mongo 2.13.3 → 2.14.0.rc1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (197) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/lib/mongo/address/ipv4.rb +1 -1
  4. data/lib/mongo/address/ipv6.rb +1 -1
  5. data/lib/mongo/address.rb +1 -1
  6. data/lib/mongo/bulk_write.rb +17 -0
  7. data/lib/mongo/caching_cursor.rb +74 -0
  8. data/lib/mongo/client.rb +47 -8
  9. data/lib/mongo/cluster/topology/single.rb +1 -1
  10. data/lib/mongo/cluster.rb +3 -3
  11. data/lib/mongo/collection/view/aggregation.rb +25 -4
  12. data/lib/mongo/collection/view/builder/find_command.rb +38 -18
  13. data/lib/mongo/collection/view/explainable.rb +27 -8
  14. data/lib/mongo/collection/view/iterable.rb +72 -12
  15. data/lib/mongo/collection/view/readable.rb +12 -2
  16. data/lib/mongo/collection/view/writable.rb +15 -1
  17. data/lib/mongo/collection/view.rb +24 -20
  18. data/lib/mongo/collection.rb +26 -2
  19. data/lib/mongo/crypt/encryption_io.rb +6 -6
  20. data/lib/mongo/cursor.rb +1 -0
  21. data/lib/mongo/database/view.rb +1 -1
  22. data/lib/mongo/database.rb +8 -14
  23. data/lib/mongo/error/invalid_read_concern.rb +28 -0
  24. data/lib/mongo/error/server_certificate_revoked.rb +22 -0
  25. data/lib/mongo/error/unsupported_option.rb +14 -12
  26. data/lib/mongo/error.rb +2 -0
  27. data/lib/mongo/grid/fs_bucket.rb +37 -37
  28. data/lib/mongo/lint.rb +2 -1
  29. data/lib/mongo/logger.rb +3 -3
  30. data/lib/mongo/operation/aggregate/result.rb +9 -8
  31. data/lib/mongo/operation/collections_info/command.rb +0 -5
  32. data/lib/mongo/operation/collections_info/result.rb +3 -16
  33. data/lib/mongo/operation/delete/bulk_result.rb +2 -0
  34. data/lib/mongo/operation/delete/result.rb +3 -0
  35. data/lib/mongo/operation/explain/command.rb +4 -0
  36. data/lib/mongo/operation/explain/legacy.rb +4 -0
  37. data/lib/mongo/operation/explain/op_msg.rb +6 -0
  38. data/lib/mongo/operation/explain/result.rb +3 -0
  39. data/lib/mongo/operation/find/legacy/result.rb +2 -0
  40. data/lib/mongo/operation/find/result.rb +3 -0
  41. data/lib/mongo/operation/get_more/result.rb +3 -0
  42. data/lib/mongo/operation/indexes/result.rb +5 -0
  43. data/lib/mongo/operation/insert/bulk_result.rb +5 -0
  44. data/lib/mongo/operation/insert/result.rb +5 -0
  45. data/lib/mongo/operation/list_collections/result.rb +5 -0
  46. data/lib/mongo/operation/map_reduce/result.rb +10 -0
  47. data/lib/mongo/operation/parallel_scan/command.rb +2 -1
  48. data/lib/mongo/operation/parallel_scan/result.rb +4 -0
  49. data/lib/mongo/operation/result.rb +35 -6
  50. data/lib/mongo/operation/shared/bypass_document_validation.rb +1 -0
  51. data/lib/mongo/operation/shared/causal_consistency_supported.rb +1 -0
  52. data/lib/mongo/operation/shared/collections_info_or_list_collections.rb +2 -0
  53. data/lib/mongo/operation/shared/executable.rb +1 -0
  54. data/lib/mongo/operation/shared/idable.rb +2 -1
  55. data/lib/mongo/operation/shared/limited.rb +1 -0
  56. data/lib/mongo/operation/shared/object_id_generator.rb +1 -0
  57. data/lib/mongo/operation/shared/read_preference_supported.rb +36 -38
  58. data/lib/mongo/operation/shared/result/aggregatable.rb +1 -0
  59. data/lib/mongo/operation/shared/sessions_supported.rb +3 -3
  60. data/lib/mongo/operation/shared/specifiable.rb +1 -0
  61. data/lib/mongo/operation/shared/write.rb +1 -0
  62. data/lib/mongo/operation/shared/write_concern_supported.rb +1 -0
  63. data/lib/mongo/operation/update/legacy/result.rb +7 -0
  64. data/lib/mongo/operation/update/result.rb +8 -0
  65. data/lib/mongo/operation/users_info/result.rb +3 -0
  66. data/lib/mongo/operation.rb +2 -0
  67. data/lib/mongo/protocol/msg.rb +2 -2
  68. data/lib/mongo/protocol/query.rb +11 -11
  69. data/lib/mongo/query_cache.rb +242 -0
  70. data/lib/mongo/retryable.rb +8 -1
  71. data/lib/mongo/server/connection_common.rb +2 -2
  72. data/lib/mongo/server/connection_pool.rb +3 -0
  73. data/lib/mongo/server/monitor/connection.rb +3 -3
  74. data/lib/mongo/server/monitor.rb +1 -1
  75. data/lib/mongo/server/pending_connection.rb +2 -2
  76. data/lib/mongo/server/push_monitor.rb +1 -1
  77. data/lib/mongo/server.rb +5 -1
  78. data/lib/mongo/server_selector/base.rb +5 -1
  79. data/lib/mongo/server_selector/secondary_preferred.rb +7 -2
  80. data/lib/mongo/session.rb +3 -0
  81. data/lib/mongo/socket/ocsp_cache.rb +97 -0
  82. data/lib/mongo/socket/ocsp_verifier.rb +368 -0
  83. data/lib/mongo/socket/ssl.rb +45 -24
  84. data/lib/mongo/socket.rb +6 -4
  85. data/lib/mongo/srv/monitor.rb +7 -13
  86. data/lib/mongo/srv/resolver.rb +14 -10
  87. data/lib/mongo/timeout.rb +2 -0
  88. data/lib/mongo/uri/options_mapper.rb +582 -0
  89. data/lib/mongo/uri/srv_protocol.rb +3 -2
  90. data/lib/mongo/uri.rb +21 -390
  91. data/lib/mongo/utils.rb +12 -1
  92. data/lib/mongo/version.rb +1 -1
  93. data/lib/mongo.rb +9 -0
  94. data/spec/NOTES.aws-auth.md +12 -7
  95. data/spec/README.md +56 -1
  96. data/spec/integration/bson_symbol_spec.rb +2 -4
  97. data/spec/integration/bulk_write_spec.rb +48 -0
  98. data/spec/integration/client_authentication_options_spec.rb +55 -28
  99. data/spec/integration/connection_pool_populator_spec.rb +3 -1
  100. data/spec/integration/cursor_reaping_spec.rb +53 -17
  101. data/spec/integration/ocsp_connectivity_spec.rb +26 -0
  102. data/spec/integration/ocsp_verifier_cache_spec.rb +188 -0
  103. data/spec/integration/ocsp_verifier_spec.rb +334 -0
  104. data/spec/integration/query_cache_spec.rb +1045 -0
  105. data/spec/integration/query_cache_transactions_spec.rb +179 -0
  106. data/spec/integration/retryable_writes/retryable_writes_40_and_newer_spec.rb +1 -0
  107. data/spec/integration/retryable_writes/shared/performs_legacy_retries.rb +2 -0
  108. data/spec/integration/sdam_error_handling_spec.rb +69 -18
  109. data/spec/integration/sdam_events_spec.rb +7 -8
  110. data/spec/integration/server_selection_spec.rb +36 -0
  111. data/spec/integration/srv_monitoring_spec.rb +38 -3
  112. data/spec/integration/srv_spec.rb +56 -0
  113. data/spec/lite_spec_helper.rb +4 -2
  114. data/spec/mongo/address_spec.rb +1 -1
  115. data/spec/mongo/caching_cursor_spec.rb +70 -0
  116. data/spec/mongo/client_construction_spec.rb +54 -1
  117. data/spec/mongo/client_encryption_spec.rb +10 -16
  118. data/spec/mongo/client_spec.rb +40 -0
  119. data/spec/mongo/cluster/topology/single_spec.rb +14 -5
  120. data/spec/mongo/cluster_spec.rb +3 -0
  121. data/spec/mongo/collection/view/explainable_spec.rb +87 -4
  122. data/spec/mongo/collection/view/map_reduce_spec.rb +2 -0
  123. data/spec/mongo/collection_spec.rb +60 -0
  124. data/spec/mongo/crypt/auto_decryption_context_spec.rb +1 -1
  125. data/spec/mongo/crypt/auto_encryption_context_spec.rb +1 -1
  126. data/spec/mongo/crypt/data_key_context_spec.rb +1 -1
  127. data/spec/mongo/crypt/explicit_decryption_context_spec.rb +1 -1
  128. data/spec/mongo/crypt/explicit_encryption_context_spec.rb +1 -1
  129. data/spec/mongo/database_spec.rb +44 -64
  130. data/spec/mongo/error/no_server_available_spec.rb +1 -1
  131. data/spec/mongo/index/view_spec.rb +2 -4
  132. data/spec/mongo/logger_spec.rb +13 -11
  133. data/spec/mongo/operation/read_preference_legacy_spec.rb +19 -9
  134. data/spec/mongo/operation/read_preference_op_msg_spec.rb +3 -3
  135. data/spec/mongo/query_cache_spec.rb +279 -0
  136. data/spec/mongo/server/app_metadata_shared.rb +7 -33
  137. data/spec/mongo/server/connection_pool_spec.rb +7 -3
  138. data/spec/mongo/server/connection_spec.rb +14 -7
  139. data/spec/mongo/server_selector/secondary_preferred_spec.rb +6 -6
  140. data/spec/mongo/socket/ssl_spec.rb +1 -1
  141. data/spec/mongo/socket_spec.rb +1 -1
  142. data/spec/mongo/uri/srv_protocol_spec.rb +64 -33
  143. data/spec/mongo/uri_option_parsing_spec.rb +11 -11
  144. data/spec/mongo/uri_spec.rb +68 -41
  145. data/spec/mongo/utils_spec.rb +39 -0
  146. data/spec/runners/auth.rb +3 -0
  147. data/spec/runners/connection_string.rb +35 -124
  148. data/spec/runners/transactions/operation.rb +2 -13
  149. data/spec/spec_tests/cmap_spec.rb +7 -3
  150. data/spec/spec_tests/data/change_streams/change-streams-errors.yml +0 -1
  151. data/spec/spec_tests/data/change_streams/change-streams.yml +0 -1
  152. data/spec/spec_tests/data/cmap/pool-checkout-connection.yml +6 -2
  153. data/spec/spec_tests/data/cmap/pool-create-min-size.yml +3 -0
  154. data/spec/spec_tests/data/connection_string/valid-warnings.yml +24 -0
  155. data/spec/spec_tests/data/sdam_monitoring/discovered_standalone.yml +1 -3
  156. data/spec/spec_tests/data/sdam_monitoring/standalone.yml +2 -2
  157. data/spec/spec_tests/data/sdam_monitoring/standalone_repeated.yml +2 -2
  158. data/spec/spec_tests/data/sdam_monitoring/standalone_suppress_equal_description_changes.yml +2 -2
  159. data/spec/spec_tests/data/sdam_monitoring/standalone_to_rs_with_me_mismatch.yml +2 -2
  160. data/spec/spec_tests/data/uri_options/auth-options.yml +25 -0
  161. data/spec/spec_tests/data/uri_options/compression-options.yml +6 -3
  162. data/spec/spec_tests/data/uri_options/read-preference-options.yml +24 -0
  163. data/spec/spec_tests/data/uri_options/ruby-connection-options.yml +1 -0
  164. data/spec/spec_tests/data/uri_options/tls-options.yml +160 -4
  165. data/spec/spec_tests/dns_seedlist_discovery_spec.rb +9 -1
  166. data/spec/spec_tests/uri_options_spec.rb +31 -33
  167. data/spec/support/certificates/atlas-ocsp-ca.crt +28 -0
  168. data/spec/support/certificates/atlas-ocsp.crt +41 -0
  169. data/spec/support/client_registry.rb +4 -8
  170. data/spec/support/client_registry_macros.rb +4 -4
  171. data/spec/support/common_shortcuts.rb +45 -0
  172. data/spec/support/constraints.rb +23 -0
  173. data/spec/support/lite_constraints.rb +24 -0
  174. data/spec/support/matchers.rb +16 -0
  175. data/spec/support/ocsp +1 -0
  176. data/spec/support/session_registry.rb +52 -0
  177. data/spec/support/spec_config.rb +22 -12
  178. data/spec/support/spec_setup.rb +38 -48
  179. data/spec/support/utils.rb +19 -1
  180. data.tar.gz.sig +1 -3
  181. metadata +938 -933
  182. metadata.gz.sig +0 -0
  183. data/spec/integration/secondary_reads_spec.rb +0 -102
  184. data/spec/shared/LICENSE +0 -20
  185. data/spec/shared/bin/get-mongodb-download-url +0 -17
  186. data/spec/shared/lib/mrss/child_process_helper.rb +0 -80
  187. data/spec/shared/lib/mrss/cluster_config.rb +0 -221
  188. data/spec/shared/lib/mrss/constraints.rb +0 -346
  189. data/spec/shared/lib/mrss/docker_runner.rb +0 -265
  190. data/spec/shared/lib/mrss/lite_constraints.rb +0 -191
  191. data/spec/shared/lib/mrss/server_version_registry.rb +0 -115
  192. data/spec/shared/lib/mrss/spec_organizer.rb +0 -152
  193. data/spec/shared/lib/mrss/utils.rb +0 -15
  194. data/spec/shared/share/Dockerfile.erb +0 -231
  195. data/spec/shared/shlib/distro.sh +0 -73
  196. data/spec/shared/shlib/server.sh +0 -290
  197. data/spec/shared/shlib/set_env.sh +0 -128
@@ -15,15 +15,15 @@
15
15
  module Mongo
16
16
  class Socket
17
17
 
18
- # Wrapper for SSL sockets.
18
+ # Wrapper for TLS sockets.
19
19
  #
20
20
  # @since 2.0.0
21
21
  class SSL < Socket
22
22
  include OpenSSL
23
23
 
24
- # Initializes a new SSL socket.
24
+ # Initializes a new TLS socket.
25
25
  #
26
- # @example Create the SSL socket.
26
+ # @example Create the TLS socket.
27
27
  # SSL.new('::1', 27017, 30)
28
28
  #
29
29
  # @param [ String ] host The hostname or IP address.
@@ -113,7 +113,7 @@ module Mongo
113
113
  end
114
114
  end
115
115
 
116
- # @return [ SSLContext ] context The ssl context.
116
+ # @return [ SSLContext ] context The TLS context.
117
117
  attr_reader :context
118
118
 
119
119
  # @return [ String ] host The host to connect to.
@@ -149,6 +149,7 @@ module Mongo
149
149
  @socket.connect
150
150
  end
151
151
  verify_certificate!(@socket)
152
+ verify_ocsp_endpoint!(@socket)
152
153
  rescue
153
154
  @socket.close
154
155
  @socket = nil
@@ -177,29 +178,36 @@ module Mongo
177
178
  private
178
179
 
179
180
  def verify_certificate?
180
- @verify_certificate ||=
181
- # If ssl_verify_certificate is not present, disable only if ssl_verify is
182
- # explicitly set to false.
183
- if options[:ssl_verify_certificate].nil?
184
- options[:ssl_verify] != false
185
- # If ssl_verify_certificate is present, enable or disable based on its value.
186
- else
187
- !!options[:ssl_verify_certificate]
188
- end
181
+ # If ssl_verify_certificate is not present, disable only if
182
+ # ssl_verify is explicitly set to false.
183
+ if options[:ssl_verify_certificate].nil?
184
+ options[:ssl_verify] != false
185
+ # If ssl_verify_certificate is present, enable or disable based on its value.
186
+ else
187
+ !!options[:ssl_verify_certificate]
188
+ end
189
189
  end
190
190
 
191
191
  def verify_hostname?
192
- @verify_hostname ||=
193
- # If ssl_verify_hostname is not present, disable only if ssl_verify is
194
- # explicitly set to false.
195
- if options[:ssl_verify_hostname].nil?
196
- options[:ssl_verify] != false
197
- # If ssl_verify_hostname is present, enable or disable based on its value.
198
- else
199
- !!options[:ssl_verify_hostname]
200
- end
192
+ # If ssl_verify_hostname is not present, disable only if ssl_verify is
193
+ # explicitly set to false.
194
+ if options[:ssl_verify_hostname].nil?
195
+ options[:ssl_verify] != false
196
+ # If ssl_verify_hostname is present, enable or disable based on its value.
197
+ else
198
+ !!options[:ssl_verify_hostname]
199
+ end
201
200
  end
202
201
 
202
+ def verify_ocsp_endpoint?
203
+ if !options[:ssl_verify_ocsp_endpoint].nil?
204
+ options[:ssl_verify_ocsp_endpoint] != false
205
+ elsif !options[:ssl_verify_certificate].nil?
206
+ options[:ssl_verify_certificate] != false
207
+ else
208
+ options[:ssl_verify] != false
209
+ end
210
+ end
203
211
 
204
212
  def create_context(options)
205
213
  OpenSSL::SSL::SSLContext.new.tap do |context|
@@ -344,13 +352,26 @@ module Mongo
344
352
  def verify_certificate!(socket)
345
353
  if verify_hostname?
346
354
  unless OpenSSL::SSL.verify_certificate_identity(socket.peer_cert, host_name)
347
- raise Error::SocketError, 'SSL handshake failed due to a hostname mismatch.'
355
+ raise Error::SocketError, 'TLS handshake failed due to a hostname mismatch.'
348
356
  end
349
357
  end
350
358
  end
351
359
 
360
+ def verify_ocsp_endpoint!(socket)
361
+ unless verify_ocsp_endpoint?
362
+ return
363
+ end
364
+
365
+ cert = socket.peer_cert
366
+ ca_cert = socket.peer_cert_chain.last
367
+
368
+ verifier = OcspVerifier.new(@host_name, cert, ca_cert, context.cert_store,
369
+ **Utils.shallow_symbolize_keys(options))
370
+ verifier.verify_with_cache
371
+ end
372
+
352
373
  def read_buffer_size
353
- # Buffer size for SSL reads.
374
+ # Buffer size for TLS reads.
354
375
  # Capped at 16k due to https://linux.die.net/man/3/ssl_read
355
376
  16384
356
377
  end
data/lib/mongo/socket.rb CHANGED
@@ -15,6 +15,8 @@
15
15
  require 'mongo/socket/ssl'
16
16
  require 'mongo/socket/tcp'
17
17
  require 'mongo/socket/unix'
18
+ require 'mongo/socket/ocsp_verifier'
19
+ require 'mongo/socket/ocsp_cache'
18
20
 
19
21
  module Mongo
20
22
 
@@ -25,10 +27,10 @@ module Mongo
25
27
  class Socket
26
28
  include ::Socket::Constants
27
29
 
28
- # Error message for SSL related exceptions.
30
+ # Error message for TLS related exceptions.
29
31
  #
30
32
  # @since 2.0.0
31
- SSL_ERROR = 'MongoDB may not be configured with SSL support'.freeze
33
+ SSL_ERROR = 'MongoDB may not be configured with TLS support'.freeze
32
34
 
33
35
  # Error message for timeouts on socket calls.
34
36
  #
@@ -129,7 +131,7 @@ module Mongo
129
131
  sock_arr = [ @socket ]
130
132
  if Kernel::select(sock_arr, nil, sock_arr, 0)
131
133
  # The eof? call is supposed to return immediately since select
132
- # indicated the socket is readable. However, if @socket is an SSL
134
+ # indicated the socket is readable. However, if @socket is a TLS
133
135
  # socket, eof? can block anyway - see RUBY-2140.
134
136
  begin
135
137
  Timeout.timeout(0.1) do
@@ -342,7 +344,7 @@ module Mongo
342
344
  end
343
345
 
344
346
  def read_buffer_size
345
- # Buffer size for non-SSL reads
347
+ # Buffer size for non-TLS reads
346
348
  # 64kb
347
349
  65536
348
350
  end
@@ -34,24 +34,18 @@ module Mongo
34
34
  # Creates the SRV monitor.
35
35
  #
36
36
  # @param [ Cluster ] cluster The cluster.
37
- # @param [ Hash ] options The cluster options.
38
37
  #
39
- # @option options [ Float ] :timeout The timeout to use for DNS lookups.
40
- # @option options [ URI::SRVProtocol ] :srv_uri The SRV URI to monitor.
41
- # @option options [ Hash ] :resolv_options For internal driver use only.
38
+ # @option opts [ Float ] :timeout The timeout to use for DNS lookups.
39
+ # @option opts [ URI::SRVProtocol ] :srv_uri The SRV URI to monitor.
40
+ # @option opts [ Hash ] :resolv_options For internal driver use only.
42
41
  # Options to pass through to Resolv::DNS constructor for SRV lookups.
43
- def initialize(cluster, options = nil)
44
- options = if options
45
- options.dup
46
- else
47
- {}
48
- end
42
+ def initialize(cluster, **opts)
49
43
  @cluster = cluster
50
- @resolver = Srv::Resolver.new(options)
51
- unless @srv_uri = options.delete(:srv_uri)
44
+ unless @srv_uri = opts.delete(:srv_uri)
52
45
  raise ArgumentError, 'SRV URI is required'
53
46
  end
54
- @options = options.freeze
47
+ @options = opts.freeze
48
+ @resolver = Srv::Resolver.new(**opts)
55
49
  @last_result = @srv_uri.srv_result
56
50
  @stop_semaphore = Semaphore.new
57
51
  end
@@ -28,20 +28,24 @@ module Mongo
28
28
 
29
29
  # Creates a new Resolver.
30
30
  #
31
- # @param [ Hash ] options The options for the resolver.
32
- #
33
- # @option options [ Boolean ] :raise_on_invalid Whether or not to raise
31
+ # @option opts [ Float ] :timeout The timeout, in seconds, to use for
32
+ # each DNS record resolution.
33
+ # @option opts [ Boolean ] :raise_on_invalid Whether or not to raise
34
34
  # an exception if either a record with a mismatched domain is found
35
35
  # or if no records are found. Defaults to true.
36
- # @option options [ Hash ] :resolv_options For internal driver use only.
36
+ # @option opts [ Hash ] :resolv_options For internal driver use only.
37
37
  # Options to pass through to Resolv::DNS constructor for SRV lookups.
38
- def initialize(options = nil)
39
- @options = if options
40
- options.dup
41
- else
42
- {}
43
- end.freeze
38
+ def initialize(**opts)
39
+ @options = opts.freeze
44
40
  @resolver = Resolv::DNS.new(@options[:resolv_options])
41
+ @resolver.timeouts = timeout
42
+ end
43
+
44
+ # @return [ Hash ] Resolver options.
45
+ attr_reader :options
46
+
47
+ def timeout
48
+ options[:timeout] || Monitor::DEFAULT_TIMEOUT
45
49
  end
46
50
 
47
51
  # Obtains all of the SRV records for a given hostname.
data/lib/mongo/timeout.rb CHANGED
@@ -13,6 +13,8 @@
13
13
  # limitations under the License.
14
14
 
15
15
  module Mongo
16
+
17
+ # @api private
16
18
  module Timeout
17
19
 
18
20
  # A wrapper around Ruby core's Timeout::timeout method that provides