mongo 2.15.0 → 2.18.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/README.md +22 -38
- data/lib/mongo/auth/aws/request.rb +0 -1
- data/lib/mongo/auth/base.rb +8 -1
- data/lib/mongo/auth.rb +12 -1
- data/lib/mongo/bulk_write/result.rb +10 -1
- data/lib/mongo/bulk_write/result_combiner.rb +2 -4
- data/lib/mongo/bulk_write.rb +115 -29
- data/lib/mongo/client.rb +182 -22
- data/lib/mongo/client_encryption.rb +113 -10
- data/lib/mongo/cluster/periodic_executor.rb +4 -3
- data/lib/mongo/cluster/reapers/cursor_reaper.rb +98 -43
- data/lib/mongo/cluster/sdam_flow.rb +9 -3
- data/lib/mongo/cluster/topology/base.rb +13 -9
- data/lib/mongo/cluster/topology/load_balanced.rb +102 -0
- data/lib/mongo/cluster/topology.rb +28 -8
- data/lib/mongo/cluster.rb +162 -79
- data/lib/mongo/collection/helpers.rb +43 -0
- data/lib/mongo/collection/queryable_encryption.rb +122 -0
- data/lib/mongo/collection/view/aggregation.rb +68 -22
- data/lib/mongo/collection/view/builder/aggregation.rb +16 -17
- data/lib/mongo/collection/view/builder/map_reduce.rb +15 -49
- data/lib/mongo/collection/view/builder.rb +0 -4
- data/lib/mongo/collection/view/change_stream.rb +66 -20
- data/lib/mongo/collection/view/explainable.rb +1 -1
- data/lib/mongo/collection/view/iterable.rb +64 -30
- data/lib/mongo/collection/view/map_reduce.rb +72 -24
- data/lib/mongo/collection/view/readable.rb +106 -70
- data/lib/mongo/collection/view/writable.rb +296 -177
- data/lib/mongo/collection/view.rb +15 -21
- data/lib/mongo/collection.rb +141 -53
- data/lib/mongo/config/options.rb +62 -0
- data/lib/mongo/config/validators/option.rb +26 -0
- data/lib/mongo/config.rb +42 -0
- data/lib/mongo/crypt/auto_encrypter.rb +136 -14
- data/lib/mongo/crypt/binding.rb +513 -144
- data/lib/mongo/crypt/context.rb +5 -2
- data/lib/mongo/crypt/data_key_context.rb +12 -104
- data/lib/mongo/crypt/encryption_io.rb +94 -60
- data/lib/mongo/crypt/explicit_encrypter.rb +143 -26
- data/lib/mongo/crypt/explicit_encryption_context.rb +25 -2
- data/lib/mongo/crypt/handle.rb +160 -86
- data/lib/mongo/crypt/hooks.rb +25 -2
- data/lib/mongo/crypt/kms/aws.rb +136 -0
- data/lib/mongo/crypt/kms/azure.rb +144 -0
- data/lib/mongo/crypt/kms/credentials.rb +81 -0
- data/lib/mongo/crypt/kms/gcp.rb +189 -0
- data/lib/mongo/crypt/kms/kmip.rb +116 -0
- data/lib/mongo/crypt/kms/local.rb +82 -0
- data/lib/mongo/crypt/kms/master_key_document.rb +65 -0
- data/lib/mongo/crypt/kms.rb +117 -0
- data/lib/mongo/crypt/rewrap_many_data_key_context.rb +46 -0
- data/lib/mongo/crypt/rewrap_many_data_key_result.rb +37 -0
- data/lib/mongo/crypt/status.rb +8 -2
- data/lib/mongo/crypt.rb +3 -0
- data/lib/mongo/cursor/kill_spec.rb +76 -0
- data/lib/mongo/cursor.rb +92 -36
- data/lib/mongo/database/view.rb +11 -6
- data/lib/mongo/database.rb +63 -19
- data/lib/mongo/dbref.rb +1 -105
- data/lib/mongo/error/bad_load_balancer_target.rb +26 -0
- data/lib/mongo/error/bulk_write_error.rb +31 -4
- data/lib/mongo/error/invalid_config_option.rb +20 -0
- data/lib/mongo/error/invalid_replacement_document.rb +27 -9
- data/lib/mongo/error/invalid_update_document.rb +27 -7
- data/lib/mongo/error/labelable.rb +72 -0
- data/lib/mongo/error/missing_connection.rb +25 -0
- data/lib/mongo/error/missing_file_chunk.rb +8 -2
- data/lib/mongo/error/missing_service_id.rb +26 -0
- data/lib/mongo/error/no_service_connection_available.rb +49 -0
- data/lib/mongo/error/notable.rb +14 -0
- data/lib/mongo/error/operation_failure.rb +34 -86
- data/lib/mongo/error/read_write_retryable.rb +108 -0
- data/lib/mongo/error/session_not_materialized.rb +29 -0
- data/lib/mongo/error/snapshot_session_invalid_server_version.rb +31 -0
- data/lib/mongo/error/snapshot_session_transaction_prohibited.rb +30 -0
- data/lib/mongo/error.rb +10 -37
- data/lib/mongo/grid/fs_bucket.rb +21 -2
- data/lib/mongo/grid/stream/read.rb +6 -0
- data/lib/mongo/id.rb +7 -5
- data/lib/mongo/index/view.rb +45 -48
- data/lib/mongo/monitoring/event/cmap/pool_cleared.rb +7 -4
- data/lib/mongo/monitoring/event/command_failed.rb +9 -3
- data/lib/mongo/monitoring/event/command_started.rb +3 -1
- data/lib/mongo/monitoring/event/command_succeeded.rb +9 -2
- data/lib/mongo/monitoring/publishable.rb +11 -7
- data/lib/mongo/operation/aggregate/command.rb +8 -0
- data/lib/mongo/operation/collections_info/result.rb +5 -2
- data/lib/mongo/operation/command/op_msg.rb +6 -0
- data/lib/mongo/operation/context.rb +37 -1
- data/lib/mongo/operation/count/command.rb +6 -0
- data/lib/mongo/operation/count/op_msg.rb +9 -0
- data/lib/mongo/operation/create/command.rb +7 -1
- data/lib/mongo/operation/create/op_msg.rb +10 -0
- data/lib/mongo/operation/create_index/command.rb +17 -1
- data/lib/mongo/operation/create_index/op_msg.rb +18 -4
- data/lib/mongo/operation/delete/command.rb +6 -3
- data/lib/mongo/operation/delete/op_msg.rb +10 -1
- data/lib/mongo/operation/delete.rb +0 -1
- data/lib/mongo/operation/distinct/command.rb +6 -0
- data/lib/mongo/operation/distinct/op_msg.rb +10 -0
- data/lib/mongo/operation/drop_index/op_msg.rb +5 -1
- data/lib/mongo/operation/explain/command.rb +13 -1
- data/lib/mongo/operation/explain/legacy.rb +12 -5
- data/lib/mongo/operation/explain/op_msg.rb +9 -1
- data/lib/mongo/operation/find/builder/command.rb +111 -0
- data/lib/mongo/{collection/view → operation/find}/builder/flags.rb +10 -14
- data/lib/mongo/operation/find/builder/legacy.rb +123 -0
- data/lib/mongo/{collection/view → operation/find}/builder/modifiers.rb +31 -25
- data/lib/mongo/{cursor → operation/find}/builder.rb +4 -4
- data/lib/mongo/operation/find/command.rb +9 -0
- data/lib/mongo/operation/find/legacy.rb +10 -1
- data/lib/mongo/operation/find/op_msg.rb +12 -0
- data/lib/mongo/operation/find.rb +1 -0
- data/lib/mongo/operation/get_more/command.rb +1 -0
- data/lib/mongo/operation/get_more/command_builder.rb +42 -0
- data/lib/mongo/operation/get_more/op_msg.rb +1 -0
- data/lib/mongo/operation/get_more.rb +1 -0
- data/lib/mongo/operation/insert/bulk_result.rb +5 -1
- data/lib/mongo/operation/insert/command.rb +0 -4
- data/lib/mongo/operation/insert/op_msg.rb +6 -3
- data/lib/mongo/operation/insert/result.rb +6 -3
- data/lib/mongo/operation/insert.rb +0 -1
- data/lib/mongo/operation/kill_cursors/command.rb +8 -0
- data/lib/mongo/operation/kill_cursors/{legacy.rb → command_builder.rb} +6 -11
- data/lib/mongo/operation/kill_cursors/op_msg.rb +10 -0
- data/lib/mongo/operation/kill_cursors.rb +1 -1
- data/lib/mongo/operation/list_collections/op_msg.rb +4 -1
- data/lib/mongo/operation/map_reduce/command.rb +8 -0
- data/lib/mongo/operation/map_reduce/op_msg.rb +1 -1
- data/lib/mongo/operation/map_reduce/result.rb +16 -0
- data/lib/mongo/operation/result.rb +27 -5
- data/lib/mongo/operation/shared/executable.rb +36 -3
- data/lib/mongo/operation/shared/polymorphic_operation.rb +15 -3
- data/lib/mongo/operation/shared/read_preference_supported.rb +3 -1
- data/lib/mongo/operation/shared/response_handling.rb +7 -5
- data/lib/mongo/operation/shared/sessions_supported.rb +35 -15
- data/lib/mongo/operation/shared/specifiable.rb +11 -29
- data/lib/mongo/operation/shared/validatable.rb +87 -0
- data/lib/mongo/operation/shared/write.rb +18 -12
- data/lib/mongo/operation/update/command.rb +6 -3
- data/lib/mongo/operation/update/op_msg.rb +9 -4
- data/lib/mongo/operation/update.rb +0 -1
- data/lib/mongo/operation/{delete/legacy.rb → write_command/command.rb} +17 -23
- data/lib/mongo/operation/write_command/op_msg.rb +43 -0
- data/lib/mongo/operation/write_command.rb +32 -0
- data/lib/mongo/operation.rb +10 -0
- data/lib/mongo/protocol/caching_hash.rb +69 -0
- data/lib/mongo/protocol/msg.rb +21 -1
- data/lib/mongo/protocol/query.rb +35 -18
- data/lib/mongo/protocol.rb +1 -0
- data/lib/mongo/query_cache.rb +27 -2
- data/lib/mongo/retryable.rb +78 -30
- data/lib/mongo/server/connection.rb +58 -3
- data/lib/mongo/server/connection_base.rb +14 -1
- data/lib/mongo/server/connection_common.rb +41 -1
- data/lib/mongo/server/connection_pool/generation_manager.rb +71 -0
- data/lib/mongo/server/connection_pool.rb +144 -43
- data/lib/mongo/server/description/features.rb +22 -17
- data/lib/mongo/server/description/load_balancer.rb +33 -0
- data/lib/mongo/server/description.rb +90 -6
- data/lib/mongo/server/monitor/connection.rb +16 -10
- data/lib/mongo/server/monitor.rb +27 -14
- data/lib/mongo/server/pending_connection.rb +47 -31
- data/lib/mongo/server/push_monitor.rb +21 -2
- data/lib/mongo/server.rb +78 -27
- data/lib/mongo/server_selector/base.rb +31 -5
- data/lib/mongo/session/session_pool.rb +19 -0
- data/lib/mongo/session.rb +142 -27
- data/lib/mongo/socket/ocsp_cache.rb +2 -3
- data/lib/mongo/socket/ocsp_verifier.rb +7 -39
- data/lib/mongo/socket/tcp.rb +3 -0
- data/lib/mongo/socket.rb +1 -5
- data/lib/mongo/srv/resolver.rb +24 -3
- data/lib/mongo/uri/options_mapper.rb +3 -0
- data/lib/mongo/uri/srv_protocol.rb +7 -9
- data/lib/mongo/uri.rb +38 -0
- data/lib/mongo/utils.rb +0 -13
- data/lib/mongo/version.rb +1 -1
- data/lib/mongo.rb +22 -0
- data/mongo.gemspec +11 -5
- data/spec/README.md +23 -5
- data/spec/integration/auth_spec.rb +31 -1
- data/spec/integration/awaited_ismaster_spec.rb +1 -1
- data/spec/integration/aws_lambda_examples_spec.rb +68 -0
- data/spec/integration/bulk_write_error_message_spec.rb +32 -0
- data/spec/integration/bulk_write_spec.rb +17 -1
- data/spec/integration/change_stream_spec.rb +9 -8
- data/spec/integration/client_construction_spec.rb +128 -8
- data/spec/integration/client_side_encryption/auto_encryption_bulk_writes_spec.rb +10 -10
- data/spec/integration/client_side_encryption/auto_encryption_command_monitoring_spec.rb +169 -169
- data/spec/integration/client_side_encryption/auto_encryption_mongocryptd_spawn_spec.rb +0 -1
- data/spec/integration/client_side_encryption/auto_encryption_reconnect_spec.rb +31 -0
- data/spec/integration/client_side_encryption/auto_encryption_spec.rb +108 -1
- data/spec/integration/client_side_encryption/bson_size_limit_spec.rb +3 -3
- data/spec/integration/client_side_encryption/bypass_mongocryptd_spawn_spec.rb +2 -2
- data/spec/integration/client_side_encryption/client_close_spec.rb +1 -1
- data/spec/integration/client_side_encryption/corpus_spec.rb +64 -35
- data/spec/integration/client_side_encryption/custom_endpoint_spec.rb +39 -42
- data/spec/integration/client_side_encryption/data_key_spec.rb +98 -8
- data/spec/integration/client_side_encryption/decryption_events_prose_spec.rb +158 -0
- data/spec/integration/client_side_encryption/explicit_encryption_spec.rb +59 -0
- data/spec/integration/client_side_encryption/explicit_queryable_encryption_spec.rb +147 -0
- data/spec/integration/client_side_encryption/external_key_vault_spec.rb +6 -6
- data/spec/integration/client_side_encryption/kms_tls_options_spec.rb +436 -0
- data/spec/integration/client_side_encryption/kms_tls_spec.rb +92 -0
- data/spec/integration/client_side_encryption/queryable_encryption_examples_spec.rb +111 -0
- data/spec/integration/client_side_encryption/unique_index_on_key_alt_names_prose_spec.rb +85 -0
- data/spec/integration/client_side_encryption/views_spec.rb +1 -1
- data/spec/integration/client_spec.rb +2 -0
- data/spec/integration/client_update_spec.rb +2 -2
- data/spec/integration/command_monitoring_spec.rb +1 -1
- data/spec/integration/command_spec.rb +1 -1
- data/spec/integration/connection_spec.rb +52 -35
- data/spec/integration/crud_spec.rb +186 -1
- data/spec/integration/cursor_pinning_spec.rb +121 -0
- data/spec/integration/cursor_reaping_spec.rb +8 -4
- data/spec/integration/fork_reconnect_spec.rb +16 -13
- data/spec/integration/get_more_spec.rb +1 -1
- data/spec/integration/grid_fs_bucket_spec.rb +3 -3
- data/spec/integration/heartbeat_events_spec.rb +1 -1
- data/spec/integration/map_reduce_spec.rb +77 -0
- data/spec/integration/ocsp_verifier_spec.rb +3 -0
- data/spec/integration/query_cache_spec.rb +240 -32
- data/spec/integration/query_cache_transactions_spec.rb +1 -1
- data/spec/integration/read_concern_spec.rb +1 -1
- data/spec/integration/read_preference_spec.rb +17 -13
- data/spec/integration/reconnect_spec.rb +32 -12
- data/spec/integration/retryable_errors_spec.rb +1 -1
- data/spec/integration/retryable_writes/retryable_writes_36_and_older_spec.rb +2 -2
- data/spec/integration/retryable_writes/retryable_writes_40_and_newer_spec.rb +1 -1
- data/spec/integration/sdam_error_handling_spec.rb +5 -3
- data/spec/integration/sdam_events_spec.rb +75 -19
- data/spec/integration/sdam_prose_spec.rb +1 -1
- data/spec/integration/server_monitor_spec.rb +3 -1
- data/spec/integration/server_selector_spec.rb +22 -5
- data/spec/integration/server_spec.rb +2 -0
- data/spec/integration/size_limit_spec.rb +4 -1
- data/spec/integration/snapshot_query_examples_spec.rb +127 -0
- data/spec/integration/srv_monitoring_spec.rb +39 -1
- data/spec/integration/srv_spec.rb +1 -0
- data/spec/integration/step_down_spec.rb +21 -5
- data/spec/integration/transaction_pinning_spec.rb +120 -0
- data/spec/integration/versioned_api_examples_spec.rb +52 -1
- data/spec/integration/x509_auth_spec.rb +1 -1
- data/spec/lite_spec_helper.rb +27 -11
- data/spec/mongo/address/ipv6_spec.rb +7 -0
- data/spec/mongo/address/unix_spec.rb +1 -0
- data/spec/mongo/address_spec.rb +7 -0
- data/spec/mongo/auth/cr_spec.rb +2 -3
- data/spec/mongo/auth/ldap_spec.rb +2 -3
- data/spec/mongo/auth/scram/conversation_spec.rb +23 -23
- data/spec/mongo/auth/scram256/conversation_spec.rb +20 -20
- data/spec/mongo/auth/scram_negotiation_spec.rb +1 -0
- data/spec/mongo/auth/scram_spec.rb +2 -3
- data/spec/mongo/auth/user/view_spec.rb +1 -1
- data/spec/mongo/auth/x509_spec.rb +2 -3
- data/spec/mongo/bulk_write/result_spec.rb +15 -1
- data/spec/mongo/bulk_write_spec.rb +144 -23
- data/spec/mongo/client_construction_spec.rb +443 -35
- data/spec/mongo/client_encryption_spec.rb +10 -22
- data/spec/mongo/client_spec.rb +303 -5
- data/spec/mongo/cluster/cursor_reaper_spec.rb +63 -23
- data/spec/mongo/cluster/periodic_executor_spec.rb +3 -1
- data/spec/mongo/cluster_spec.rb +33 -36
- data/spec/mongo/collection/view/aggregation_spec.rb +178 -83
- data/spec/mongo/collection/view/builder/find_command_spec.rb +4 -0
- data/spec/mongo/collection/view/builder/op_query_spec.rb +4 -0
- data/spec/mongo/collection/view/change_stream_spec.rb +2 -2
- data/spec/mongo/collection/view/map_reduce_spec.rb +31 -2
- data/spec/mongo/collection/view/readable_spec.rb +661 -1
- data/spec/mongo/collection/view/writable_spec.rb +144 -32
- data/spec/mongo/collection_crud_spec.rb +70 -15
- data/spec/mongo/collection_ddl_spec.rb +1 -1
- data/spec/mongo/collection_spec.rb +33 -1
- data/spec/mongo/config/options_spec.rb +75 -0
- data/spec/mongo/config_spec.rb +73 -0
- data/spec/mongo/crypt/auto_decryption_context_spec.rb +17 -1
- data/spec/mongo/crypt/auto_encrypter_spec.rb +256 -5
- data/spec/mongo/crypt/auto_encryption_context_spec.rb +17 -1
- data/spec/mongo/crypt/binding/context_spec.rb +67 -17
- data/spec/mongo/crypt/binding/mongocrypt_spec.rb +17 -46
- data/spec/mongo/crypt/binding/version_spec.rb +33 -0
- data/spec/mongo/crypt/binding_unloaded_spec.rb +14 -0
- data/spec/mongo/crypt/data_key_context_spec.rb +42 -114
- data/spec/mongo/crypt/encryption_io_spec.rb +2 -0
- data/spec/mongo/crypt/explicit_decryption_context_spec.rb +32 -1
- data/spec/mongo/crypt/explicit_encryption_context_spec.rb +94 -1
- data/spec/mongo/crypt/handle_spec.rb +172 -156
- data/spec/mongo/crypt/hooks_spec.rb +30 -0
- data/spec/mongo/crypt/kms/credentials_spec.rb +357 -0
- data/spec/mongo/crypt/kms_spec.rb +59 -0
- data/spec/mongo/cursor/builder/get_more_command_spec.rb +4 -0
- data/spec/mongo/cursor/builder/op_get_more_spec.rb +4 -0
- data/spec/mongo/cursor_spec.rb +104 -7
- data/spec/mongo/database_spec.rb +81 -16
- data/spec/mongo/error/operation_failure_heavy_spec.rb +50 -1
- data/spec/mongo/grid/fs_bucket_spec.rb +18 -12
- data/spec/mongo/grid/stream/write_spec.rb +3 -9
- data/spec/mongo/grid/stream_spec.rb +1 -1
- data/spec/mongo/index/view_spec.rb +127 -2
- data/spec/mongo/operation/create/op_msg_spec.rb +244 -0
- data/spec/mongo/operation/delete/op_msg_spec.rb +14 -5
- data/spec/mongo/operation/delete_spec.rb +0 -30
- data/spec/mongo/{collection/view → operation/find}/builder/flags_spec.rb +2 -2
- data/spec/mongo/{collection/view → operation/find}/builder/modifiers_spec.rb +2 -2
- data/spec/mongo/operation/find/legacy_spec.rb +1 -0
- data/spec/mongo/operation/insert/bulk_spec.rb +1 -1
- data/spec/mongo/operation/insert/op_msg_spec.rb +19 -11
- data/spec/mongo/operation/insert_spec.rb +0 -32
- data/spec/mongo/operation/read_preference_legacy_spec.rb +4 -0
- data/spec/mongo/operation/read_preference_op_msg_spec.rb +26 -1
- data/spec/mongo/operation/result_spec.rb +20 -0
- data/spec/mongo/operation/update/bulk_spec.rb +1 -1
- data/spec/mongo/operation/update/op_msg_spec.rb +14 -5
- data/spec/mongo/operation/update_spec.rb +0 -29
- data/spec/mongo/protocol/caching_hash_spec.rb +82 -0
- data/spec/mongo/protocol/msg_spec.rb +41 -0
- data/spec/mongo/query_cache_spec.rb +172 -2
- data/spec/mongo/retryable_spec.rb +32 -3
- data/spec/mongo/server/connection_auth_spec.rb +3 -1
- data/spec/mongo/server/connection_common_spec.rb +76 -13
- data/spec/mongo/server/connection_pool_spec.rb +178 -45
- data/spec/mongo/server/connection_spec.rb +186 -200
- data/spec/mongo/server/description/features_spec.rb +24 -0
- data/spec/mongo/server/description_spec.rb +1 -1
- data/spec/mongo/server/monitor/connection_spec.rb +22 -0
- data/spec/mongo/server/monitor_spec.rb +4 -3
- data/spec/mongo/server/push_monitor_spec.rb +95 -0
- data/spec/mongo/server_selector_spec.rb +136 -15
- data/spec/mongo/session/session_pool_spec.rb +42 -10
- data/spec/mongo/session_spec.rb +26 -6
- data/spec/mongo/session_transaction_spec.rb +15 -29
- data/spec/mongo/socket/ssl_spec.rb +42 -63
- data/spec/mongo/socket/unix_spec.rb +1 -0
- data/spec/mongo/uri/srv_protocol_spec.rb +101 -2
- data/spec/mongo/uri_option_parsing_spec.rb +38 -5
- data/spec/mongo/uri_spec.rb +25 -0
- data/spec/mongo/utils_spec.rb +0 -14
- data/spec/runners/auth.rb +1 -1
- data/spec/runners/change_streams/spec.rb +1 -1
- data/spec/runners/change_streams/test.rb +1 -1
- data/spec/runners/cmap.rb +2 -2
- data/spec/runners/command_monitoring.rb +1 -1
- data/spec/runners/connection_string.rb +16 -4
- data/spec/runners/crud/operation.rb +17 -6
- data/spec/runners/crud/requirement.rb +10 -4
- data/spec/runners/crud/spec.rb +6 -3
- data/spec/runners/crud/test.rb +1 -1
- data/spec/runners/crud/verifier.rb +7 -2
- data/spec/runners/crud.rb +1 -1
- data/spec/runners/gridfs.rb +1 -1
- data/spec/runners/read_write_concern_document.rb +1 -1
- data/spec/runners/sdam.rb +3 -2
- data/spec/runners/server_selection.rb +1 -1
- data/spec/runners/server_selection_rtt.rb +1 -1
- data/spec/runners/transactions/spec.rb +2 -2
- data/spec/runners/transactions/test.rb +21 -18
- data/spec/runners/transactions.rb +11 -8
- data/spec/runners/unified/assertions.rb +95 -15
- data/spec/runners/unified/change_stream_operations.rb +12 -0
- data/spec/runners/unified/client_side_encryption_operations.rb +83 -0
- data/spec/runners/unified/crud_operations.rb +143 -26
- data/spec/runners/unified/ddl_operations.rb +74 -1
- data/spec/runners/unified/entity_map.rb +3 -3
- data/spec/runners/unified/error.rb +2 -1
- data/spec/runners/unified/event_subscriber.rb +2 -2
- data/spec/runners/unified/grid_fs_operations.rb +21 -0
- data/spec/runners/unified/support_operations.rb +21 -5
- data/spec/runners/unified/test.rb +96 -8
- data/spec/runners/unified/test_group.rb +1 -1
- data/spec/runners/unified.rb +10 -3
- data/spec/shared/lib/mrss/cluster_config.rb +6 -1
- data/spec/shared/lib/mrss/constraints.rb +21 -22
- data/spec/shared/lib/mrss/docker_runner.rb +23 -3
- data/spec/shared/lib/mrss/eg_config_utils.rb +51 -0
- data/spec/shared/lib/mrss/event_subscriber.rb +210 -0
- data/spec/shared/lib/mrss/lite_constraints.rb +40 -1
- data/spec/shared/lib/mrss/server_version_registry.rb +17 -12
- data/spec/shared/lib/mrss/session_registry.rb +69 -0
- data/spec/shared/lib/mrss/session_registry_legacy.rb +60 -0
- data/spec/shared/share/Dockerfile.erb +61 -58
- data/spec/shared/shlib/config.sh +27 -0
- data/spec/shared/shlib/distro.sh +2 -1
- data/spec/shared/shlib/server.sh +114 -39
- data/spec/shared/shlib/set_env.sh +43 -5
- data/spec/solo/clean_exit_spec.rb +5 -0
- data/spec/spec_helper.rb +0 -1
- data/spec/spec_tests/client_side_encryption_spec.rb +1 -1
- data/spec/spec_tests/client_side_encryption_unified_spec.rb +16 -0
- data/spec/spec_tests/cmap_spec.rb +4 -1
- data/spec/spec_tests/crud_spec.rb +0 -10
- data/spec/spec_tests/data/change_streams_unified/change-streams-errors.yml +124 -0
- data/spec/spec_tests/data/change_streams_unified/change-streams-pre_and_post_images.yml +351 -0
- data/spec/spec_tests/data/change_streams_unified/change-streams-resume-allowlist.yml +1171 -0
- data/spec/spec_tests/data/change_streams_unified/change-streams-resume-errorLabels.yml +1071 -0
- data/spec/spec_tests/data/change_streams_unified/change-streams-showExpandedEvents.yml +298 -0
- data/spec/spec_tests/data/change_streams_unified/change-streams.yml +859 -4
- data/spec/spec_tests/data/client_side_encryption/aggregate.yml +3 -17
- data/spec/spec_tests/data/client_side_encryption/azureKMS.yml +46 -0
- data/spec/spec_tests/data/client_side_encryption/badQueries.yml +12 -2
- data/spec/spec_tests/data/client_side_encryption/basic.yml +3 -17
- data/spec/spec_tests/data/client_side_encryption/bulk.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/bypassAutoEncryption.yml +2 -2
- data/spec/spec_tests/data/client_side_encryption/count.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/countDocuments.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/create-and-createIndexes.yml +58 -0
- data/spec/spec_tests/data/client_side_encryption/delete.yml +2 -16
- data/spec/spec_tests/data/client_side_encryption/distinct.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/explain.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/find.yml +2 -16
- data/spec/spec_tests/data/client_side_encryption/findOneAndDelete.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/findOneAndReplace.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/findOneAndUpdate.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/fle2-BypassQueryAnalysis.yml +101 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-Compact.yml +80 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-CreateCollection.yml +1263 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-DecryptExistingData.yml +64 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-Delete.yml +107 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-EncryptedFields-vs-EncryptedFieldsMap.yml +80 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-EncryptedFields-vs-jsonSchema.yml +90 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-EncryptedFieldsMap-defaults.yml +57 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-FindOneAndUpdate.yml +213 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-InsertFind-Indexed.yml +86 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-InsertFind-Unindexed.yml +83 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-MissingKey.yml +41 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-NoEncryption.yml +42 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-Update.yml +221 -0
- data/spec/spec_tests/data/client_side_encryption/fle2-validatorAndPartialFieldExpression.yml +168 -0
- data/spec/spec_tests/data/client_side_encryption/gcpKMS.yml +46 -0
- data/spec/spec_tests/data/client_side_encryption/getMore.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/insert.yml +2 -16
- data/spec/spec_tests/data/client_side_encryption/keyAltName.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/localKMS.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/localSchema.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/maxWireVersion.yml +2 -0
- data/spec/spec_tests/data/client_side_encryption/missingKey.yml +2 -9
- data/spec/spec_tests/data/client_side_encryption/noSchema.yml +39 -0
- data/spec/spec_tests/data/client_side_encryption/replaceOne.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/types.yml +44 -70
- data/spec/spec_tests/data/client_side_encryption/unified/addKeyAltName.yml +194 -0
- data/spec/spec_tests/data/client_side_encryption/unified/createDataKey-kms_providers-invalid.yml +67 -0
- data/spec/spec_tests/data/client_side_encryption/unified/createDataKey.yml +309 -0
- data/spec/spec_tests/data/client_side_encryption/unified/deleteKey.yml +159 -0
- data/spec/spec_tests/data/client_side_encryption/unified/getKey.yml +105 -0
- data/spec/spec_tests/data/client_side_encryption/unified/getKeyByAltName.yml +104 -0
- data/spec/spec_tests/data/client_side_encryption/unified/getKeys.yml +122 -0
- data/spec/spec_tests/data/client_side_encryption/unified/removeKeyAltName.yml +157 -0
- data/spec/spec_tests/data/client_side_encryption/unified/rewrapManyDataKey-decrypt_failure.yml +69 -0
- data/spec/spec_tests/data/client_side_encryption/unified/rewrapManyDataKey-encrypt_failure.yml +122 -0
- data/spec/spec_tests/data/client_side_encryption/unified/rewrapManyDataKey.yml +432 -0
- data/spec/spec_tests/data/client_side_encryption/updateMany.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/updateOne.yml +1 -8
- data/spec/spec_tests/data/client_side_encryption/validatorAndPartialFieldExpression.yml +166 -0
- data/spec/spec_tests/data/collection_management/clustered-indexes.yml +135 -0
- data/spec/spec_tests/data/collection_management/createCollection-pre_and_post_images.yml +50 -0
- data/spec/spec_tests/data/collection_management/modifyCollection-pre_and_post_images.yml +58 -0
- data/spec/spec_tests/data/command_monitoring_unified/bulkWrite.yml +68 -0
- data/spec/spec_tests/data/command_monitoring_unified/command.yml +50 -0
- data/spec/spec_tests/data/command_monitoring_unified/deleteMany.yml +79 -0
- data/spec/spec_tests/data/command_monitoring_unified/deleteOne.yml +79 -0
- data/spec/spec_tests/data/command_monitoring_unified/find.yml +254 -0
- data/spec/spec_tests/data/command_monitoring_unified/insertMany.yml +79 -0
- data/spec/spec_tests/data/command_monitoring_unified/insertOne.yml +77 -0
- data/spec/spec_tests/data/command_monitoring_unified/pre-42-server-connection-id.yml +56 -0
- data/spec/spec_tests/data/command_monitoring_unified/server-connection-id.yml +56 -0
- data/spec/spec_tests/data/command_monitoring_unified/unacknowledgedBulkWrite.yml +55 -0
- data/spec/spec_tests/data/command_monitoring_unified/updateMany.yml +87 -0
- data/spec/spec_tests/data/command_monitoring_unified/updateOne.yml +118 -0
- data/spec/spec_tests/data/crud/read/aggregate-collation.yml +2 -1
- data/spec/spec_tests/data/crud/read/aggregate-out.yml +1 -0
- data/spec/spec_tests/data/crud/read/count-collation.yml +2 -1
- data/spec/spec_tests/data/crud/read/distinct-collation.yml +2 -1
- data/spec/spec_tests/data/crud/read/find-collation.yml +2 -1
- data/spec/spec_tests/data/crud/write/bulkWrite-collation.yml +2 -1
- data/spec/spec_tests/data/crud/write/deleteMany-collation.yml +2 -1
- data/spec/spec_tests/data/crud/write/deleteOne-collation.yml +2 -1
- data/spec/spec_tests/data/crud/write/findOneAndDelete-collation.yml +3 -2
- data/spec/spec_tests/data/crud/write/findOneAndReplace-collation.yml +2 -1
- data/spec/spec_tests/data/crud/write/findOneAndUpdate-collation.yml +3 -2
- data/spec/spec_tests/data/crud/write/replaceOne-collation.yml +3 -2
- data/spec/spec_tests/data/crud/write/updateMany-collation.yml +2 -1
- data/spec/spec_tests/data/crud/write/updateOne-collation.yml +2 -1
- data/spec/spec_tests/data/crud_unified/aggregate-allowdiskuse.yml +75 -0
- data/spec/spec_tests/data/crud_unified/aggregate-let.yml +138 -0
- data/spec/spec_tests/data/crud_unified/aggregate-merge.yml +185 -0
- data/spec/spec_tests/data/crud_unified/aggregate-out-readConcern.yml +171 -0
- data/spec/spec_tests/data/crud_unified/aggregate-write-readPreference.yml +155 -0
- data/spec/spec_tests/data/crud_unified/aggregate.yml +215 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-arrayFilters-clientError.yml +98 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-arrayFilters.yml +174 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-comment.yml +189 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-delete-hint-clientError.yml +113 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-delete-hint-serverError.yml +142 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-delete-hint.yml +154 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-deleteMany-hint-unacknowledged.yml +98 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-deleteMany-let.yml +86 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-deleteOne-hint-unacknowledged.yml +97 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-deleteOne-let.yml +86 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-insertOne-dots_and_dollars.yml +138 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-replaceOne-dots_and_dollars.yml +165 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-replaceOne-hint-unacknowledged.yml +103 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-replaceOne-let.yml +93 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-update-hint-clientError.yml +148 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-update-hint-serverError.yml +239 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-update-hint.yml +256 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-update-validation.yml +73 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-updateMany-dots_and_dollars.yml +150 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-updateMany-hint-unacknowledged.yml +104 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-updateMany-let.yml +96 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-updateOne-dots_and_dollars.yml +150 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-updateOne-hint-unacknowledged.yml +103 -0
- data/spec/spec_tests/data/crud_unified/bulkWrite-updateOne-let.yml +95 -0
- data/spec/spec_tests/data/crud_unified/countDocuments-comment.yml +92 -0
- data/spec/spec_tests/data/crud_unified/db-aggregate-write-readPreference.yml +151 -0
- data/spec/spec_tests/data/crud_unified/db-aggregate.yml +73 -0
- data/spec/spec_tests/data/crud_unified/deleteMany-comment.yml +97 -0
- data/spec/spec_tests/data/crud_unified/deleteMany-hint-clientError.yml +87 -0
- data/spec/spec_tests/data/crud_unified/deleteMany-hint-serverError.yml +107 -0
- data/spec/spec_tests/data/crud_unified/deleteMany-hint-unacknowledged.yml +90 -0
- data/spec/spec_tests/data/crud_unified/deleteMany-hint.yml +99 -0
- data/spec/spec_tests/data/crud_unified/deleteMany-let.yml +93 -0
- data/spec/spec_tests/data/crud_unified/deleteOne-comment.yml +98 -0
- data/spec/spec_tests/data/crud_unified/deleteOne-hint-clientError.yml +80 -0
- data/spec/spec_tests/data/crud_unified/deleteOne-hint-serverError.yml +100 -0
- data/spec/spec_tests/data/crud_unified/deleteOne-hint-unacknowledged.yml +89 -0
- data/spec/spec_tests/data/crud_unified/deleteOne-hint.yml +95 -0
- data/spec/spec_tests/data/crud_unified/deleteOne-let.yml +91 -0
- data/spec/spec_tests/data/crud_unified/distinct-comment.yml +98 -0
- data/spec/spec_tests/data/crud_unified/estimatedDocumentCount-comment.yml +95 -0
- data/spec/spec_tests/data/crud_unified/estimatedDocumentCount.yml +5 -135
- data/spec/spec_tests/data/crud_unified/find-allowdiskuse-clientError.yml +55 -0
- data/spec/spec_tests/data/crud_unified/find-allowdiskuse-serverError.yml +68 -0
- data/spec/spec_tests/data/crud_unified/find-allowdiskuse.yml +79 -0
- data/spec/spec_tests/data/crud_unified/find-comment.yml +166 -0
- data/spec/spec_tests/data/crud_unified/find-let.yml +71 -0
- data/spec/spec_tests/data/crud_unified/find.yml +68 -0
- data/spec/spec_tests/data/crud_unified/findOneAndDelete-comment.yml +96 -0
- data/spec/spec_tests/data/crud_unified/findOneAndDelete-hint-clientError.yml +91 -0
- data/spec/spec_tests/data/crud_unified/findOneAndDelete-hint-serverError.yml +107 -0
- data/spec/spec_tests/data/crud_unified/findOneAndDelete-hint-unacknowledged.yml +88 -0
- data/spec/spec_tests/data/crud_unified/findOneAndDelete-hint.yml +102 -0
- data/spec/spec_tests/data/crud_unified/findOneAndDelete-let.yml +86 -0
- data/spec/spec_tests/data/crud_unified/findOneAndReplace-comment.yml +101 -0
- data/spec/spec_tests/data/crud_unified/findOneAndReplace-dots_and_dollars.yml +140 -0
- data/spec/spec_tests/data/crud_unified/findOneAndReplace-hint-clientError.yml +83 -0
- data/spec/spec_tests/data/crud_unified/findOneAndReplace-hint-serverError.yml +99 -0
- data/spec/spec_tests/data/crud_unified/findOneAndReplace-hint-unacknowledged.yml +96 -0
- data/spec/spec_tests/data/crud_unified/findOneAndReplace-hint.yml +98 -0
- data/spec/spec_tests/data/crud_unified/findOneAndReplace-let.yml +94 -0
- data/spec/spec_tests/data/crud_unified/findOneAndUpdate-comment.yml +95 -0
- data/spec/spec_tests/data/crud_unified/findOneAndUpdate-dots_and_dollars.yml +127 -0
- data/spec/spec_tests/data/crud_unified/findOneAndUpdate-hint-clientError.yml +84 -0
- data/spec/spec_tests/data/crud_unified/findOneAndUpdate-hint-serverError.yml +100 -0
- data/spec/spec_tests/data/crud_unified/findOneAndUpdate-hint-unacknowledged.yml +92 -0
- data/spec/spec_tests/data/crud_unified/findOneAndUpdate-hint.yml +99 -0
- data/spec/spec_tests/data/crud_unified/findOneAndUpdate-let.yml +96 -0
- data/spec/spec_tests/data/crud_unified/insertMany-comment.yml +93 -0
- data/spec/spec_tests/data/crud_unified/insertMany-dots_and_dollars.yml +128 -0
- data/spec/spec_tests/data/crud_unified/insertOne-comment.yml +91 -0
- data/spec/spec_tests/data/crud_unified/insertOne-dots_and_dollars.yml +238 -0
- data/spec/spec_tests/data/crud_unified/replaceOne-comment.yml +105 -0
- data/spec/spec_tests/data/crud_unified/replaceOne-dots_and_dollars.yml +180 -0
- data/spec/spec_tests/data/crud_unified/replaceOne-hint-unacknowledged.yml +95 -0
- data/spec/spec_tests/data/crud_unified/replaceOne-hint.yml +108 -0
- data/spec/spec_tests/data/crud_unified/replaceOne-let.yml +98 -0
- data/spec/spec_tests/data/crud_unified/replaceOne-validation.yml +37 -0
- data/spec/spec_tests/data/crud_unified/updateMany-comment.yml +104 -0
- data/spec/spec_tests/data/crud_unified/updateMany-dots_and_dollars.yml +138 -0
- data/spec/spec_tests/data/crud_unified/updateMany-hint-clientError.yml +91 -0
- data/spec/spec_tests/data/crud_unified/updateMany-hint-serverError.yml +115 -0
- data/spec/spec_tests/data/crud_unified/updateMany-hint-unacknowledged.yml +96 -0
- data/spec/spec_tests/data/crud_unified/updateMany-hint.yml +115 -0
- data/spec/spec_tests/data/crud_unified/updateMany-let.yml +107 -0
- data/spec/spec_tests/data/crud_unified/updateMany-validation.yml +39 -0
- data/spec/spec_tests/data/crud_unified/updateOne-comment.yml +104 -0
- data/spec/spec_tests/data/crud_unified/updateOne-dots_and_dollars.yml +138 -0
- data/spec/spec_tests/data/crud_unified/updateOne-hint-clientError.yml +85 -0
- data/spec/spec_tests/data/crud_unified/updateOne-hint-serverError.yml +109 -0
- data/spec/spec_tests/data/crud_unified/updateOne-hint-unacknowledged.yml +95 -0
- data/spec/spec_tests/data/crud_unified/updateOne-hint.yml +109 -0
- data/spec/spec_tests/data/crud_unified/updateOne-let.yml +102 -0
- data/spec/spec_tests/data/crud_unified/updateOne-validation.yml +37 -0
- data/spec/spec_tests/data/crud_unified/updateWithPipelines.yml +8 -14
- data/spec/spec_tests/data/gridfs_unified/delete.yml +198 -0
- data/spec/spec_tests/data/gridfs_unified/download.yml +241 -0
- data/spec/spec_tests/data/gridfs_unified/downloadByName.yml +159 -0
- data/spec/spec_tests/data/gridfs_unified/upload-disableMD5.yml +92 -0
- data/spec/spec_tests/data/gridfs_unified/upload.yml +288 -0
- data/spec/spec_tests/data/load_balancers/event-monitoring.yml +99 -0
- data/spec/spec_tests/data/load_balancers/lb-connection-establishment.yml +36 -0
- data/spec/spec_tests/data/load_balancers/non-lb-connection-establishment.yml +56 -0
- data/spec/spec_tests/data/load_balancers/server-selection.yml +50 -0
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/DefaultNoMaxStaleness.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/LastUpdateTime.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/Nearest.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/Nearest2.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/PrimaryPreferred.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/PrimaryPreferred_tags.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/Secondary.yml +4 -4
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/SecondaryPreferred.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/SecondaryPreferred_tags.yml +4 -4
- data/spec/spec_tests/data/max_staleness/ReplicaSetNoPrimary/ZeroMaxStaleness.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/DefaultNoMaxStaleness.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/LastUpdateTime.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/LongHeartbeat.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/LongHeartbeat2.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/MaxStalenessTooSmall.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/MaxStalenessWithModePrimary.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/Nearest.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/Nearest2.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/Nearest_tags.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/PrimaryPreferred.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/SecondaryPreferred.yml +2 -2
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/SecondaryPreferred_tags.yml +5 -5
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/SecondaryPreferred_tags2.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/Secondary_tags.yml +5 -5
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/Secondary_tags2.yml +3 -3
- data/spec/spec_tests/data/max_staleness/ReplicaSetWithPrimary/ZeroMaxStaleness.yml +2 -2
- data/spec/spec_tests/data/max_staleness/Sharded/SmallMaxStaleness.yml +2 -2
- data/spec/spec_tests/data/max_staleness/Single/SmallMaxStaleness.yml +1 -1
- data/spec/spec_tests/data/max_staleness/Unknown/SmallMaxStaleness.yml +1 -1
- data/spec/spec_tests/data/retryable_reads/{changeStreams-client.watch-serverErrors.yml → legacy/changeStreams-client.watch-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_reads/{changeStreams-client.watch.yml → legacy/changeStreams-client.watch.yml} +1 -1
- data/spec/spec_tests/data/retryable_reads/{changeStreams-db.coll.watch-serverErrors.yml → legacy/changeStreams-db.coll.watch-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_reads/{changeStreams-db.coll.watch.yml → legacy/changeStreams-db.coll.watch.yml} +1 -1
- data/spec/spec_tests/data/retryable_reads/{changeStreams-db.watch-serverErrors.yml → legacy/changeStreams-db.watch-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_reads/{changeStreams-db.watch.yml → legacy/changeStreams-db.watch.yml} +1 -1
- data/spec/spec_tests/data/retryable_reads/{estimatedDocumentCount-serverErrors-pre4.9.yml → legacy/estimatedDocumentCount-serverErrors.yml} +0 -2
- data/spec/spec_tests/data/retryable_reads/{estimatedDocumentCount-pre4.9.yml → legacy/estimatedDocumentCount.yml} +0 -2
- data/spec/spec_tests/data/retryable_reads/{mapReduce.yml → legacy/mapReduce.yml} +3 -1
- data/spec/spec_tests/data/retryable_reads/unified/handshakeError.yml +129 -0
- data/spec/spec_tests/data/retryable_writes/{bulkWrite-serverErrors.yml → legacy/bulkWrite-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/{deleteOne-serverErrors.yml → legacy/deleteOne-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/{findOneAndDelete-serverErrors.yml → legacy/findOneAndDelete-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/{findOneAndReplace-serverErrors.yml → legacy/findOneAndReplace-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/{findOneAndUpdate-serverErrors.yml → legacy/findOneAndUpdate-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/{insertMany-serverErrors.yml → legacy/insertMany-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/{insertOne-serverErrors.yml → legacy/insertOne-serverErrors.yml} +5 -5
- data/spec/spec_tests/data/retryable_writes/{replaceOne-serverErrors.yml → legacy/replaceOne-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/{updateOne-serverErrors.yml → legacy/updateOne-serverErrors.yml} +1 -1
- data/spec/spec_tests/data/retryable_writes/unified/bulkWrite-serverErrors.yml +96 -0
- data/spec/spec_tests/data/retryable_writes/unified/handshakeError.yml +137 -0
- data/spec/spec_tests/data/retryable_writes/unified/insertOne-serverErrors.yml +78 -0
- data/spec/spec_tests/data/sdam/errors/prefer-error-code.yml +2 -2
- data/spec/spec_tests/data/sdam/load-balanced/discover_load_balancer.yml +25 -0
- data/spec/spec_tests/data/sdam_integration/find-network-error.yml +2 -0
- data/spec/spec_tests/data/sdam_integration/find-shutdown-error.yml +2 -0
- data/spec/spec_tests/data/sdam_integration/hello-command-error.yml +9 -15
- data/spec/spec_tests/data/sdam_integration/hello-network-error.yml +7 -15
- data/spec/spec_tests/data/sdam_integration/hello-timeout.yml +10 -14
- data/spec/spec_tests/data/sdam_integration/insert-network-error.yml +2 -0
- data/spec/spec_tests/data/sdam_integration/insert-shutdown-error.yml +2 -0
- data/spec/spec_tests/data/sdam_monitoring/load_balancer.yml +65 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/loadBalanced-directConnection.yml +13 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/loadBalanced-no-results.yml +5 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/loadBalanced-replicaSet-errors.yml +6 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/loadBalanced-true-multiple-hosts.yml +5 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/loadBalanced-true-txt.yml +10 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/srvMaxHosts-conflicts_with_loadBalanced-true-txt.yml +5 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/srvMaxHosts-conflicts_with_loadBalanced-true.yml +5 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/srvMaxHosts-zero-txt.yml +10 -0
- data/spec/spec_tests/data/seed_list_discovery/load-balanced/srvMaxHosts-zero.yml +10 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/encoded-userinfo-and-db.yml +15 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/loadBalanced-false-txt.yml +10 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srv-service-name.yml +11 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srvMaxHosts-conflicts_with_replicaSet-txt.yml +5 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srvMaxHosts-conflicts_with_replicaSet.yml +5 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srvMaxHosts-equal_to_srv_records.yml +16 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srvMaxHosts-greater_than_srv_records.yml +15 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srvMaxHosts-less_than_srv_records.yml +15 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srvMaxHosts-zero-txt.yml +15 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/srvMaxHosts-zero.yml +15 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/uri-with-admin-database.yml +13 -0
- data/spec/spec_tests/data/seed_list_discovery/replica-set/uri-with-auth.yml +12 -0
- data/spec/spec_tests/data/seed_list_discovery/sharded/srvMaxHosts-equal_to_srv_records.yml +13 -0
- data/spec/spec_tests/data/seed_list_discovery/sharded/srvMaxHosts-greater_than_srv_records.yml +12 -0
- data/spec/spec_tests/data/seed_list_discovery/sharded/srvMaxHosts-less_than_srv_records.yml +10 -0
- data/spec/spec_tests/data/seed_list_discovery/sharded/srvMaxHosts-zero.yml +11 -0
- data/spec/spec_tests/data/server_selection/Unknown/read/ghost.yml +11 -0
- data/spec/spec_tests/data/server_selection/Unknown/write/ghost.yml +11 -0
- data/spec/spec_tests/data/sessions_unified/driver-sessions-server-support.yml +123 -0
- data/spec/spec_tests/data/sessions_unified/snapshot-sessions-not-supported-client-error.yml +75 -0
- data/spec/spec_tests/data/sessions_unified/snapshot-sessions-not-supported-server-error.yml +102 -0
- data/spec/spec_tests/data/sessions_unified/snapshot-sessions-unsupported-ops.yml +258 -0
- data/spec/spec_tests/data/sessions_unified/snapshot-sessions.yml +482 -0
- data/spec/spec_tests/data/transactions/error-labels.yml +1 -1
- data/spec/spec_tests/data/transactions/errors-client.yml +8 -9
- data/spec/spec_tests/data/transactions/mongos-recovery-token.yml +1 -1
- data/spec/spec_tests/data/transactions/retryable-abort.yml +7 -7
- data/spec/spec_tests/data/transactions/retryable-commit.yml +7 -7
- data/spec/spec_tests/data/transactions_unified/do-not-retry-read-in-transaction.yml +64 -0
- data/spec/spec_tests/data/transactions_unified/retryable-abort-handshake.yml +118 -0
- data/spec/spec_tests/data/transactions_unified/retryable-commit-handshake.yml +118 -0
- data/spec/spec_tests/data/unified/invalid/expectedEventsForClient-ignoreExtraEvents-type.yml +15 -0
- data/spec/spec_tests/data/unified/valid-fail/operation-unsupported.yml +13 -0
- data/spec/spec_tests/data/unified/valid-pass/expectedEventsForClient-ignoreExtraEvents.yml +78 -0
- data/spec/spec_tests/data/unified/valid-pass/poc-change-streams.yml +4 -1
- data/spec/spec_tests/data/unified/valid-pass/poc-command-monitoring.yml +3 -3
- data/spec/spec_tests/data/unified/valid-pass/poc-transactions.yml +3 -2
- data/spec/spec_tests/data/uri_options/connection-options.yml +60 -0
- data/spec/spec_tests/data/uri_options/srv-options.yml +96 -0
- data/spec/spec_tests/data/versioned_api/crud-api-version-1-strict.yml +6 -4
- data/spec/spec_tests/data/versioned_api/crud-api-version-1.yml +7 -5
- data/spec/spec_tests/gridfs_unified_spec.rb +13 -0
- data/spec/spec_tests/load_balancers_spec.rb +15 -0
- data/spec/spec_tests/retryable_reads_spec.rb +6 -3
- data/spec/spec_tests/retryable_reads_unified_spec.rb +22 -0
- data/spec/spec_tests/retryable_writes_spec.rb +5 -2
- data/spec/spec_tests/retryable_writes_unified_spec.rb +21 -0
- data/spec/spec_tests/sdam_integration_spec.rb +1 -1
- data/spec/spec_tests/sdam_monitoring_spec.rb +10 -5
- data/spec/spec_tests/sdam_spec.rb +1 -1
- data/spec/spec_tests/seed_list_discovery_spec.rb +127 -0
- data/spec/spec_tests/sessions_unified_spec.rb +13 -0
- data/spec/spec_tests/unified_spec.rb +6 -1
- data/spec/spec_tests/uri_options_spec.rb +4 -4
- data/spec/stress/connection_pool_timing_spec.rb +3 -2
- data/spec/stress/fork_reconnect_stress_spec.rb +4 -7
- data/spec/stress/push_monitor_close_spec.rb +44 -0
- data/spec/support/authorization.rb +1 -1
- data/spec/support/background_thread_registry.rb +3 -13
- data/spec/support/certificates/atlas-ocsp-ca.crt +81 -96
- data/spec/support/certificates/atlas-ocsp.crt +125 -125
- data/spec/support/certificates/retrieve-atlas-cert +38 -0
- data/spec/support/cluster_tools.rb +1 -1
- data/spec/support/common_shortcuts.rb +24 -3
- data/spec/support/crypt/corpus/corpus-encrypted.json +9515 -0
- data/spec/support/crypt/corpus/corpus-key-aws.json +32 -32
- data/spec/support/crypt/corpus/corpus-key-azure.json +33 -0
- data/spec/support/crypt/corpus/corpus-key-gcp.json +35 -0
- data/spec/support/crypt/corpus/corpus-key-kmip.json +32 -0
- data/spec/support/crypt/corpus/corpus-key-local.json +30 -30
- data/spec/support/crypt/corpus/corpus-schema.json +4399 -121
- data/spec/support/crypt/corpus/corpus.json +4999 -37
- data/spec/support/crypt/data_keys/key_document_azure.json +33 -0
- data/spec/support/crypt/data_keys/key_document_gcp.json +37 -0
- data/spec/support/crypt/data_keys/key_document_kmip.json +32 -0
- data/spec/support/crypt/encryptedFields.json +33 -0
- data/spec/support/crypt/keys/key1-document.json +30 -0
- data/spec/support/crypt/schema_maps/schema_map_azure.json +17 -0
- data/spec/support/crypt/schema_maps/schema_map_azure_key_alt_names.json +12 -0
- data/spec/support/crypt/schema_maps/schema_map_gcp.json +17 -0
- data/spec/support/crypt/schema_maps/schema_map_gcp_key_alt_names.json +12 -0
- data/spec/support/crypt/schema_maps/schema_map_kmip.json +17 -0
- data/spec/support/crypt/schema_maps/schema_map_kmip_key_alt_names.json +12 -0
- data/spec/support/crypt.rb +258 -13
- data/spec/support/macros.rb +28 -0
- data/spec/support/matchers.rb +13 -0
- data/spec/support/mongos_macros.rb +17 -0
- data/spec/support/shared/auth_context.rb +16 -0
- data/spec/support/shared/scram_conversation.rb +2 -1
- data/spec/support/shared/session.rb +15 -9
- data/spec/support/spec_config.rb +100 -12
- data/spec/support/using_hash.rb +31 -0
- data/spec/support/utils.rb +57 -5
- data.tar.gz.sig +0 -0
- metadata +778 -381
- metadata.gz.sig +0 -0
- data/lib/mongo/collection/view/builder/find_command.rb +0 -173
- data/lib/mongo/collection/view/builder/op_query.rb +0 -94
- data/lib/mongo/cursor/builder/get_more_command.rb +0 -80
- data/lib/mongo/cursor/builder/kill_cursors_command.rb +0 -111
- data/lib/mongo/cursor/builder/op_get_more.rb +0 -64
- data/lib/mongo/cursor/builder/op_kill_cursors.rb +0 -106
- data/lib/mongo/operation/insert/legacy.rb +0 -68
- data/lib/mongo/operation/update/legacy/result.rb +0 -112
- data/lib/mongo/operation/update/legacy.rb +0 -68
- data/lib/mongo/server/context.rb +0 -72
- data/spec/mongo/cursor/builder/op_kill_cursors_spec.rb +0 -66
- data/spec/mongo/dbref_spec.rb +0 -152
- data/spec/mongo/operation/kill_cursors_spec.rb +0 -44
- data/spec/runners/unified/using_hash.rb +0 -34
- data/spec/spec_tests/change_streams_spec.rb +0 -93
- data/spec/spec_tests/command_monitoring_spec.rb +0 -71
- data/spec/spec_tests/data/change_streams/change-streams-errors.yml +0 -101
- data/spec/spec_tests/data/change_streams/change-streams-resume-allowlist.yml +0 -1173
- data/spec/spec_tests/data/change_streams/change-streams-resume-errorLabels.yml +0 -1105
- data/spec/spec_tests/data/change_streams/change-streams.yml +0 -535
- data/spec/spec_tests/data/command_monitoring/bulkWrite.yml +0 -49
- data/spec/spec_tests/data/command_monitoring/command.yml +0 -61
- data/spec/spec_tests/data/command_monitoring/deleteMany.yml +0 -55
- data/spec/spec_tests/data/command_monitoring/deleteOne.yml +0 -55
- data/spec/spec_tests/data/command_monitoring/find.yml +0 -266
- data/spec/spec_tests/data/command_monitoring/insertMany.yml +0 -75
- data/spec/spec_tests/data/command_monitoring/insertOne.yml +0 -51
- data/spec/spec_tests/data/command_monitoring/unacknowledgedBulkWrite.yml +0 -34
- data/spec/spec_tests/data/command_monitoring/updateMany.yml +0 -65
- data/spec/spec_tests/data/command_monitoring/updateOne.yml +0 -90
- data/spec/spec_tests/data/crud_v2/aggregate-merge.yml +0 -103
- data/spec/spec_tests/data/crud_v2/aggregate-out-readConcern.yml +0 -111
- data/spec/spec_tests/data/crud_v2/bulkWrite-arrayFilters.yml +0 -103
- data/spec/spec_tests/data/crud_v2/bulkWrite-delete-hint-clientError.yml +0 -63
- data/spec/spec_tests/data/crud_v2/bulkWrite-delete-hint-serverError.yml +0 -92
- data/spec/spec_tests/data/crud_v2/bulkWrite-delete-hint.yml +0 -103
- data/spec/spec_tests/data/crud_v2/bulkWrite-update-hint-clientError.yml +0 -90
- data/spec/spec_tests/data/crud_v2/bulkWrite-update-hint-serverError.yml +0 -147
- data/spec/spec_tests/data/crud_v2/bulkWrite-update-hint.yml +0 -164
- data/spec/spec_tests/data/crud_v2/db-aggregate.yml +0 -39
- data/spec/spec_tests/data/crud_v2/deleteMany-hint-clientError.yml +0 -43
- data/spec/spec_tests/data/crud_v2/deleteMany-hint-serverError.yml +0 -62
- data/spec/spec_tests/data/crud_v2/deleteMany-hint.yml +0 -58
- data/spec/spec_tests/data/crud_v2/deleteOne-hint-clientError.yml +0 -41
- data/spec/spec_tests/data/crud_v2/deleteOne-hint-serverError.yml +0 -60
- data/spec/spec_tests/data/crud_v2/deleteOne-hint.yml +0 -57
- data/spec/spec_tests/data/crud_v2/find-allowdiskuse-clientError.yml +0 -28
- data/spec/spec_tests/data/crud_v2/find-allowdiskuse-serverError.yml +0 -44
- data/spec/spec_tests/data/crud_v2/find-allowdiskuse.yml +0 -50
- data/spec/spec_tests/data/crud_v2/findOneAndDelete-hint-clientError.yml +0 -45
- data/spec/spec_tests/data/crud_v2/findOneAndDelete-hint-serverError.yml +0 -60
- data/spec/spec_tests/data/crud_v2/findOneAndDelete-hint.yml +0 -56
- data/spec/spec_tests/data/crud_v2/findOneAndReplace-hint-clientError.yml +0 -40
- data/spec/spec_tests/data/crud_v2/findOneAndReplace-hint-serverError.yml +0 -59
- data/spec/spec_tests/data/crud_v2/findOneAndReplace-hint.yml +0 -55
- data/spec/spec_tests/data/crud_v2/findOneAndUpdate-hint-clientError.yml +0 -40
- data/spec/spec_tests/data/crud_v2/findOneAndUpdate-hint-serverError.yml +0 -58
- data/spec/spec_tests/data/crud_v2/findOneAndUpdate-hint.yml +0 -55
- data/spec/spec_tests/data/crud_v2/replaceOne-hint.yml +0 -61
- data/spec/spec_tests/data/crud_v2/unacknowledged-bulkWrite-delete-hint-clientError.yml +0 -60
- data/spec/spec_tests/data/crud_v2/unacknowledged-bulkWrite-update-hint-clientError.yml +0 -88
- data/spec/spec_tests/data/crud_v2/unacknowledged-deleteMany-hint-clientError.yml +0 -40
- data/spec/spec_tests/data/crud_v2/unacknowledged-deleteOne-hint-clientError.yml +0 -38
- data/spec/spec_tests/data/crud_v2/unacknowledged-findOneAndDelete-hint-clientError.yml +0 -42
- data/spec/spec_tests/data/crud_v2/unacknowledged-findOneAndReplace-hint-clientError.yml +0 -40
- data/spec/spec_tests/data/crud_v2/unacknowledged-findOneAndUpdate-hint-clientError.yml +0 -40
- data/spec/spec_tests/data/crud_v2/unacknowledged-replaceOne-hint-clientError.yml +0 -40
- data/spec/spec_tests/data/crud_v2/unacknowledged-updateMany-hint-clientError.yml +0 -43
- data/spec/spec_tests/data/crud_v2/unacknowledged-updateOne-hint-clientError.yml +0 -40
- data/spec/spec_tests/data/crud_v2/updateMany-hint-clientError.yml +0 -45
- data/spec/spec_tests/data/crud_v2/updateMany-hint-serverError.yml +0 -66
- data/spec/spec_tests/data/crud_v2/updateMany-hint.yml +0 -65
- data/spec/spec_tests/data/crud_v2/updateOne-hint-clientError.yml +0 -43
- data/spec/spec_tests/data/crud_v2/updateOne-hint-serverError.yml +0 -62
- data/spec/spec_tests/data/crud_v2/updateOne-hint.yml +0 -61
- data/spec/spec_tests/data/crud_v2/updateWithPipelines.yml +0 -157
- data/spec/spec_tests/data/retryable_reads/estimatedDocumentCount-4.9.yml +0 -60
- data/spec/spec_tests/data/retryable_reads/estimatedDocumentCount-serverErrors-4.9.yml +0 -146
- data/spec/spec_tests/dns_seedlist_discovery_spec.rb +0 -79
- data/spec/support/crypt/corpus/corpus_encrypted.json +0 -4152
- data/spec/support/event_subscriber.rb +0 -221
- data/spec/support/session_registry.rb +0 -55
- /data/spec/spec_tests/data/retryable_reads/{aggregate-merge.yml → legacy/aggregate-merge.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{aggregate-serverErrors.yml → legacy/aggregate-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{aggregate.yml → legacy/aggregate.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{count-serverErrors.yml → legacy/count-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{count.yml → legacy/count.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{countDocuments-serverErrors.yml → legacy/countDocuments-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{countDocuments.yml → legacy/countDocuments.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{distinct-serverErrors.yml → legacy/distinct-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{distinct.yml → legacy/distinct.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{find-serverErrors.yml → legacy/find-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{find.yml → legacy/find.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{findOne-serverErrors.yml → legacy/findOne-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{findOne.yml → legacy/findOne.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{gridfs-download-serverErrors.yml → legacy/gridfs-download-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{gridfs-download.yml → legacy/gridfs-download.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{gridfs-downloadByName-serverErrors.yml → legacy/gridfs-downloadByName-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{gridfs-downloadByName.yml → legacy/gridfs-downloadByName.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listCollectionNames-serverErrors.yml → legacy/listCollectionNames-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listCollectionNames.yml → legacy/listCollectionNames.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listCollectionObjects-serverErrors.yml → legacy/listCollectionObjects-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listCollectionObjects.yml → legacy/listCollectionObjects.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listCollections-serverErrors.yml → legacy/listCollections-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listCollections.yml → legacy/listCollections.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listDatabaseNames-serverErrors.yml → legacy/listDatabaseNames-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listDatabaseNames.yml → legacy/listDatabaseNames.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listDatabaseObjects-serverErrors.yml → legacy/listDatabaseObjects-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listDatabaseObjects.yml → legacy/listDatabaseObjects.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listDatabases-serverErrors.yml → legacy/listDatabases-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listDatabases.yml → legacy/listDatabases.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listIndexNames-serverErrors.yml → legacy/listIndexNames-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listIndexNames.yml → legacy/listIndexNames.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listIndexes-serverErrors.yml → legacy/listIndexes-serverErrors.yml} +0 -0
- /data/spec/spec_tests/data/retryable_reads/{listIndexes.yml → legacy/listIndexes.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{bulkWrite-errorLabels.yml → legacy/bulkWrite-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{bulkWrite.yml → legacy/bulkWrite.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{deleteMany.yml → legacy/deleteMany.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{deleteOne-errorLabels.yml → legacy/deleteOne-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{deleteOne.yml → legacy/deleteOne.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{findOneAndDelete-errorLabels.yml → legacy/findOneAndDelete-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{findOneAndDelete.yml → legacy/findOneAndDelete.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{findOneAndReplace-errorLabels.yml → legacy/findOneAndReplace-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{findOneAndReplace.yml → legacy/findOneAndReplace.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{findOneAndUpdate-errorLabels.yml → legacy/findOneAndUpdate-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{findOneAndUpdate.yml → legacy/findOneAndUpdate.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{insertMany-errorLabels.yml → legacy/insertMany-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{insertMany.yml → legacy/insertMany.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{insertOne-errorLabels.yml → legacy/insertOne-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{insertOne.yml → legacy/insertOne.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{replaceOne-errorLabels.yml → legacy/replaceOne-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{replaceOne.yml → legacy/replaceOne.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{updateMany.yml → legacy/updateMany.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{updateOne-errorLabels.yml → legacy/updateOne-errorLabels.yml} +0 -0
- /data/spec/spec_tests/data/retryable_writes/{updateOne.yml → legacy/updateOne.yml} +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/direct-connection-false.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/direct-connection-true.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/longer-parent-in-return.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/misformatted-option.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/no-results.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/not-enough-parts.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/one-result-default-port.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/one-txt-record-multiple-strings.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/one-txt-record.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/parent-part-mismatch1.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/parent-part-mismatch2.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/parent-part-mismatch3.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/parent-part-mismatch4.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/parent-part-mismatch5.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/returned-parent-too-short.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/returned-parent-wrong.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/two-results-default-port.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/two-results-nonstandard-port.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/two-txt-records.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/txt-record-not-allowed-option.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/txt-record-with-overridden-ssl-option.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/txt-record-with-overridden-uri-option.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/txt-record-with-unallowed-option.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/uri-with-port.yml +0 -0
- /data/spec/spec_tests/data/{dns_seedlist_discovery → seed_list_discovery/replica-set}/uri-with-two-hosts.yml +0 -0
data/lib/mongo/crypt/context.rb
CHANGED
@@ -35,13 +35,14 @@ module Mongo
|
|
35
35
|
# that implements driver I/O methods required to run the
|
36
36
|
# state machine.
|
37
37
|
def initialize(mongocrypt_handle, io)
|
38
|
+
@mongocrypt_handle = mongocrypt_handle
|
38
39
|
# Ideally, this level of the API wouldn't be passing around pointer
|
39
40
|
# references between objects, so this method signature is subject to change.
|
40
41
|
|
41
42
|
# FFI::AutoPointer uses a custom release strategy to automatically free
|
42
43
|
# the pointer once this object goes out of scope
|
43
44
|
@ctx_p = FFI::AutoPointer.new(
|
44
|
-
Binding.mongocrypt_ctx_new(mongocrypt_handle.ref),
|
45
|
+
Binding.mongocrypt_ctx_new(@mongocrypt_handle.ref),
|
45
46
|
Binding.method(:mongocrypt_ctx_destroy)
|
46
47
|
)
|
47
48
|
|
@@ -103,7 +104,9 @@ module Mongo
|
|
103
104
|
mongocrypt_done
|
104
105
|
when :need_kms
|
105
106
|
while kms_context = Binding.ctx_next_kms_ctx(self) do
|
106
|
-
|
107
|
+
provider = Binding.kms_ctx_get_kms_provider(kms_context)
|
108
|
+
tls_options = @mongocrypt_handle.kms_tls_options(provider)
|
109
|
+
@encryption_io.feed_kms(kms_context, tls_options)
|
107
110
|
end
|
108
111
|
|
109
112
|
Binding.ctx_kms_done(self)
|
@@ -19,7 +19,7 @@ module Mongo
|
|
19
19
|
module Crypt
|
20
20
|
|
21
21
|
# A Context object initialized specifically for the purpose of creating
|
22
|
-
# a data key in the key
|
22
|
+
# a data key in the key management system.
|
23
23
|
#
|
24
24
|
# @api private
|
25
25
|
class DataKeyContext < Context
|
@@ -30,116 +30,24 @@ module Mongo
|
|
30
30
|
# wraps a mongocrypt_t object used to create a new mongocrypt_ctx_t
|
31
31
|
# @param [ Mongo::Crypt::EncryptionIO ] io An object that performs all
|
32
32
|
# driver I/O on behalf of libmongocrypt
|
33
|
-
# @param [
|
34
|
-
#
|
35
|
-
# @param [
|
36
|
-
#
|
37
|
-
# @option options [ Hash ] :master_key A Hash of options related to the AWS
|
38
|
-
# KMS provider option. Required if kms_provider is "aws".
|
39
|
-
# - :region [ String ] The The AWS region of the master key (required).
|
40
|
-
# - :key [ String ] The Amazon Resource Name (ARN) of the master key (required).
|
41
|
-
# - :endpoint [ String ] An alternate host to send KMS requests to (optional).
|
42
|
-
# @option options [ Array<String> ] :key_alt_names An optional array of strings specifying
|
33
|
+
# @param [ Mongo::Crypt::KMS::MasterKeyDocument ] master_key_document The master
|
34
|
+
# key document that contains master encryption key parameters.
|
35
|
+
# @param [ Array<String> | nil ] key_alt_names An optional array of strings specifying
|
43
36
|
# alternate names for the new data key.
|
44
|
-
|
37
|
+
# @param [ String | nil ] :key_material Optional
|
38
|
+
# 96 bytes to use as custom key material for the data key being created.
|
39
|
+
# If :key_material option is given, the custom key material is used
|
40
|
+
# for encrypting and decrypting data.
|
41
|
+
def initialize(mongocrypt, io, master_key_document, key_alt_names, key_material)
|
45
42
|
super(mongocrypt, io)
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
Binding.ctx_setopt_master_key_local(self)
|
50
|
-
when 'aws'
|
51
|
-
unless options
|
52
|
-
raise ArgumentError.new(
|
53
|
-
'When "aws" is specified as the KMS provider, options cannot be nil'
|
54
|
-
)
|
55
|
-
end
|
56
|
-
|
57
|
-
unless options.key?(:master_key)
|
58
|
-
raise ArgumentError.new(
|
59
|
-
'When "aws" is specified as the KMS provider, the options Hash ' +
|
60
|
-
'must contain a key named :master_key with a Hash value in the ' +
|
61
|
-
'{ region: "AWS-REGION", key: "AWS-KEY-ARN" }'
|
62
|
-
)
|
63
|
-
end
|
64
|
-
|
65
|
-
master_key_opts = options[:master_key]
|
66
|
-
|
67
|
-
set_aws_master_key(master_key_opts)
|
68
|
-
set_aws_endpoint(master_key_opts[:endpoint]) if master_key_opts[:endpoint]
|
69
|
-
else
|
70
|
-
raise ArgumentError.new(
|
71
|
-
"#{kms_provider} is an invalid kms provider. " +
|
72
|
-
"Valid options are 'aws' and 'local'"
|
73
|
-
)
|
74
|
-
end
|
75
|
-
|
76
|
-
set_key_alt_names(options[:key_alt_names]) if options[:key_alt_names]
|
43
|
+
Binding.ctx_setopt_key_encryption_key(self, master_key_document.to_document)
|
44
|
+
set_key_alt_names(key_alt_names) if key_alt_names
|
45
|
+
Binding.ctx_setopt_key_material(self, BSON::Binary.new(key_material)) if key_material
|
77
46
|
initialize_ctx
|
78
47
|
end
|
79
48
|
|
80
49
|
private
|
81
50
|
|
82
|
-
# Configure the underlying mongocrypt_ctx_t object to accept AWS
|
83
|
-
# KMS options
|
84
|
-
def set_aws_master_key(master_key_opts)
|
85
|
-
unless master_key_opts
|
86
|
-
raise ArgumentError.new('The :master_key option cannot be nil')
|
87
|
-
end
|
88
|
-
|
89
|
-
unless master_key_opts.is_a?(Hash)
|
90
|
-
raise ArgumentError.new(
|
91
|
-
"#{master_key_opts} is an invalid :master_key option. " +
|
92
|
-
"The :master_key option must be a Hash in the format " +
|
93
|
-
"{ region: 'AWS-REGION', key: 'AWS-KEY-ARN' }"
|
94
|
-
)
|
95
|
-
end
|
96
|
-
|
97
|
-
region = master_key_opts[:region]
|
98
|
-
unless region
|
99
|
-
raise ArgumentError.new(
|
100
|
-
'The value of :region option of the :master_key options hash cannot be nil'
|
101
|
-
)
|
102
|
-
end
|
103
|
-
|
104
|
-
unless region.is_a?(String)
|
105
|
-
raise ArgumentError.new(
|
106
|
-
"#{master_key_opts[:region]} is an invalid AWS master_key region. " +
|
107
|
-
"The value of :region option of the :master_key options hash must be a String"
|
108
|
-
)
|
109
|
-
end
|
110
|
-
|
111
|
-
key = master_key_opts[:key]
|
112
|
-
unless key
|
113
|
-
raise ArgumentError.new(
|
114
|
-
'The value of :key option of the :master_key options hash cannot be nil'
|
115
|
-
)
|
116
|
-
end
|
117
|
-
|
118
|
-
unless key.is_a?(String)
|
119
|
-
raise ArgumentError.new(
|
120
|
-
"#{master_key_opts[:key]} is an invalid AWS master_key key. " +
|
121
|
-
"The value of :key option of the :master_key options hash must be a String"
|
122
|
-
)
|
123
|
-
end
|
124
|
-
|
125
|
-
Binding.ctx_setopt_master_key_aws(
|
126
|
-
self,
|
127
|
-
region,
|
128
|
-
key,
|
129
|
-
)
|
130
|
-
end
|
131
|
-
|
132
|
-
def set_aws_endpoint(endpoint)
|
133
|
-
unless endpoint.is_a?(String)
|
134
|
-
raise ArgumentError.new(
|
135
|
-
"#{endpoint} is an invalid AWS master_key endpoint. " +
|
136
|
-
"The value of :endpoint option of the :master_key options hash must be a String"
|
137
|
-
)
|
138
|
-
end
|
139
|
-
|
140
|
-
Binding.ctx_setopt_master_key_aws_endpoint(self, endpoint)
|
141
|
-
end
|
142
|
-
|
143
51
|
# Set the alt names option on the context
|
144
52
|
def set_key_alt_names(key_alt_names)
|
145
53
|
unless key_alt_names.is_a?(Array)
|
@@ -38,6 +38,8 @@ module Mongo
|
|
38
38
|
# defaults to nil.
|
39
39
|
# @param [ Mongo::Client ] key_vault_client The client connected to the
|
40
40
|
# key vault collection.
|
41
|
+
# @param [ Mongo::Client | nil ] metadata_client The client to be used to
|
42
|
+
# obtain collection metadata.
|
41
43
|
# @param [ String ] key_vault_namespace The key vault namespace in the format
|
42
44
|
# db_name.collection_name.
|
43
45
|
# @param [ Hash ] mongocryptd_options Options related to mongocryptd.
|
@@ -54,7 +56,7 @@ module Mongo
|
|
54
56
|
# options are not nil and are in the correct format.
|
55
57
|
def initialize(
|
56
58
|
client: nil, mongocryptd_client: nil, key_vault_namespace:,
|
57
|
-
key_vault_client:, mongocryptd_options: {}
|
59
|
+
key_vault_client:, metadata_client:, mongocryptd_options: {}
|
58
60
|
)
|
59
61
|
validate_key_vault_client!(key_vault_client)
|
60
62
|
validate_key_vault_namespace!(key_vault_namespace)
|
@@ -63,6 +65,7 @@ module Mongo
|
|
63
65
|
@mongocryptd_client = mongocryptd_client
|
64
66
|
@key_vault_db_name, @key_vault_collection_name = key_vault_namespace.split('.')
|
65
67
|
@key_vault_client = key_vault_client
|
68
|
+
@metadata_client = metadata_client
|
66
69
|
@options = mongocryptd_options
|
67
70
|
end
|
68
71
|
|
@@ -91,11 +94,11 @@ module Mongo
|
|
91
94
|
#
|
92
95
|
# @return [ Hash ] The collection information
|
93
96
|
def collection_info(db_name, filter)
|
94
|
-
unless @
|
95
|
-
raise ArgumentError, 'collection_info requires
|
97
|
+
unless @metadata_client
|
98
|
+
raise ArgumentError, 'collection_info requires metadata_client to have been passed to the constructor, but it was not'
|
96
99
|
end
|
97
100
|
|
98
|
-
@
|
101
|
+
@metadata_client.use(db_name).database.list_collections(filter: filter).first
|
99
102
|
end
|
100
103
|
|
101
104
|
# Send the command to mongocryptd to be marked with intent-to-encrypt markings
|
@@ -124,16 +127,17 @@ module Mongo
|
|
124
127
|
return response.first
|
125
128
|
end
|
126
129
|
|
127
|
-
# Get information about the
|
130
|
+
# Get information about the remote KMS encryption key and feed it to the the
|
128
131
|
# KmsContext object
|
129
132
|
#
|
130
133
|
# @param [ Mongo::Crypt::KmsContext ] kms_context A KmsContext object
|
131
|
-
# corresponding to one
|
134
|
+
# corresponding to one remote KMS data key. Contains information about
|
132
135
|
# the endpoint at which to establish a TLS connection and the message
|
133
136
|
# to send on that connection.
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
+
# @param [ Hash ] tls_options. TLS options to connect to KMS provider.
|
138
|
+
# The options are same as for Mongo::Client.
|
139
|
+
def feed_kms(kms_context, tls_options)
|
140
|
+
with_ssl_socket(kms_context.endpoint, tls_options) do |ssl_socket|
|
137
141
|
Timeout.timeout(SOCKET_TIMEOUT, Error::SocketTimeoutError,
|
138
142
|
'Socket write operation timed out'
|
139
143
|
) do
|
@@ -154,6 +158,72 @@ module Mongo
|
|
154
158
|
end
|
155
159
|
end
|
156
160
|
|
161
|
+
# Adds a key_alt_name to the key_alt_names array of the key document
|
162
|
+
# in the key vault collection with the given id.
|
163
|
+
def add_key_alt_name(id, key_alt_name)
|
164
|
+
key_vault_collection.find_one_and_update(
|
165
|
+
{ _id: id },
|
166
|
+
{ '$addToSet' => { keyAltNames: key_alt_name } },
|
167
|
+
)
|
168
|
+
end
|
169
|
+
|
170
|
+
# Removes the key document with the given id
|
171
|
+
# from the key vault collection.
|
172
|
+
def delete_key(id)
|
173
|
+
key_vault_collection.delete_one(_id: id)
|
174
|
+
end
|
175
|
+
|
176
|
+
# Finds a single key document with the given id.
|
177
|
+
def get_key(id)
|
178
|
+
key_vault_collection.find(_id: id).first
|
179
|
+
end
|
180
|
+
|
181
|
+
# Returns a key document in the key vault collection with
|
182
|
+
# the given key_alt_name.
|
183
|
+
def get_key_by_alt_name(key_alt_name)
|
184
|
+
key_vault_collection.find(keyAltNames: key_alt_name).first
|
185
|
+
end
|
186
|
+
|
187
|
+
# Finds all documents in the key vault collection.
|
188
|
+
def get_keys
|
189
|
+
key_vault_collection.find
|
190
|
+
end
|
191
|
+
|
192
|
+
# Removes a key_alt_name from the key_alt_names array of the key document
|
193
|
+
# in the key vault collection with the given id.
|
194
|
+
def remove_key_alt_name(id, key_alt_name)
|
195
|
+
key_vault_collection.find_one_and_update(
|
196
|
+
{ _id: id },
|
197
|
+
[
|
198
|
+
{
|
199
|
+
'$set' => {
|
200
|
+
keyAltNames: {
|
201
|
+
'$cond' => [
|
202
|
+
{ '$eq' => [ '$keyAltNames', [ key_alt_name ] ] },
|
203
|
+
'$$REMOVE',
|
204
|
+
{
|
205
|
+
'$filter' => {
|
206
|
+
input: '$keyAltNames',
|
207
|
+
cond: { '$ne' => [ '$$this', key_alt_name ] }
|
208
|
+
}
|
209
|
+
}
|
210
|
+
]
|
211
|
+
}
|
212
|
+
}
|
213
|
+
}
|
214
|
+
]
|
215
|
+
)
|
216
|
+
end
|
217
|
+
|
218
|
+
# Apply given requests to the key vault collection using bulk write.
|
219
|
+
#
|
220
|
+
# @param [ Array<Hash> ] requests The bulk write requests.
|
221
|
+
#
|
222
|
+
# @return [ BulkWrite::Result ] The result of the operation.
|
223
|
+
def update_data_keys(updates)
|
224
|
+
key_vault_collection.bulk_write(updates)
|
225
|
+
end
|
226
|
+
|
157
227
|
private
|
158
228
|
|
159
229
|
def validate_key_vault_client!(key_vault_client)
|
@@ -242,6 +312,8 @@ module Mongo
|
|
242
312
|
# Provide a TLS socket to be used for KMS calls in a block API
|
243
313
|
#
|
244
314
|
# @param [ String ] endpoint The URI at which to connect the TLS socket.
|
315
|
+
# @param [ Hash ] tls_options. TLS options to connect to KMS provider.
|
316
|
+
# The options are same as for Mongo::Client.
|
245
317
|
# @yieldparam [ OpenSSL::SSL::SSLSocket ] ssl_socket Yields a TLS socket
|
246
318
|
# connected to the specified endpoint.
|
247
319
|
#
|
@@ -250,59 +322,21 @@ module Mongo
|
|
250
322
|
#
|
251
323
|
# @note The socket is always closed when the provided block has finished
|
252
324
|
# executing
|
253
|
-
def with_ssl_socket(endpoint)
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
tcp_socket = TCPSocket.open(host, port)
|
259
|
-
begin
|
260
|
-
tcp_socket.setsockopt(::Socket::IPPROTO_TCP, ::Socket::TCP_NODELAY, 1)
|
261
|
-
|
262
|
-
ssl_socket = OpenSSL::SSL::SSLSocket.new(tcp_socket)
|
263
|
-
begin
|
264
|
-
# tcp_socket will be closed when ssl_socket is closed
|
265
|
-
ssl_socket.sync_close = true
|
266
|
-
# perform SNI
|
267
|
-
ssl_socket.hostname = "#{host}:#{port}"
|
268
|
-
|
269
|
-
Timeout.timeout(
|
270
|
-
SOCKET_TIMEOUT,
|
271
|
-
Error::SocketTimeoutError,
|
272
|
-
"KMS socket connection timed out after #{SOCKET_TIMEOUT} seconds",
|
273
|
-
) do
|
274
|
-
ssl_socket.connect
|
275
|
-
end
|
276
|
-
|
277
|
-
yield(ssl_socket)
|
278
|
-
ensure
|
279
|
-
begin
|
280
|
-
Timeout.timeout(
|
281
|
-
SOCKET_TIMEOUT,
|
282
|
-
Error::SocketTimeoutError,
|
283
|
-
'KMS TLS socket close timed out'
|
284
|
-
) do
|
285
|
-
ssl_socket.sysclose
|
286
|
-
end
|
287
|
-
rescue
|
288
|
-
end
|
289
|
-
end
|
290
|
-
ensure
|
291
|
-
# Still close tcp socket manually in case TLS socket creation
|
292
|
-
# fails.
|
293
|
-
begin
|
294
|
-
Timeout.timeout(
|
295
|
-
SOCKET_TIMEOUT,
|
296
|
-
Error::SocketTimeoutError,
|
297
|
-
'KMS TCP socket close timed out'
|
298
|
-
) do
|
299
|
-
tcp_socket.close
|
300
|
-
end
|
301
|
-
rescue
|
302
|
-
end
|
325
|
+
def with_ssl_socket(endpoint, tls_options)
|
326
|
+
address = begin
|
327
|
+
host, port = endpoint.split(':')
|
328
|
+
port ||= 443 # All supported KMS APIs use this port by default.
|
329
|
+
Address.new([host, port].join(':'))
|
303
330
|
end
|
331
|
+
mongo_socket = address.socket(
|
332
|
+
SOCKET_TIMEOUT,
|
333
|
+
tls_options.merge(ssl: true)
|
334
|
+
)
|
335
|
+
yield(mongo_socket.socket)
|
304
336
|
rescue => e
|
305
|
-
raise Error::KmsError, "Error
|
337
|
+
raise Error::KmsError, "Error when connecting to KMS provider: #{e.class}: #{e.message}"
|
338
|
+
ensure
|
339
|
+
mongo_socket&.close
|
306
340
|
end
|
307
341
|
end
|
308
342
|
end
|
@@ -29,15 +29,22 @@ module Mongo
|
|
29
29
|
# to connect to the key vault collection.
|
30
30
|
# @param [ String ] key_vault_namespace The namespace of the key vault
|
31
31
|
# collection in the format "db_name.collection_name".
|
32
|
-
# @
|
33
|
-
# configuration information.
|
34
|
-
#
|
35
|
-
|
36
|
-
|
37
|
-
|
32
|
+
# @param [ Crypt::KMS::Credentials ] kms_providers A hash of key management service
|
33
|
+
# configuration information.
|
34
|
+
# @param [ Hash ] kms_tls_options TLS options to connect to KMS
|
35
|
+
# providers. Keys of the hash should be KSM provider names; values
|
36
|
+
# should be hashes of TLS connection options. The options are equivalent
|
37
|
+
# to TLS connection options of Mongo::Client.
|
38
|
+
def initialize(key_vault_client, key_vault_namespace, kms_providers, kms_tls_options)
|
39
|
+
@crypt_handle = Handle.new(
|
40
|
+
kms_providers,
|
41
|
+
kms_tls_options,
|
42
|
+
explicit_encryption_only: true
|
43
|
+
)
|
38
44
|
@encryption_io = EncryptionIO.new(
|
39
45
|
key_vault_client: key_vault_client,
|
40
|
-
|
46
|
+
metadata_client: nil,
|
47
|
+
key_vault_namespace: key_vault_namespace,
|
41
48
|
)
|
42
49
|
end
|
43
50
|
|
@@ -45,30 +52,24 @@ module Mongo
|
|
45
52
|
# that key in the KMS collection. The generated key is encrypted with
|
46
53
|
# the KMS master key.
|
47
54
|
#
|
48
|
-
# @param [
|
49
|
-
#
|
50
|
-
# @param [
|
51
|
-
#
|
52
|
-
# @option options [ Hash ] :master_key Information about the AWS master key. Required
|
53
|
-
# if kms_provider is "aws".
|
54
|
-
# - :region [ String ] The The AWS region of the master key (required).
|
55
|
-
# - :key [ String ] The Amazon Resource Name (ARN) of the master key (required).
|
56
|
-
# - :endpoint [ String ] An alternate host to send KMS requests to (optional).
|
57
|
-
# endpoint should be a host name with an optional port number separated
|
58
|
-
# by a colon (e.g. "kms.us-east-1.amazonaws.com" or
|
59
|
-
# "kms.us-east-1.amazonaws.com:443"). An endpoint in any other format
|
60
|
-
# will not be properly parsed.
|
61
|
-
# @option options [ Array<String> ] :key_alt_names An optional array of strings specifying
|
55
|
+
# @param [ Mongo::Crypt::KMS::MasterKeyDocument ] master_key_document The master
|
56
|
+
# key document that contains master encryption key parameters.
|
57
|
+
# @param [ Array<String> | nil ] key_alt_names An optional array of strings specifying
|
62
58
|
# alternate names for the new data key.
|
59
|
+
# @param [ String | nil ] key_material Optional 96 bytes to use as
|
60
|
+
# custom key material for the data key being created.
|
61
|
+
# If key_material option is given, the custom key material is used
|
62
|
+
# for encrypting and decrypting data.
|
63
63
|
#
|
64
64
|
# @return [ BSON::Binary ] The 16-byte UUID of the new data key as a
|
65
65
|
# BSON::Binary object with type :uuid.
|
66
|
-
def create_and_insert_data_key(
|
66
|
+
def create_and_insert_data_key(master_key_document, key_alt_names, key_material = nil)
|
67
67
|
data_key_document = Crypt::DataKeyContext.new(
|
68
68
|
@crypt_handle,
|
69
69
|
@encryption_io,
|
70
|
-
|
71
|
-
|
70
|
+
master_key_document,
|
71
|
+
key_alt_names,
|
72
|
+
key_material
|
72
73
|
).run_state_machine
|
73
74
|
|
74
75
|
@encryption_io.insert_data_key(data_key_document).inserted_id
|
@@ -85,14 +86,24 @@ module Mongo
|
|
85
86
|
# @option options [ String ] :key_alt_name The alternate name for the
|
86
87
|
# encryption key.
|
87
88
|
# @option options [ String ] :algorithm The algorithm used to encrypt the value.
|
88
|
-
# Valid algorithms are "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
|
89
|
-
#
|
89
|
+
# Valid algorithms are "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic",
|
90
|
+
# "AEAD_AES_256_CBC_HMAC_SHA_512-Random", "Indexed", "Unindexed".
|
91
|
+
# @option options [ Integer | nil ] :contention_factor Contention factor
|
92
|
+
# to be applied if encryption algorithm is set to "Indexed". If not
|
93
|
+
# provided, it defaults to a value of 0. Contention factor should be set
|
94
|
+
# only if encryption algorithm is set to "Indexed".
|
95
|
+
# @option options [ String | nil ] query_type Query type to be applied
|
96
|
+
# if encryption algorithm is set to "Indexed". Query type should be set
|
97
|
+
# only if encryption algorithm is set to "Indexed". The only allowed
|
98
|
+
# value is "equality".
|
90
99
|
#
|
91
100
|
# @note The :key_id and :key_alt_name options are mutually exclusive. Only
|
92
101
|
# one is required to perform explicit encryption.
|
93
102
|
#
|
94
103
|
# @return [ BSON::Binary ] A BSON Binary object of subtype 6 (ciphertext)
|
95
104
|
# representing the encrypted value
|
105
|
+
# @raise [ ArgumentError ] if either contention_factor or query_type
|
106
|
+
# is set, and algorithm is not "Indexed".
|
96
107
|
def encrypt(value, options)
|
97
108
|
Crypt::ExplicitEncryptionContext.new(
|
98
109
|
@crypt_handle,
|
@@ -115,6 +126,112 @@ module Mongo
|
|
115
126
|
{ 'v': value },
|
116
127
|
).run_state_machine['v']
|
117
128
|
end
|
129
|
+
|
130
|
+
# Adds a key_alt_name for the key in the key vault collection with the given id.
|
131
|
+
#
|
132
|
+
# @param [ BSON::Binary ] id Id of the key to add new key alt name.
|
133
|
+
# @param [ String ] key_alt_name New key alt name to add.
|
134
|
+
#
|
135
|
+
# @return [ BSON::Document | nil ] Document describing the identified key
|
136
|
+
# before adding the key alt name, or nil if no such key.
|
137
|
+
def add_key_alt_name(id, key_alt_name)
|
138
|
+
@encryption_io.add_key_alt_name(id, key_alt_name)
|
139
|
+
end
|
140
|
+
|
141
|
+
# Removes the key with the given id from the key vault collection.
|
142
|
+
#
|
143
|
+
# @param [ BSON::Binary ] id Id of the key to delete.
|
144
|
+
#
|
145
|
+
# @return [ Operation::Result ] The response from the database for the delete_one
|
146
|
+
# operation that deletes the key.
|
147
|
+
def delete_key(id)
|
148
|
+
@encryption_io.delete_key(id)
|
149
|
+
end
|
150
|
+
|
151
|
+
# Finds a single key with the given id.
|
152
|
+
#
|
153
|
+
# @param [ BSON::Binary ] id Id of the key to get.
|
154
|
+
#
|
155
|
+
# @return [ BSON::Document | nil ] The found key document or nil
|
156
|
+
# if not found.
|
157
|
+
def get_key(id)
|
158
|
+
@encryption_io.get_key(id)
|
159
|
+
end
|
160
|
+
|
161
|
+
# Returns a key in the key vault collection with the given key_alt_name.
|
162
|
+
#
|
163
|
+
# @param [ String ] key_alt_name Key alt name to find a key.
|
164
|
+
#
|
165
|
+
# @return [ BSON::Document | nil ] The found key document or nil
|
166
|
+
# if not found.
|
167
|
+
def get_key_by_alt_name(key_alt_name)
|
168
|
+
@encryption_io.get_key_by_alt_name(key_alt_name)
|
169
|
+
end
|
170
|
+
|
171
|
+
# Returns all keys in the key vault collection.
|
172
|
+
#
|
173
|
+
# @return [ Collection::View ] Keys in the key vault collection.
|
174
|
+
def get_keys
|
175
|
+
@encryption_io.get_keys
|
176
|
+
end
|
177
|
+
|
178
|
+
# Removes a key_alt_name from a key in the key vault collection with the given id.
|
179
|
+
#
|
180
|
+
# @param [ BSON::Binary ] id Id of the key to remove key alt name.
|
181
|
+
# @param [ String ] key_alt_name Key alt name to remove.
|
182
|
+
#
|
183
|
+
# @return [ BSON::Document | nil ] Document describing the identified key
|
184
|
+
# before removing the key alt name, or nil if no such key.
|
185
|
+
def remove_key_alt_name(id, key_alt_name)
|
186
|
+
@encryption_io.remove_key_alt_name(id, key_alt_name)
|
187
|
+
end
|
188
|
+
|
189
|
+
# Decrypts multiple data keys and (re-)encrypts them with a new master_key,
|
190
|
+
# or with their current master_key if a new one is not given.
|
191
|
+
#
|
192
|
+
# @param [ Hash ] filter Filter used to find keys to be updated.
|
193
|
+
# @param [ Hash ] options
|
194
|
+
#
|
195
|
+
# @option options [ String ] :provider KMS provider to encrypt keys.
|
196
|
+
# @option options [ Hash | nil ] :master_key Document describing master key
|
197
|
+
# to encrypt keys.
|
198
|
+
#
|
199
|
+
# @return [ Crypt::RewrapManyDataKeyResult ] Result of the operation.
|
200
|
+
def rewrap_many_data_key(filter, opts = {})
|
201
|
+
master_key_document = if opts[:provider]
|
202
|
+
options = opts.dup
|
203
|
+
provider = options.delete(:provider)
|
204
|
+
KMS::MasterKeyDocument.new(provider, options)
|
205
|
+
end
|
206
|
+
|
207
|
+
rewrap_result = Crypt::RewrapManyDataKeyContext.new(
|
208
|
+
@crypt_handle,
|
209
|
+
@encryption_io,
|
210
|
+
filter,
|
211
|
+
master_key_document
|
212
|
+
).run_state_machine
|
213
|
+
if rewrap_result.nil?
|
214
|
+
return RewrapManyDataKeyResult.new(nil)
|
215
|
+
end
|
216
|
+
data_key_documents = rewrap_result.fetch('v')
|
217
|
+
updates = data_key_documents.map do |doc|
|
218
|
+
{
|
219
|
+
update_one: {
|
220
|
+
filter: { _id: doc[:_id] },
|
221
|
+
update: {
|
222
|
+
'$set' => {
|
223
|
+
masterKey: doc[:masterKey],
|
224
|
+
keyMaterial: doc[:keyMaterial]
|
225
|
+
},
|
226
|
+
'$currentDate' => { updateDate: true },
|
227
|
+
},
|
228
|
+
}
|
229
|
+
}
|
230
|
+
end
|
231
|
+
RewrapManyDataKeyResult.new(
|
232
|
+
@encryption_io.update_data_keys(updates)
|
233
|
+
)
|
234
|
+
end
|
118
235
|
end
|
119
236
|
end
|
120
237
|
end
|
@@ -38,8 +38,16 @@ module Mongo
|
|
38
38
|
# @option options [ String ] :key_alt_name The alternate name of the data key
|
39
39
|
# that will be used to encrypt the value.
|
40
40
|
# @option options [ String ] :algorithm The algorithm used to encrypt the
|
41
|
-
# value. Valid algorithms are "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
|
42
|
-
#
|
41
|
+
# value. Valid algorithms are "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic",
|
42
|
+
# "AEAD_AES_256_CBC_HMAC_SHA_512-Random", "Indexed", "Unindexed".
|
43
|
+
# @option options [ Integer | nil ] :contention_factor Contention factor
|
44
|
+
# to be applied if encryption algorithm is set to "Indexed". If not
|
45
|
+
# provided, it defaults to a value of 0. Contention factor should be set
|
46
|
+
# only if encryption algorithm is set to "Indexed".
|
47
|
+
# @option options [ String | nil ] query_type Query type to be applied
|
48
|
+
# if encryption algorithm is set to "Indexed". Query type should be set
|
49
|
+
# only if encryption algorithm is set to "Indexed". The only allowed
|
50
|
+
# value is "equality".
|
43
51
|
#
|
44
52
|
# @raise [ ArgumentError|Mongo::Error::CryptError ] If invalid options are provided
|
45
53
|
def initialize(mongocrypt, io, doc, options={})
|
@@ -82,6 +90,21 @@ module Mongo
|
|
82
90
|
# Set the algorithm option on the mongocrypt_ctx_t object and raises
|
83
91
|
# an exception if the algorithm is invalid.
|
84
92
|
Binding.ctx_setopt_algorithm(self, options[:algorithm])
|
93
|
+
if options[:algorithm] == 'Indexed'
|
94
|
+
if options[:contention_factor]
|
95
|
+
Binding.ctx_setopt_contention_factor(self, options[:contention_factor])
|
96
|
+
end
|
97
|
+
if options[:query_type]
|
98
|
+
Binding.ctx_setopt_query_type(self, options[:query_type])
|
99
|
+
end
|
100
|
+
else
|
101
|
+
if options[:contention_factor]
|
102
|
+
raise ArgumentError.new(':contention_factor is allowed only for "Indexed" algorithm')
|
103
|
+
end
|
104
|
+
if options[:query_type]
|
105
|
+
raise ArgumentError.new(':query_type is allowed only for "Indexed" algorithm')
|
106
|
+
end
|
107
|
+
end
|
85
108
|
|
86
109
|
# Initializes the mongocrypt_ctx_t object for explicit encryption and
|
87
110
|
# passes in the value to be encrypted.
|