/integration/bulk_write_spec.rb +48 -0
- data/spec/integration/client_authentication_options_spec.rb +55 -28
- data/spec/integration/connection_pool_populator_spec.rb +3 -1
- data/spec/integration/cursor_reaping_spec.rb +53 -17
- data/spec/integration/ocsp_connectivity_spec.rb +26 -0
- data/spec/integration/ocsp_verifier_cache_spec.rb +188 -0
- data/spec/integration/ocsp_verifier_spec.rb +334 -0
- data/spec/integration/query_cache_spec.rb +1045 -0
- data/spec/integration/query_cache_transactions_spec.rb +179 -0
- data/spec/integration/retryable_writes/retryable_writes_40_and_newer_spec.rb +1 -0
- data/spec/integration/retryable_writes/shared/performs_legacy_retries.rb +2 -0
- data/spec/integration/sdam_error_handling_spec.rb +69 -18
- data/spec/integration/sdam_events_spec.rb +7 -8
- data/spec/integration/server_selection_spec.rb +36 -0
- data/spec/integration/srv_monitoring_spec.rb +38 -3
- data/spec/integration/srv_spec.rb +56 -0
- data/spec/lite_spec_helper.rb +4 -2
- data/spec/mongo/address_spec.rb +1 -1
- data/spec/mongo/caching_cursor_spec.rb +70 -0
- data/spec/mongo/client_construction_spec.rb +54 -1
- data/spec/mongo/client_encryption_spec.rb +10 -16
- data/spec/mongo/client_spec.rb +40 -0
- data/spec/mongo/cluster/topology/single_spec.rb +14 -5
- data/spec/mongo/cluster_spec.rb +3 -0
- data/spec/mongo/collection/view/explainable_spec.rb +87 -4
- data/spec/mongo/collection/view/map_reduce_spec.rb +2 -0
- data/spec/mongo/collection_spec.rb +60 -0
- data/spec/mongo/crypt/auto_decryption_context_spec.rb +1 -1
- data/spec/mongo/crypt/auto_encryption_context_spec.rb +1 -1
- data/spec/mongo/crypt/data_key_context_spec.rb +1 -1
- data/spec/mongo/crypt/explicit_decryption_context_spec.rb +1 -1
- data/spec/mongo/crypt/explicit_encryption_context_spec.rb +1 -1
- data/spec/mongo/database_spec.rb +44 -64
- data/spec/mongo/error/no_server_available_spec.rb +1 -1
- data/spec/mongo/index/view_spec.rb +2 -4
- data/spec/mongo/logger_spec.rb +13 -11
- data/spec/mongo/operation/read_preference_legacy_spec.rb +19 -9
- data/spec/mongo/operation/read_preference_op_msg_spec.rb +3 -3
- data/spec/mongo/query_cache_spec.rb +279 -0
- data/spec/mongo/server/app_metadata_shared.rb +7 -33
- data/spec/mongo/server/connection_pool_spec.rb +7 -3
- data/spec/mongo/server/connection_spec.rb +14 -7
- data/spec/mongo/server_selector/secondary_preferred_spec.rb +6 -6
- data/spec/mongo/socket/ssl_spec.rb +1 -1
- data/spec/mongo/socket_spec.rb +1 -1
- data/spec/mongo/uri/srv_protocol_spec.rb +64 -33
- data/spec/mongo/uri_option_parsing_spec.rb +11 -11
- data/spec/mongo/uri_spec.rb +68 -41
- data/spec/mongo/utils_spec.rb +39 -0
- data/spec/runners/auth.rb +3 -0
- data/spec/runners/connection_string.rb +35 -124
- data/spec/runners/transactions/operation.rb +2 -13
- data/spec/spec_tests/cmap_spec.rb +7 -3
- data/spec/spec_tests/data/change_streams/change-streams-errors.yml +0 -1
- data/spec/spec_tests/data/change_streams/change-streams.yml +0 -1
- data/spec/spec_tests/data/cmap/pool-checkout-connection.yml +6 -2
- data/spec/spec_tests/data/cmap/pool-create-min-size.yml +3 -0
- data/spec/spec_tests/data/connection_string/valid-warnings.yml +24 -0
- data/spec/spec_tests/data/sdam_monitoring/discovered_standalone.yml +1 -3
- data/spec/spec_tests/data/sdam_monitoring/standalone.yml +2 -2
- data/spec/spec_tests/data/sdam_monitoring/standalone_repeated.yml +2 -2
- data/spec/spec_tests/data/sdam_monitoring/standalone_suppress_equal_description_changes.yml +2 -2
- data/spec/spec_tests/data/sdam_monitoring/standalone_to_rs_with_me_mismatch.yml +2 -2
- data/spec/spec_tests/data/uri_options/auth-options.yml +25 -0
- data/spec/spec_tests/data/uri_options/compression-options.yml +6 -3
- data/spec/spec_tests/data/uri_options/read-preference-options.yml +24 -0
- data/spec/spec_tests/data/uri_options/ruby-connection-options.yml +1 -0
- data/spec/spec_tests/data/uri_options/tls-options.yml +160 -4
- data/spec/spec_tests/dns_seedlist_discovery_spec.rb +9 -1
- data/spec/spec_tests/uri_options_spec.rb +31 -33
- data/spec/support/certificates/atlas-ocsp-ca.crt +28 -0
- data/spec/support/certificates/atlas-ocsp.crt +41 -0
- data/spec/support/client_registry.rb +4 -8
- data/spec/support/client_registry_macros.rb +4 -4
- data/spec/support/common_shortcuts.rb +45 -0
- data/spec/support/constraints.rb +23 -0
- data/spec/support/lite_constraints.rb +24 -0
- data/spec/support/matchers.rb +16 -0
- data/spec/support/ocsp +1 -0
- data/spec/support/session_registry.rb +52 -0
- data/spec/support/spec_config.rb +22 -12
- data/spec/support/spec_setup.rb +38 -48
- data/spec/support/utils.rb +19 -1
- data.tar.gz.sig +1 -3
- metadata +938 -933
- metadata.gz.sig +0 -0
- data/spec/integration/secondary_reads_spec.rb +0 -102
- data/spec/shared/LICENSE +0 -20
- data/spec/shared/bin/get-mongodb-download-url +0 -17
- data/spec/shared/lib/mrss/child_process_helper.rb +0 -80
- data/spec/shared/lib/mrss/cluster_config.rb +0 -221
- data/spec/shared/lib/mrss/constraints.rb +0 -346
- data/spec/shared/lib/mrss/docker_runner.rb +0 -265
- data/spec/shared/lib/mrss/lite_constraints.rb +0 -191
- data/spec/shared/lib/mrss/server_version_registry.rb +0 -115
- data/spec/shared/lib/mrss/spec_organizer.rb +0 -152
- data/spec/shared/lib/mrss/utils.rb +0 -15
- data/spec/shared/share/Dockerfile.erb +0 -231
- data/spec/shared/shlib/distro.sh +0 -73
- data/spec/shared/shlib/server.sh +0 -290
- data/spec/shared/shlib/set_env.sh +0 -128
data/lib/mongo/socket/ssl.rb
CHANGED
@@ -15,15 +15,15 @@
|
|
15
15
|
module Mongo
|
16
16
|
class Socket
|
17
17
|
|
18
|
-
# Wrapper for
|
18
|
+
# Wrapper for TLS sockets.
|
19
19
|
#
|
20
20
|
# @since 2.0.0
|
21
21
|
class SSL < Socket
|
22
22
|
include OpenSSL
|
23
23
|
|
24
|
-
# Initializes a new
|
24
|
+
# Initializes a new TLS socket.
|
25
25
|
#
|
26
|
-
# @example Create the
|
26
|
+
# @example Create the TLS socket.
|
27
27
|
# SSL.new('::1', 27017, 30)
|
28
28
|
#
|
29
29
|
# @param [ String ] host The hostname or IP address.
|
@@ -113,7 +113,7 @@ module Mongo
|
|
113
113
|
end
|
114
114
|
end
|
115
115
|
|
116
|
-
# @return [ SSLContext ] context The
|
116
|
+
# @return [ SSLContext ] context The TLS context.
|
117
117
|
attr_reader :context
|
118
118
|
|
119
119
|
# @return [ String ] host The host to connect to.
|
@@ -149,6 +149,7 @@ module Mongo
|
|
149
149
|
@socket.connect
|
150
150
|
end
|
151
151
|
verify_certificate!(@socket)
|
152
|
+
verify_ocsp_endpoint!(@socket)
|
152
153
|
rescue
|
153
154
|
@socket.close
|
154
155
|
@socket = nil
|
@@ -177,29 +178,36 @@ module Mongo
|
|
177
178
|
private
|
178
179
|
|
179
180
|
def verify_certificate?
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
end
|
181
|
+
# If ssl_verify_certificate is not present, disable only if
|
182
|
+
# ssl_verify is explicitly set to false.
|
183
|
+
if options[:ssl_verify_certificate].nil?
|
184
|
+
options[:ssl_verify] != false
|
185
|
+
# If ssl_verify_certificate is present, enable or disable based on its value.
|
186
|
+
else
|
187
|
+
!!options[:ssl_verify_certificate]
|
188
|
+
end
|
189
189
|
end
|
190
190
|
|
191
191
|
def verify_hostname?
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
end
|
192
|
+
# If ssl_verify_hostname is not present, disable only if ssl_verify is
|
193
|
+
# explicitly set to false.
|
194
|
+
if options[:ssl_verify_hostname].nil?
|
195
|
+
options[:ssl_verify] != false
|
196
|
+
# If ssl_verify_hostname is present, enable or disable based on its value.
|
197
|
+
else
|
198
|
+
!!options[:ssl_verify_hostname]
|
199
|
+
end
|
201
200
|
end
|
202
201
|
|
202
|
+
def verify_ocsp_endpoint?
|
203
|
+
if !options[:ssl_verify_ocsp_endpoint].nil?
|
204
|
+
options[:ssl_verify_ocsp_endpoint] != false
|
205
|
+
elsif !options[:ssl_verify_certificate].nil?
|
206
|
+
options[:ssl_verify_certificate] != false
|
207
|
+
else
|
208
|
+
options[:ssl_verify] != false
|
209
|
+
end
|
210
|
+
end
|
203
211
|
|
204
212
|
def create_context(options)
|
205
213
|
OpenSSL::SSL::SSLContext.new.tap do |context|
|
@@ -344,13 +352,26 @@ module Mongo
|
|
344
352
|
def verify_certificate!(socket)
|
345
353
|
if verify_hostname?
|
346
354
|
unless OpenSSL::SSL.verify_certificate_identity(socket.peer_cert, host_name)
|
347
|
-
raise Error::SocketError, '
|
355
|
+
raise Error::SocketError, 'TLS handshake failed due to a hostname mismatch.'
|
348
356
|
end
|
349
357
|
end
|
350
358
|
end
|
351
359
|
|
360
|
+
def verify_ocsp_endpoint!(socket)
|
361
|
+
unless verify_ocsp_endpoint?
|
362
|
+
return
|
363
|
+
end
|
364
|
+
|
365
|
+
cert = socket.peer_cert
|
366
|
+
ca_cert = socket.peer_cert_chain.last
|
367
|
+
|
368
|
+
verifier = OcspVerifier.new(@host_name, cert, ca_cert, context.cert_store,
|
369
|
+
**Utils.shallow_symbolize_keys(options))
|
370
|
+
verifier.verify_with_cache
|
371
|
+
end
|
372
|
+
|
352
373
|
def read_buffer_size
|
353
|
-
# Buffer size for
|
374
|
+
# Buffer size for TLS reads.
|
354
375
|
# Capped at 16k due to https://linux.die.net/man/3/ssl_read
|
355
376
|
16384
|
356
377
|
end
|
data/lib/mongo/socket.rb
CHANGED
@@ -15,6 +15,8 @@
|
|
15
15
|
require 'mongo/socket/ssl'
|
16
16
|
require 'mongo/socket/tcp'
|
17
17
|
require 'mongo/socket/unix'
|
18
|
+
require 'mongo/socket/ocsp_verifier'
|
19
|
+
require 'mongo/socket/ocsp_cache'
|
18
20
|
|
19
21
|
module Mongo
|
20
22
|
|
@@ -25,10 +27,10 @@ module Mongo
|
|
25
27
|
class Socket
|
26
28
|
include ::Socket::Constants
|
27
29
|
|
28
|
-
# Error message for
|
30
|
+
# Error message for TLS related exceptions.
|
29
31
|
#
|
30
32
|
# @since 2.0.0
|
31
|
-
SSL_ERROR = 'MongoDB may not be configured with
|
33
|
+
SSL_ERROR = 'MongoDB may not be configured with TLS support'.freeze
|
32
34
|
|
33
35
|
# Error message for timeouts on socket calls.
|
34
36
|
#
|
@@ -129,7 +131,7 @@ module Mongo
|
|
129
131
|
sock_arr = [ @socket ]
|
130
132
|
if Kernel::select(sock_arr, nil, sock_arr, 0)
|
131
133
|
# The eof? call is supposed to return immediately since select
|
132
|
-
# indicated the socket is readable. However, if @socket is
|
134
|
+
# indicated the socket is readable. However, if @socket is a TLS
|
133
135
|
# socket, eof? can block anyway - see RUBY-2140.
|
134
136
|
begin
|
135
137
|
Timeout.timeout(0.1) do
|
@@ -342,7 +344,7 @@ module Mongo
|
|
342
344
|
end
|
343
345
|
|
344
346
|
def read_buffer_size
|
345
|
-
# Buffer size for non-
|
347
|
+
# Buffer size for non-TLS reads
|
346
348
|
# 64kb
|
347
349
|
65536
|
348
350
|
end
|
data/lib/mongo/srv/monitor.rb
CHANGED
@@ -34,24 +34,18 @@ module Mongo
|
|
34
34
|
# Creates the SRV monitor.
|
35
35
|
#
|
36
36
|
# @param [ Cluster ] cluster The cluster.
|
37
|
-
# @param [ Hash ] options The cluster options.
|
38
37
|
#
|
39
|
-
# @option
|
40
|
-
# @option
|
41
|
-
# @option
|
38
|
+
# @option opts [ Float ] :timeout The timeout to use for DNS lookups.
|
39
|
+
# @option opts [ URI::SRVProtocol ] :srv_uri The SRV URI to monitor.
|
40
|
+
# @option opts [ Hash ] :resolv_options For internal driver use only.
|
42
41
|
# Options to pass through to Resolv::DNS constructor for SRV lookups.
|
43
|
-
def initialize(cluster,
|
44
|
-
options = if options
|
45
|
-
options.dup
|
46
|
-
else
|
47
|
-
{}
|
48
|
-
end
|
42
|
+
def initialize(cluster, **opts)
|
49
43
|
@cluster = cluster
|
50
|
-
@
|
51
|
-
unless @srv_uri = options.delete(:srv_uri)
|
44
|
+
unless @srv_uri = opts.delete(:srv_uri)
|
52
45
|
raise ArgumentError, 'SRV URI is required'
|
53
46
|
end
|
54
|
-
@options =
|
47
|
+
@options = opts.freeze
|
48
|
+
@resolver = Srv::Resolver.new(**opts)
|
55
49
|
@last_result = @srv_uri.srv_result
|
56
50
|
@stop_semaphore = Semaphore.new
|
57
51
|
end
|
data/lib/mongo/srv/resolver.rb
CHANGED
@@ -28,20 +28,24 @@ module Mongo
|
|
28
28
|
|
29
29
|
# Creates a new Resolver.
|
30
30
|
#
|
31
|
-
# @
|
32
|
-
#
|
33
|
-
# @option
|
31
|
+
# @option opts [ Float ] :timeout The timeout, in seconds, to use for
|
32
|
+
# each DNS record resolution.
|
33
|
+
# @option opts [ Boolean ] :raise_on_invalid Whether or not to raise
|
34
34
|
# an exception if either a record with a mismatched domain is found
|
35
35
|
# or if no records are found. Defaults to true.
|
36
|
-
# @option
|
36
|
+
# @option opts [ Hash ] :resolv_options For internal driver use only.
|
37
37
|
# Options to pass through to Resolv::DNS constructor for SRV lookups.
|
38
|
-
def initialize(
|
39
|
-
@options =
|
40
|
-
options.dup
|
41
|
-
else
|
42
|
-
{}
|
43
|
-
end.freeze
|
38
|
+
def initialize(**opts)
|
39
|
+
@options = opts.freeze
|
44
40
|
@resolver = Resolv::DNS.new(@options[:resolv_options])
|
41
|
+
@resolver.timeouts = timeout
|
42
|
+
end
|
43
|
+
|
44
|
+
# @return [ Hash ] Resolver options.
|
45
|
+
attr_reader :options
|
46
|
+
|
47
|
+
def timeout
|
48
|
+
options[:timeout] || Monitor::DEFAULT_TIMEOUT
|
45
49
|
end
|
46
50
|
|
47
51
|
# Obtains all of the SRV records for a given hostname.
|