mongo 2.13.3 → 2.14.0.rc1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/lib/mongo/address/ipv4.rb +1 -1
- data/lib/mongo/address/ipv6.rb +1 -1
- data/lib/mongo/address.rb +1 -1
- data/lib/mongo/bulk_write.rb +17 -0
- data/lib/mongo/caching_cursor.rb +74 -0
- data/lib/mongo/client.rb +47 -8
- data/lib/mongo/cluster/topology/single.rb +1 -1
- data/lib/mongo/cluster.rb +3 -3
- data/lib/mongo/collection/view/aggregation.rb +25 -4
- data/lib/mongo/collection/view/builder/find_command.rb +38 -18
- data/lib/mongo/collection/view/explainable.rb +27 -8
- data/lib/mongo/collection/view/iterable.rb +72 -12
- data/lib/mongo/collection/view/readable.rb +12 -2
- data/lib/mongo/collection/view/writable.rb +15 -1
- data/lib/mongo/collection/view.rb +24 -20
- data/lib/mongo/collection.rb +26 -2
- data/lib/mongo/crypt/encryption_io.rb +6 -6
- data/lib/mongo/cursor.rb +1 -0
- data/lib/mongo/database/view.rb +1 -1
- data/lib/mongo/database.rb +8 -14
- data/lib/mongo/error/invalid_read_concern.rb +28 -0
- data/lib/mongo/error/server_certificate_revoked.rb +22 -0
- data/lib/mongo/error/unsupported_option.rb +14 -12
- data/lib/mongo/error.rb +2 -0
- data/lib/mongo/grid/fs_bucket.rb +37 -37
- data/lib/mongo/lint.rb +2 -1
- data/lib/mongo/logger.rb +3 -3
- data/lib/mongo/operation/aggregate/result.rb +9 -8
- data/lib/mongo/operation/collections_info/command.rb +0 -5
- data/lib/mongo/operation/collections_info/result.rb +3 -16
- data/lib/mongo/operation/delete/bulk_result.rb +2 -0
- data/lib/mongo/operation/delete/result.rb +3 -0
- data/lib/mongo/operation/explain/command.rb +4 -0
- data/lib/mongo/operation/explain/legacy.rb +4 -0
- data/lib/mongo/operation/explain/op_msg.rb +6 -0
- data/lib/mongo/operation/explain/result.rb +3 -0
- data/lib/mongo/operation/find/legacy/result.rb +2 -0
- data/lib/mongo/operation/find/result.rb +3 -0
- data/lib/mongo/operation/get_more/result.rb +3 -0
- data/lib/mongo/operation/indexes/result.rb +5 -0
- data/lib/mongo/operation/insert/bulk_result.rb +5 -0
- data/lib/mongo/operation/insert/result.rb +5 -0
- data/lib/mongo/operation/list_collections/result.rb +5 -0
- data/lib/mongo/operation/map_reduce/result.rb +10 -0
- data/lib/mongo/operation/parallel_scan/command.rb +2 -1
- data/lib/mongo/operation/parallel_scan/result.rb +4 -0
- data/lib/mongo/operation/result.rb +35 -6
- data/lib/mongo/operation/shared/bypass_document_validation.rb +1 -0
- data/lib/mongo/operation/shared/causal_consistency_supported.rb +1 -0
- data/lib/mongo/operation/shared/collections_info_or_list_collections.rb +2 -0
- data/lib/mongo/operation/shared/executable.rb +1 -0
- data/lib/mongo/operation/shared/idable.rb +2 -1
- data/lib/mongo/operation/shared/limited.rb +1 -0
- data/lib/mongo/operation/shared/object_id_generator.rb +1 -0
- data/lib/mongo/operation/shared/read_preference_supported.rb +36 -38
- data/lib/mongo/operation/shared/result/aggregatable.rb +1 -0
- data/lib/mongo/operation/shared/sessions_supported.rb +3 -3
- data/lib/mongo/operation/shared/specifiable.rb +1 -0
- data/lib/mongo/operation/shared/write.rb +1 -0
- data/lib/mongo/operation/shared/write_concern_supported.rb +1 -0
- data/lib/mongo/operation/update/legacy/result.rb +7 -0
- data/lib/mongo/operation/update/result.rb +8 -0
- data/lib/mongo/operation/users_info/result.rb +3 -0
- data/lib/mongo/operation.rb +2 -0
- data/lib/mongo/protocol/msg.rb +2 -2
- data/lib/mongo/protocol/query.rb +11 -11
- data/lib/mongo/query_cache.rb +242 -0
- data/lib/mongo/retryable.rb +8 -1
- data/lib/mongo/server/connection_common.rb +2 -2
- data/lib/mongo/server/connection_pool.rb +3 -0
- data/lib/mongo/server/monitor/connection.rb +3 -3
- data/lib/mongo/server/monitor.rb +1 -1
- data/lib/mongo/server/pending_connection.rb +2 -2
- data/lib/mongo/server/push_monitor.rb +1 -1
- data/lib/mongo/server.rb +5 -1
- data/lib/mongo/server_selector/base.rb +5 -1
- data/lib/mongo/server_selector/secondary_preferred.rb +7 -2
- data/lib/mongo/session.rb +3 -0
- data/lib/mongo/socket/ocsp_cache.rb +97 -0
- data/lib/mongo/socket/ocsp_verifier.rb +368 -0
- data/lib/mongo/socket/ssl.rb +45 -24
- data/lib/mongo/socket.rb +6 -4
- data/lib/mongo/srv/monitor.rb +7 -13
- data/lib/mongo/srv/resolver.rb +14 -10
- data/lib/mongo/timeout.rb +2 -0
- data/lib/mongo/uri/options_mapper.rb +582 -0
- data/lib/mongo/uri/srv_protocol.rb +3 -2
- data/lib/mongo/uri.rb +21 -390
- data/lib/mongo/utils.rb +12 -1
- data/lib/mongo/version.rb +1 -1
- data/lib/mongo.rb +9 -0
- data/spec/NOTES.aws-auth.md +12 -7
- data/spec/README.md +56 -1
- data/spec/integration/bson_symbol_spec.rb +2 -4
- data/spec/integration/bulk_write_spec.rb +48 -0
- data/spec/integration/client_authentication_options_spec.rb +55 -28
- data/spec/integration/connection_pool_populator_spec.rb +3 -1
- data/spec/integration/cursor_reaping_spec.rb +53 -17
- data/spec/integration/ocsp_connectivity_spec.rb +26 -0
- data/spec/integration/ocsp_verifier_cache_spec.rb +188 -0
- data/spec/integration/ocsp_verifier_spec.rb +334 -0
- data/spec/integration/query_cache_spec.rb +1045 -0
- data/spec/integration/query_cache_transactions_spec.rb +179 -0
- data/spec/integration/retryable_writes/retryable_writes_40_and_newer_spec.rb +1 -0
- data/spec/integration/retryable_writes/shared/performs_legacy_retries.rb +2 -0
- data/spec/integration/sdam_error_handling_spec.rb +69 -18
- data/spec/integration/sdam_events_spec.rb +7 -8
- data/spec/integration/server_selection_spec.rb +36 -0
- data/spec/integration/srv_monitoring_spec.rb +38 -3
- data/spec/integration/srv_spec.rb +56 -0
- data/spec/lite_spec_helper.rb +4 -2
- data/spec/mongo/address_spec.rb +1 -1
- data/spec/mongo/caching_cursor_spec.rb +70 -0
- data/spec/mongo/client_construction_spec.rb +54 -1
- data/spec/mongo/client_encryption_spec.rb +10 -16
- data/spec/mongo/client_spec.rb +40 -0
- data/spec/mongo/cluster/topology/single_spec.rb +14 -5
- data/spec/mongo/cluster_spec.rb +3 -0
- data/spec/mongo/collection/view/explainable_spec.rb +87 -4
- data/spec/mongo/collection/view/map_reduce_spec.rb +2 -0
- data/spec/mongo/collection_spec.rb +60 -0
- data/spec/mongo/crypt/auto_decryption_context_spec.rb +1 -1
- data/spec/mongo/crypt/auto_encryption_context_spec.rb +1 -1
- data/spec/mongo/crypt/data_key_context_spec.rb +1 -1
- data/spec/mongo/crypt/explicit_decryption_context_spec.rb +1 -1
- data/spec/mongo/crypt/explicit_encryption_context_spec.rb +1 -1
- data/spec/mongo/database_spec.rb +44 -64
- data/spec/mongo/error/no_server_available_spec.rb +1 -1
- data/spec/mongo/index/view_spec.rb +2 -4
- data/spec/mongo/logger_spec.rb +13 -11
- data/spec/mongo/operation/read_preference_legacy_spec.rb +19 -9
- data/spec/mongo/operation/read_preference_op_msg_spec.rb +3 -3
- data/spec/mongo/query_cache_spec.rb +279 -0
- data/spec/mongo/server/app_metadata_shared.rb +7 -33
- data/spec/mongo/server/connection_pool_spec.rb +7 -3
- data/spec/mongo/server/connection_spec.rb +14 -7
- data/spec/mongo/server_selector/secondary_preferred_spec.rb +6 -6
- data/spec/mongo/socket/ssl_spec.rb +1 -1
- data/spec/mongo/socket_spec.rb +1 -1
- data/spec/mongo/uri/srv_protocol_spec.rb +64 -33
- data/spec/mongo/uri_option_parsing_spec.rb +11 -11
- data/spec/mongo/uri_spec.rb +68 -41
- data/spec/mongo/utils_spec.rb +39 -0
- data/spec/runners/auth.rb +3 -0
- data/spec/runners/connection_string.rb +35 -124
- data/spec/runners/transactions/operation.rb +2 -13
- data/spec/spec_tests/cmap_spec.rb +7 -3
- data/spec/spec_tests/data/change_streams/change-streams-errors.yml +0 -1
- data/spec/spec_tests/data/change_streams/change-streams.yml +0 -1
- data/spec/spec_tests/data/cmap/pool-checkout-connection.yml +6 -2
- data/spec/spec_tests/data/cmap/pool-create-min-size.yml +3 -0
- data/spec/spec_tests/data/connection_string/valid-warnings.yml +24 -0
- data/spec/spec_tests/data/sdam_monitoring/discovered_standalone.yml +1 -3
- data/spec/spec_tests/data/sdam_monitoring/standalone.yml +2 -2
- data/spec/spec_tests/data/sdam_monitoring/standalone_repeated.yml +2 -2
- data/spec/spec_tests/data/sdam_monitoring/standalone_suppress_equal_description_changes.yml +2 -2
- data/spec/spec_tests/data/sdam_monitoring/standalone_to_rs_with_me_mismatch.yml +2 -2
- data/spec/spec_tests/data/uri_options/auth-options.yml +25 -0
- data/spec/spec_tests/data/uri_options/compression-options.yml +6 -3
- data/spec/spec_tests/data/uri_options/read-preference-options.yml +24 -0
- data/spec/spec_tests/data/uri_options/ruby-connection-options.yml +1 -0
- data/spec/spec_tests/data/uri_options/tls-options.yml +160 -4
- data/spec/spec_tests/dns_seedlist_discovery_spec.rb +9 -1
- data/spec/spec_tests/uri_options_spec.rb +31 -33
- data/spec/support/certificates/atlas-ocsp-ca.crt +28 -0
- data/spec/support/certificates/atlas-ocsp.crt +41 -0
- data/spec/support/client_registry.rb +4 -8
- data/spec/support/client_registry_macros.rb +4 -4
- data/spec/support/common_shortcuts.rb +45 -0
- data/spec/support/constraints.rb +23 -0
- data/spec/support/lite_constraints.rb +24 -0
- data/spec/support/matchers.rb +16 -0
- data/spec/support/ocsp +1 -0
- data/spec/support/session_registry.rb +52 -0
- data/spec/support/spec_config.rb +22 -12
- data/spec/support/spec_setup.rb +38 -48
- data/spec/support/utils.rb +19 -1
- data.tar.gz.sig +1 -3
- metadata +938 -933
- metadata.gz.sig +0 -0
- data/spec/integration/secondary_reads_spec.rb +0 -102
- data/spec/shared/LICENSE +0 -20
- data/spec/shared/bin/get-mongodb-download-url +0 -17
- data/spec/shared/lib/mrss/child_process_helper.rb +0 -80
- data/spec/shared/lib/mrss/cluster_config.rb +0 -221
- data/spec/shared/lib/mrss/constraints.rb +0 -346
- data/spec/shared/lib/mrss/docker_runner.rb +0 -265
- data/spec/shared/lib/mrss/lite_constraints.rb +0 -191
- data/spec/shared/lib/mrss/server_version_registry.rb +0 -115
- data/spec/shared/lib/mrss/spec_organizer.rb +0 -152
- data/spec/shared/lib/mrss/utils.rb +0 -15
- data/spec/shared/share/Dockerfile.erb +0 -231
- data/spec/shared/shlib/distro.sh +0 -73
- data/spec/shared/shlib/server.sh +0 -290
- data/spec/shared/shlib/set_env.sh +0 -128
data/lib/mongo/socket/ssl.rb
CHANGED
@@ -15,15 +15,15 @@
|
|
15
15
|
module Mongo
|
16
16
|
class Socket
|
17
17
|
|
18
|
-
# Wrapper for
|
18
|
+
# Wrapper for TLS sockets.
|
19
19
|
#
|
20
20
|
# @since 2.0.0
|
21
21
|
class SSL < Socket
|
22
22
|
include OpenSSL
|
23
23
|
|
24
|
-
# Initializes a new
|
24
|
+
# Initializes a new TLS socket.
|
25
25
|
#
|
26
|
-
# @example Create the
|
26
|
+
# @example Create the TLS socket.
|
27
27
|
# SSL.new('::1', 27017, 30)
|
28
28
|
#
|
29
29
|
# @param [ String ] host The hostname or IP address.
|
@@ -113,7 +113,7 @@ module Mongo
|
|
113
113
|
end
|
114
114
|
end
|
115
115
|
|
116
|
-
# @return [ SSLContext ] context The
|
116
|
+
# @return [ SSLContext ] context The TLS context.
|
117
117
|
attr_reader :context
|
118
118
|
|
119
119
|
# @return [ String ] host The host to connect to.
|
@@ -149,6 +149,7 @@ module Mongo
|
|
149
149
|
@socket.connect
|
150
150
|
end
|
151
151
|
verify_certificate!(@socket)
|
152
|
+
verify_ocsp_endpoint!(@socket)
|
152
153
|
rescue
|
153
154
|
@socket.close
|
154
155
|
@socket = nil
|
@@ -177,29 +178,36 @@ module Mongo
|
|
177
178
|
private
|
178
179
|
|
179
180
|
def verify_certificate?
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
end
|
181
|
+
# If ssl_verify_certificate is not present, disable only if
|
182
|
+
# ssl_verify is explicitly set to false.
|
183
|
+
if options[:ssl_verify_certificate].nil?
|
184
|
+
options[:ssl_verify] != false
|
185
|
+
# If ssl_verify_certificate is present, enable or disable based on its value.
|
186
|
+
else
|
187
|
+
!!options[:ssl_verify_certificate]
|
188
|
+
end
|
189
189
|
end
|
190
190
|
|
191
191
|
def verify_hostname?
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
end
|
192
|
+
# If ssl_verify_hostname is not present, disable only if ssl_verify is
|
193
|
+
# explicitly set to false.
|
194
|
+
if options[:ssl_verify_hostname].nil?
|
195
|
+
options[:ssl_verify] != false
|
196
|
+
# If ssl_verify_hostname is present, enable or disable based on its value.
|
197
|
+
else
|
198
|
+
!!options[:ssl_verify_hostname]
|
199
|
+
end
|
201
200
|
end
|
202
201
|
|
202
|
+
def verify_ocsp_endpoint?
|
203
|
+
if !options[:ssl_verify_ocsp_endpoint].nil?
|
204
|
+
options[:ssl_verify_ocsp_endpoint] != false
|
205
|
+
elsif !options[:ssl_verify_certificate].nil?
|
206
|
+
options[:ssl_verify_certificate] != false
|
207
|
+
else
|
208
|
+
options[:ssl_verify] != false
|
209
|
+
end
|
210
|
+
end
|
203
211
|
|
204
212
|
def create_context(options)
|
205
213
|
OpenSSL::SSL::SSLContext.new.tap do |context|
|
@@ -344,13 +352,26 @@ module Mongo
|
|
344
352
|
def verify_certificate!(socket)
|
345
353
|
if verify_hostname?
|
346
354
|
unless OpenSSL::SSL.verify_certificate_identity(socket.peer_cert, host_name)
|
347
|
-
raise Error::SocketError, '
|
355
|
+
raise Error::SocketError, 'TLS handshake failed due to a hostname mismatch.'
|
348
356
|
end
|
349
357
|
end
|
350
358
|
end
|
351
359
|
|
360
|
+
def verify_ocsp_endpoint!(socket)
|
361
|
+
unless verify_ocsp_endpoint?
|
362
|
+
return
|
363
|
+
end
|
364
|
+
|
365
|
+
cert = socket.peer_cert
|
366
|
+
ca_cert = socket.peer_cert_chain.last
|
367
|
+
|
368
|
+
verifier = OcspVerifier.new(@host_name, cert, ca_cert, context.cert_store,
|
369
|
+
**Utils.shallow_symbolize_keys(options))
|
370
|
+
verifier.verify_with_cache
|
371
|
+
end
|
372
|
+
|
352
373
|
def read_buffer_size
|
353
|
-
# Buffer size for
|
374
|
+
# Buffer size for TLS reads.
|
354
375
|
# Capped at 16k due to https://linux.die.net/man/3/ssl_read
|
355
376
|
16384
|
356
377
|
end
|
data/lib/mongo/socket.rb
CHANGED
@@ -15,6 +15,8 @@
|
|
15
15
|
require 'mongo/socket/ssl'
|
16
16
|
require 'mongo/socket/tcp'
|
17
17
|
require 'mongo/socket/unix'
|
18
|
+
require 'mongo/socket/ocsp_verifier'
|
19
|
+
require 'mongo/socket/ocsp_cache'
|
18
20
|
|
19
21
|
module Mongo
|
20
22
|
|
@@ -25,10 +27,10 @@ module Mongo
|
|
25
27
|
class Socket
|
26
28
|
include ::Socket::Constants
|
27
29
|
|
28
|
-
# Error message for
|
30
|
+
# Error message for TLS related exceptions.
|
29
31
|
#
|
30
32
|
# @since 2.0.0
|
31
|
-
SSL_ERROR = 'MongoDB may not be configured with
|
33
|
+
SSL_ERROR = 'MongoDB may not be configured with TLS support'.freeze
|
32
34
|
|
33
35
|
# Error message for timeouts on socket calls.
|
34
36
|
#
|
@@ -129,7 +131,7 @@ module Mongo
|
|
129
131
|
sock_arr = [ @socket ]
|
130
132
|
if Kernel::select(sock_arr, nil, sock_arr, 0)
|
131
133
|
# The eof? call is supposed to return immediately since select
|
132
|
-
# indicated the socket is readable. However, if @socket is
|
134
|
+
# indicated the socket is readable. However, if @socket is a TLS
|
133
135
|
# socket, eof? can block anyway - see RUBY-2140.
|
134
136
|
begin
|
135
137
|
Timeout.timeout(0.1) do
|
@@ -342,7 +344,7 @@ module Mongo
|
|
342
344
|
end
|
343
345
|
|
344
346
|
def read_buffer_size
|
345
|
-
# Buffer size for non-
|
347
|
+
# Buffer size for non-TLS reads
|
346
348
|
# 64kb
|
347
349
|
65536
|
348
350
|
end
|
data/lib/mongo/srv/monitor.rb
CHANGED
@@ -34,24 +34,18 @@ module Mongo
|
|
34
34
|
# Creates the SRV monitor.
|
35
35
|
#
|
36
36
|
# @param [ Cluster ] cluster The cluster.
|
37
|
-
# @param [ Hash ] options The cluster options.
|
38
37
|
#
|
39
|
-
# @option
|
40
|
-
# @option
|
41
|
-
# @option
|
38
|
+
# @option opts [ Float ] :timeout The timeout to use for DNS lookups.
|
39
|
+
# @option opts [ URI::SRVProtocol ] :srv_uri The SRV URI to monitor.
|
40
|
+
# @option opts [ Hash ] :resolv_options For internal driver use only.
|
42
41
|
# Options to pass through to Resolv::DNS constructor for SRV lookups.
|
43
|
-
def initialize(cluster,
|
44
|
-
options = if options
|
45
|
-
options.dup
|
46
|
-
else
|
47
|
-
{}
|
48
|
-
end
|
42
|
+
def initialize(cluster, **opts)
|
49
43
|
@cluster = cluster
|
50
|
-
@
|
51
|
-
unless @srv_uri = options.delete(:srv_uri)
|
44
|
+
unless @srv_uri = opts.delete(:srv_uri)
|
52
45
|
raise ArgumentError, 'SRV URI is required'
|
53
46
|
end
|
54
|
-
@options =
|
47
|
+
@options = opts.freeze
|
48
|
+
@resolver = Srv::Resolver.new(**opts)
|
55
49
|
@last_result = @srv_uri.srv_result
|
56
50
|
@stop_semaphore = Semaphore.new
|
57
51
|
end
|
data/lib/mongo/srv/resolver.rb
CHANGED
@@ -28,20 +28,24 @@ module Mongo
|
|
28
28
|
|
29
29
|
# Creates a new Resolver.
|
30
30
|
#
|
31
|
-
# @
|
32
|
-
#
|
33
|
-
# @option
|
31
|
+
# @option opts [ Float ] :timeout The timeout, in seconds, to use for
|
32
|
+
# each DNS record resolution.
|
33
|
+
# @option opts [ Boolean ] :raise_on_invalid Whether or not to raise
|
34
34
|
# an exception if either a record with a mismatched domain is found
|
35
35
|
# or if no records are found. Defaults to true.
|
36
|
-
# @option
|
36
|
+
# @option opts [ Hash ] :resolv_options For internal driver use only.
|
37
37
|
# Options to pass through to Resolv::DNS constructor for SRV lookups.
|
38
|
-
def initialize(
|
39
|
-
@options =
|
40
|
-
options.dup
|
41
|
-
else
|
42
|
-
{}
|
43
|
-
end.freeze
|
38
|
+
def initialize(**opts)
|
39
|
+
@options = opts.freeze
|
44
40
|
@resolver = Resolv::DNS.new(@options[:resolv_options])
|
41
|
+
@resolver.timeouts = timeout
|
42
|
+
end
|
43
|
+
|
44
|
+
# @return [ Hash ] Resolver options.
|
45
|
+
attr_reader :options
|
46
|
+
|
47
|
+
def timeout
|
48
|
+
options[:timeout] || Monitor::DEFAULT_TIMEOUT
|
45
49
|
end
|
46
50
|
|
47
51
|
# Obtains all of the SRV records for a given hostname.
|