mongo 2.14.0 → 2.15.0.alpha

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7bfb22d052a842e256744a88c7e3cbd3b958643cc3e0f4425bf97be8f913f167
-  data.tar.gz: b63f3605ad8223e99a5f6a62aabff94a8c8600095b84265b6b4deb38e7223013
+  metadata.gz: a6312ea7c8c11a1e4f3dd355691d19bacf67bb3862395e69156133dace4b3503
+  data.tar.gz: 7a5f97640136a0f32e6e3d8a08f6fdb3a8b726342e7105391a49d18427c41016
 SHA512:
-  metadata.gz: 85566c0080b9bcfa67438a365114dd062425df557040e05c0db0448aedd37a0f52dae5b8612b08af196a9e35c1e5b41553a89607d780d187d4e2e28602471c76
-  data.tar.gz: 5172ab2d71a8d7e048fcb2d87e7219024a2028c3909f2cce48081d1b3014071df13b02426019508bda6542e4870992ca869cd3393caf3aaf6483ad4c74f1abf3
+  metadata.gz: 84fd33ac8d290e04c5ad2ca1c1dfa4022d9123d7ab7f8c3c9a621cf29dac04336f8dde8f73c8ff281107def7667ee0f3d5f3b596c90cee0ca8a88845754216f8
+  data.tar.gz: ccd825f5fba748bc45f75adef77f93f1a340862d32daa53145cb60e64a5e9b6dfd216c5eca033d1d3e6144a8931f548316315f3eb49b1dafed1dd63de978aa1a

data/README.md

@@ -14,7 +14,10 @@ Documentation
 High level documentation and usage examples are located
 [here](http://docs.mongodb.org/ecosystem/drivers/ruby/).
 
-API documentation can be found [here](https://api.mongodb.org/ruby/).
+API documentation for the most recent release can be found
+[here](https://docs.mongodb.com/ruby-driver/current/api/).
+To build API documentation for the master branch, check out the
+repository locally and run `rake docs`.
 
 
 Support

data/Rakefile

@@ -1,26 +1,19 @@
-#!/usr/bin/env ruby
+# -*- mode: ruby -*-
 
-require 'rubygems'
-
-begin
-  require 'bundler'
-  require 'bundler/gem_tasks'
-rescue LoadError
-  raise '[FAIL] Bundler not found! Install it with ' +
-        '`gem install bundler; bundle install`.'
-end
-
-default_groups = [:default, :testing]
-Bundler.require(*default_groups)
+require 'bundler'
+require 'bundler/gem_tasks'
+require 'rspec/core/rake_task'
+# TODO move the mongo require into the individual tasks that actually need it
+require 'mongo'
 
 ROOT = File.expand_path(File.join(File.dirname(__FILE__)))
 
 $: << File.join(ROOT, 'spec/shared/lib')
 
-require 'rspec/core/rake_task'
 require 'mrss/spec_organizer'
 
 CLASSIFIERS = [
+  [%r,^mongo/server,, :unit_server],
   [%r,^mongo,, :unit],
   [%r,^kerberos,, :unit],
   [%r,^integration/sdam_error_handling,, :sdam_integration],
@@ -34,7 +27,7 @@ CLASSIFIERS = [
 
 RUN_PRIORITY = %i(
   tx_examples
-  unit
+  unit unit_server
   integration sdam_integration cursor_reaping query_cache
   spec spec_sdam_integration
 )

data/lib/mongo.rb

@@ -78,4 +78,27 @@ module Mongo
   module_function def clear_ocsp_cache
     Socket::OcspCache.clear
   end
+
+  # This is a user-settable list of hooks that will be invoked when any new
+  # TLS socket is connected. Each hook should be a Proc that takes
+  # an OpenSSL::SSL::SSLContext object as an argument. These hooks can be used
+  # to modify the TLS context (for example to disallow certain ciphers).
+  #
+  # @return [ Array<Proc> ] The list of procs to be invoked when a TLS socket
+  #   is connected (may be an empty Array).
+  module_function def tls_context_hooks
+    @tls_context_hooks ||= []
+  end
+
+  # Set the TLS context hooks.
+  #
+  # @param [ Array<Proc> ] hooks An Array of Procs, each of which should take
+  #   an OpenSSL::SSL::SSLContext object as an argument.
+  module_function def tls_context_hooks=(hooks)
+    unless hooks.is_a?(Array) && hooks.all? { |hook| hook.is_a?(Proc) }
+      raise ArgumentError, "TLS context hooks must be an array of Procs"
+    end
+
+    @tls_context_hooks = hooks
+  end
 end

data/lib/mongo/auth/aws/conversation.rb

@@ -49,10 +49,7 @@ module Mongo
             payload: BSON::Binary.new(client_final_payload),
             conversationId: conversation_id,
           )
-          selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
-          cluster_time = connection.mongos? && connection.cluster_time
-          selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
-          Protocol::Msg.new([], {}, selector)
+          build_message(connection, user.auth_source, selector)
         end
 
         private

data/lib/mongo/auth/base.rb

@@ -100,7 +100,13 @@ module Mongo
       end
 
       def dispatch_msg(connection, conversation, msg)
-        reply = connection.dispatch([msg])
+        context = Operation::Context.new(options: {
+          server_api: connection.options[:server_api],
+        })
+        if server_api = context.server_api
+          msg = msg.maybe_add_server_api(server_api)
+        end
+        reply = connection.dispatch([msg], context)
         reply_document = reply.documents.first
         validate_reply!(connection, conversation, reply_document)
         result = Operation::Result.new(reply, connection.description)
@@ -112,14 +118,14 @@ module Mongo
       # raises Unauthorized if not.
       def validate_reply!(connection, conversation, doc)
         if doc[:ok] != 1
-          extra = [doc[:code], doc[:codeName]].compact.join(': ')
-          msg = doc[:errmsg]
-          unless extra.empty?
-            msg += " (#{extra})"
-          end
+          message = Error::Parser.build_message(
+            code: doc[:code],
+            code_name: doc[:codeName],
+            message: doc[:errmsg],
+          )
           raise Unauthorized.new(user,
             used_mechanism: self.class.const_get(:MECHANISM),
-            message: msg,
+            message: message,
             server: connection.server,
           )
         end

data/lib/mongo/auth/conversation_base.rb

@@ -47,6 +47,38 @@ module Mongo
       def speculative_auth_document
         nil
       end
+
+      # @return [ Protocol::Message ] The message to send.
+      def build_message(connection, auth_source, selector)
+        if connection && connection.features.op_msg_enabled?
+          selector = selector.dup
+          selector[Protocol::Msg::DATABASE_IDENTIFIER] = auth_source
+          cluster_time = connection.mongos? && connection.cluster_time
+          if cluster_time
+            selector[Operation::CLUSTER_TIME] = cluster_time
+          end
+          Protocol::Msg.new([], {}, selector)
+        else
+          Protocol::Query.new(
+            auth_source,
+            Database::COMMAND,
+            selector,
+            limit: -1,
+          )
+        end
+      end
+
+      def validate_external_auth_source
+        if user.auth_source != '$external'
+          user_name_msg = if user.name
+            " #{user.name}"
+          else
+            ''
+          end
+          mechanism = user.mechanism
+          raise Auth::InvalidConfiguration, "User#{user_name_msg} specifies auth source '#{user.auth_source}', but the only valid auth source for #{mechanism} is '$external'"
+        end
+      end
     end
   end
 end

data/lib/mongo/auth/cr/conversation.rb

@@ -43,22 +43,12 @@ module Mongo
         # @param [ Server::Connection ] connection The connection being
         #   authenticated.
         #
-        # @return [ Protocol::Query ] The first CR conversation message.
+        # @return [ Protocol::Message ] The first CR conversation message.
         #
         # @since 2.0.0
         def start(connection)
-          if connection && connection.features.op_msg_enabled?
-            selector = Auth::GET_NONCE.merge(Protocol::Msg::DATABASE_IDENTIFIER => user.auth_source)
-            cluster_time = connection.mongos? && connection.cluster_time
-            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
-            Protocol::Msg.new([], {}, selector)
-          else
-            Protocol::Query.new(
-              user.auth_source,
-              Database::COMMAND,
-              Auth::GET_NONCE,
-              limit: -1)
-          end
+          selector = Auth::GET_NONCE
+          build_message(connection, user.auth_source, selector)
         end
 
         # Continue the CR conversation. This sends the client final message
@@ -70,26 +60,13 @@ module Mongo
         # @param [ Mongo::Server::Connection ] connection The connection being
         #   authenticated.
         #
-        # @return [ Protocol::Query ] The next message to send.
+        # @return [ Protocol::Message ] The next message to send.
         #
         # @since 2.0.0
         def continue(reply_document, connection)
           @nonce = reply_document[Auth::NONCE]
-
-          if connection && connection.features.op_msg_enabled?
-            selector = LOGIN.merge(user: user.name, nonce: nonce, key: user.auth_key(nonce))
-            selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
-            cluster_time = connection.mongos? && connection.cluster_time
-            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
-            Protocol::Msg.new([], {}, selector)
-          else
-            Protocol::Query.new(
-              user.auth_source,
-              Database::COMMAND,
-              LOGIN.merge(user: user.name, nonce: nonce, key: user.auth_key(nonce)),
-              limit: -1
-            )
-          end
+          selector = LOGIN.merge(user: user.name, nonce: nonce, key: user.auth_key(nonce))
+          build_message(connection, user.auth_source, selector)
         end
       end
     end

data/lib/mongo/auth/gssapi/conversation.rb

@@ -70,20 +70,14 @@ module Mongo
         # @param [ BSON::Document ] reply_document The reply document of the
         #   previous message.
         #
-        # @return [ Protocol::Query ] The next query to execute.
+        # @return [ Protocol::Message ] The next query to execute.
         def continue(reply_document, connection)
           @id = reply_document['conversationId']
           payload = reply_document['payload']
 
           continue_token = authenticator.evaluate_challenge(payload)
           selector = CONTINUE_MESSAGE.merge(payload: continue_token, conversationId: id)
-
-          Protocol::Query.new(
-            Auth::EXTERNAL,
-            Database::COMMAND,
-            selector,
-            limit: 1,
-          )
+          build_message(connection, '$external', selector)
         end
 
         def process_continue_response(reply_document)
@@ -92,15 +86,10 @@ module Mongo
           @continue_token = authenticator.evaluate_challenge(payload)
         end
 
+        # @return [ Protocol::Message ] The next query to execute.
         def finalize(connection)
           selector = CONTINUE_MESSAGE.merge(payload: @continue_token, conversationId: id)
-
-          Protocol::Query.new(
-            Auth::EXTERNAL,
-            Database::COMMAND,
-            selector,
-            limit: 1,
-          )
+          build_message(connection, '$external', selector)
         end
       end
     end

data/lib/mongo/auth/ldap/conversation.rb

@@ -38,20 +38,9 @@ module Mongo
         #
         # @since 2.0.0
         def start(connection)
-          if connection && connection.features.op_msg_enabled?
-            selector = LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM)
-            selector[Protocol::Msg::DATABASE_IDENTIFIER] = Auth::EXTERNAL
-            cluster_time = connection.mongos? && connection.cluster_time
-            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
-            Protocol::Msg.new([], {}, selector)
-          else
-            Protocol::Query.new(
-              Auth::EXTERNAL,
-              Database::COMMAND,
-              LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM),
-              limit: -1
-            )
-          end
+          validate_external_auth_source
+          selector = LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM)
+          build_message(connection, '$external', selector)
         end
 
         private

data/lib/mongo/auth/sasl_conversation_base.rb

@@ -35,19 +35,7 @@ module Mongo
       # @return [ Protocol::Message ] The first SASL conversation message.
       def start(connection)
         selector = client_first_document
-        if connection && connection.features.op_msg_enabled?
-          selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
-          cluster_time = connection.mongos? && connection.cluster_time
-          selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
-          Protocol::Msg.new([], {}, selector)
-        else
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            selector,
-            limit: -1,
-          )
-        end
+        build_message(connection, user.auth_source, selector)
       end
 
       private

data/lib/mongo/auth/scram_conversation_base.rb

@@ -87,19 +87,7 @@ module Mongo
           payload: client_final_message,
           conversationId: id,
         )
-        if connection && connection.features.op_msg_enabled?
-          selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
-          cluster_time = connection.mongos? && connection.cluster_time
-          selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
-          Protocol::Msg.new([], {}, selector)
-        else
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            selector,
-            limit: -1,
-          )
-        end
+        build_message(connection, user.auth_source, selector)
       end
 
       # Processes the second response from the server.
@@ -116,28 +104,13 @@ module Mongo
       #
       # @param [ Server::Connection ] connection The connection being authenticated.
       #
-      # @return [ Protocol::Query ] The next message to send.
+      # @return [ Protocol::Message ] The next message to send.
       def finalize(connection)
-        if connection && connection.features.op_msg_enabled?
-          selector = CLIENT_CONTINUE_MESSAGE.merge(
-            payload: client_empty_message,
-            conversationId: id,
-          )
-          selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
-          cluster_time = connection.mongos? && connection.cluster_time
-          selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
-          Protocol::Msg.new([], {}, selector)
-        else
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            CLIENT_CONTINUE_MESSAGE.merge(
-              payload: client_empty_message,
-              conversationId: id,
-            ),
-            limit: -1,
-          )
-        end
+        selector = CLIENT_CONTINUE_MESSAGE.merge(
+          payload: client_empty_message,
+          conversationId: id,
+        )
+        build_message(connection, user.auth_source, selector)
       end
 
       # Returns the hash to provide to the server in the handshake

data/lib/mongo/auth/user/view.rb

@@ -44,13 +44,13 @@ module Mongo
         # @since 2.0.0
         def create(user_or_name, options = {})
           user = generate(user_or_name, options)
-          client.send(:with_session, options) do |session|
+          execute_operation(options) do |session|
             Operation::CreateUser.new(
               user: user,
               db_name: database.name,
               session: session,
               write_concern: options[:write_concern] && WriteConcern.get(options[:write_concern]),
-            ).execute(next_primary(nil, session), client: client)
+            )
           end
         end
 
@@ -81,13 +81,13 @@ module Mongo
         #
         # @since 2.0.0
         def remove(name, options = {})
-          client.send(:with_session, options) do |session|
+          execute_operation(options) do |session|
             Operation::RemoveUser.new(
               user_name: name,
               db_name: database.name,
               session: session,
               write_concern: options[:write_concern] && WriteConcern.get(options[:write_concern]),
-            ).execute(next_primary(nil, session), client: client)
+            )
           end
         end
 
@@ -106,14 +106,14 @@ module Mongo
         #
         # @since 2.0.0
         def update(user_or_name, options = {})
-          client.send(:with_session, options) do |session|
-            user = generate(user_or_name, options)
+          user = generate(user_or_name, options)
+          execute_operation(options) do |session|
             Operation::UpdateUser.new(
               user: user,
               db_name: database.name,
               session: session,
               write_concern: options[:write_concern] && WriteConcern.get(options[:write_concern]),
-            ).execute(next_primary(nil, session), client: client)
+            )
           end
         end
 
@@ -137,18 +137,25 @@ module Mongo
         private
 
         def user_query(name, options = {})
-          client.send(:with_session, options) do |session|
+          execute_operation(options) do |session|
             Operation::UsersInfo.new(
               user_name: name,
               db_name: database.name,
               session: session
-            ).execute(next_primary(nil, session), client: client)
+            )
           end
         end
 
         def generate(user, options)
           user.is_a?(String) ? Auth::User.new({ user: user }.merge(options)) : user
         end
+
+        def execute_operation(options)
+          client.send(:with_session, options) do |session|
+            op = yield session
+            op.execute(next_primary(nil, session), context: Operation::Context.new(client: client, session: session))
+          end
+        end
       end
     end
   end