mongo 2.23.0 → 2.24.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/mongo_console +0 -1
- data/lib/mongo/active_support.rb +1 -2
- data/lib/mongo/address/ipv4.rb +3 -6
- data/lib/mongo/address/ipv6.rb +6 -10
- data/lib/mongo/address/unix.rb +1 -4
- data/lib/mongo/address/validator.rb +16 -28
- data/lib/mongo/address.rb +30 -40
- data/lib/mongo/auth/aws/conversation.rb +6 -10
- data/lib/mongo/auth/aws/credentials.rb +0 -1
- data/lib/mongo/auth/aws/credentials_cache.rb +0 -1
- data/lib/mongo/auth/aws/credentials_retriever.rb +45 -59
- data/lib/mongo/auth/aws/request.rb +20 -35
- data/lib/mongo/auth/aws.rb +1 -2
- data/lib/mongo/auth/base.rb +20 -29
- data/lib/mongo/auth/conversation_base.rb +14 -18
- data/lib/mongo/auth/cr/conversation.rb +0 -3
- data/lib/mongo/auth/cr.rb +1 -4
- data/lib/mongo/auth/credential_cache.rb +0 -2
- data/lib/mongo/auth/gssapi/conversation.rb +3 -8
- data/lib/mongo/auth/gssapi.rb +1 -4
- data/lib/mongo/auth/ldap/conversation.rb +0 -3
- data/lib/mongo/auth/ldap.rb +1 -4
- data/lib/mongo/auth/roles.rb +16 -19
- data/lib/mongo/auth/sasl_conversation_base.rb +7 -11
- data/lib/mongo/auth/scram/conversation.rb +2 -5
- data/lib/mongo/auth/scram.rb +5 -10
- data/lib/mongo/auth/scram256/conversation.rb +2 -5
- data/lib/mongo/auth/scram256.rb +1 -3
- data/lib/mongo/auth/scram_conversation_base.rb +18 -24
- data/lib/mongo/auth/stringprep/profiles/sasl.rb +17 -18
- data/lib/mongo/auth/stringprep/tables.rb +2209 -2210
- data/lib/mongo/auth/stringprep/unicode_normalize/normalize.rb +36 -38
- data/lib/mongo/auth/stringprep/unicode_normalize/tables.rb +1142 -1150
- data/lib/mongo/auth/stringprep.rb +9 -12
- data/lib/mongo/auth/user/view.rb +3 -5
- data/lib/mongo/auth/user.rb +14 -24
- data/lib/mongo/auth/x509/conversation.rb +0 -3
- data/lib/mongo/auth/x509.rb +7 -9
- data/lib/mongo/auth.rb +18 -30
- data/lib/mongo/background_thread.rb +9 -17
- data/lib/mongo/bson.rb +0 -2
- data/lib/mongo/bulk_write/combineable.rb +0 -3
- data/lib/mongo/bulk_write/ordered_combiner.rb +1 -3
- data/lib/mongo/bulk_write/result.rb +11 -16
- data/lib/mongo/bulk_write/result_combiner.rb +9 -12
- data/lib/mongo/bulk_write/transformable.rb +16 -19
- data/lib/mongo/bulk_write/unordered_combiner.rb +1 -3
- data/lib/mongo/bulk_write/validatable.rb +11 -18
- data/lib/mongo/bulk_write.rb +76 -91
- data/lib/mongo/caching_cursor.rb +2 -7
- data/lib/mongo/client.rb +230 -275
- data/lib/mongo/client_encryption.rb +4 -5
- data/lib/mongo/cluster/periodic_executor.rb +2 -5
- data/lib/mongo/cluster/reapers/cursor_reaper.rb +21 -29
- data/lib/mongo/cluster/reapers/socket_reaper.rb +1 -6
- data/lib/mongo/cluster/sdam_flow.rb +136 -159
- data/lib/mongo/cluster/topology/base.rb +15 -18
- data/lib/mongo/cluster/topology/load_balanced.rb +24 -14
- data/lib/mongo/cluster/topology/no_replica_set_options.rb +3 -6
- data/lib/mongo/cluster/topology/replica_set_no_primary.rb +20 -23
- data/lib/mongo/cluster/topology/replica_set_with_primary.rb +0 -2
- data/lib/mongo/cluster/topology/sharded.rb +19 -9
- data/lib/mongo/cluster/topology/single.rb +24 -14
- data/lib/mongo/cluster/topology/unknown.rb +20 -10
- data/lib/mongo/cluster/topology.rb +29 -25
- data/lib/mongo/cluster.rb +148 -183
- data/lib/mongo/cluster_time.rb +14 -31
- data/lib/mongo/collection/helpers.rb +5 -8
- data/lib/mongo/collection/view/aggregation.rb +5 -10
- data/lib/mongo/collection/view/builder/aggregation.rb +6 -9
- data/lib/mongo/collection/view/builder/map_reduce.rb +18 -17
- data/lib/mongo/collection/view/builder.rb +0 -1
- data/lib/mongo/collection/view/change_stream/retryable.rb +3 -8
- data/lib/mongo/collection/view/change_stream.rb +59 -58
- data/lib/mongo/collection/view/explainable.rb +11 -20
- data/lib/mongo/collection/view/immutable.rb +1 -3
- data/lib/mongo/collection/view/iterable.rb +35 -28
- data/lib/mongo/collection/view/map_reduce.rb +20 -25
- data/lib/mongo/collection/view/readable.rb +50 -57
- data/lib/mongo/collection/view/writable.rb +56 -72
- data/lib/mongo/collection/view.rb +9 -8
- data/lib/mongo/collection.rb +63 -76
- data/lib/mongo/condition_variable.rb +4 -4
- data/lib/mongo/config/options.rb +0 -3
- data/lib/mongo/config/validators/option.rb +3 -5
- data/lib/mongo/config.rb +2 -4
- data/lib/mongo/crypt/auto_decryption_context.rb +0 -3
- data/lib/mongo/crypt/auto_encrypter.rb +34 -43
- data/lib/mongo/crypt/auto_encryption_context.rb +0 -3
- data/lib/mongo/crypt/binary.rb +5 -9
- data/lib/mongo/crypt/binding.rb +149 -155
- data/lib/mongo/crypt/context.rb +10 -17
- data/lib/mongo/crypt/data_key_context.rb +2 -7
- data/lib/mongo/crypt/encryption_io.rb +29 -39
- data/lib/mongo/crypt/explicit_decryption_context.rb +0 -3
- data/lib/mongo/crypt/explicit_encrypter.rb +1 -1
- data/lib/mongo/crypt/explicit_encryption_context.rb +19 -30
- data/lib/mongo/crypt/explicit_encryption_expression_context.rb +0 -2
- data/lib/mongo/crypt/handle.rb +42 -48
- data/lib/mongo/crypt/hooks.rb +12 -15
- data/lib/mongo/crypt/kms/aws/credentials.rb +12 -16
- data/lib/mongo/crypt/kms/aws/master_document.rb +6 -9
- data/lib/mongo/crypt/kms/aws.rb +0 -2
- data/lib/mongo/crypt/kms/azure/credentials_retriever.rb +2 -7
- data/lib/mongo/crypt/kms/azure/master_document.rb +15 -19
- data/lib/mongo/crypt/kms/azure.rb +0 -1
- data/lib/mongo/crypt/kms/credentials.rb +13 -27
- data/lib/mongo/crypt/kms/gcp/credentials.rb +12 -14
- data/lib/mongo/crypt/kms/gcp/credentials_retriever.rb +7 -9
- data/lib/mongo/crypt/kms/gcp/master_document.rb +12 -16
- data/lib/mongo/crypt/kms/gcp.rb +0 -2
- data/lib/mongo/crypt/kms/kmip/credentials.rb +7 -8
- data/lib/mongo/crypt/kms/kmip/master_document.rb +3 -5
- data/lib/mongo/crypt/kms/kmip.rb +0 -1
- data/lib/mongo/crypt/kms/local/credentials.rb +7 -8
- data/lib/mongo/crypt/kms/local/master_document.rb +2 -6
- data/lib/mongo/crypt/kms/local.rb +0 -1
- data/lib/mongo/crypt/kms/master_key_document.rb +11 -15
- data/lib/mongo/crypt/kms.rb +14 -16
- data/lib/mongo/crypt/kms_context.rb +0 -2
- data/lib/mongo/crypt/rewrap_many_data_key_context.rb +2 -7
- data/lib/mongo/crypt/rewrap_many_data_key_result.rb +2 -4
- data/lib/mongo/crypt/status.rb +12 -14
- data/lib/mongo/crypt.rb +0 -1
- data/lib/mongo/csot_timeout_holder.rb +3 -2
- data/lib/mongo/cursor/kill_spec.rb +7 -10
- data/lib/mongo/cursor.rb +74 -64
- data/lib/mongo/cursor_host.rb +8 -10
- data/lib/mongo/database/view.rb +16 -37
- data/lib/mongo/database.rb +52 -56
- data/lib/mongo/dbref.rb +0 -1
- data/lib/mongo/distinguishing_semaphore.rb +0 -1
- data/lib/mongo/error/auth_error.rb +0 -2
- data/lib/mongo/error/bad_load_balancer_target.rb +0 -2
- data/lib/mongo/error/bulk_write_error.rb +7 -10
- data/lib/mongo/error/change_stream_resumable.rb +0 -2
- data/lib/mongo/error/client_closed.rb +0 -2
- data/lib/mongo/error/closed_stream.rb +1 -4
- data/lib/mongo/error/connection_check_out_timeout.rb +3 -6
- data/lib/mongo/error/connection_perished.rb +0 -2
- data/lib/mongo/error/connection_unavailable.rb +0 -2
- data/lib/mongo/error/credential_check_error.rb +0 -2
- data/lib/mongo/error/crypt_error.rb +0 -2
- data/lib/mongo/error/extra_file_chunk.rb +1 -4
- data/lib/mongo/error/failed_string_prep_validation.rb +5 -6
- data/lib/mongo/error/file_not_found.rb +0 -3
- data/lib/mongo/error/handshake_error.rb +0 -2
- data/lib/mongo/error/insufficient_iteration_count.rb +1 -4
- data/lib/mongo/error/internal_driver_error.rb +0 -2
- data/lib/mongo/error/invalid_address.rb +0 -2
- data/lib/mongo/error/invalid_application_name.rb +0 -3
- data/lib/mongo/error/invalid_bulk_operation.rb +1 -4
- data/lib/mongo/error/invalid_bulk_operation_type.rb +1 -4
- data/lib/mongo/error/invalid_collection_name.rb +1 -4
- data/lib/mongo/error/invalid_config_option.rb +0 -3
- data/lib/mongo/error/invalid_cursor_operation.rb +0 -2
- data/lib/mongo/error/invalid_database_name.rb +1 -4
- data/lib/mongo/error/invalid_document.rb +1 -4
- data/lib/mongo/error/invalid_file.rb +0 -3
- data/lib/mongo/error/invalid_file_revision.rb +0 -3
- data/lib/mongo/error/invalid_min_pool_size.rb +0 -3
- data/lib/mongo/error/invalid_nonce.rb +0 -3
- data/lib/mongo/error/invalid_read_concern.rb +2 -4
- data/lib/mongo/error/invalid_read_option.rb +0 -3
- data/lib/mongo/error/invalid_replacement_document.rb +2 -5
- data/lib/mongo/error/invalid_server_auth_host.rb +0 -2
- data/lib/mongo/error/invalid_server_auth_response.rb +0 -2
- data/lib/mongo/error/invalid_server_preference.rb +7 -16
- data/lib/mongo/error/invalid_session.rb +1 -4
- data/lib/mongo/error/invalid_signature.rb +0 -3
- data/lib/mongo/error/invalid_transaction_operation.rb +5 -8
- data/lib/mongo/error/invalid_txt_record.rb +0 -2
- data/lib/mongo/error/invalid_update_document.rb +2 -5
- data/lib/mongo/error/invalid_uri.rb +1 -4
- data/lib/mongo/error/invalid_write_concern.rb +2 -5
- data/lib/mongo/error/kms_error.rb +0 -2
- data/lib/mongo/error/labelable.rb +0 -3
- data/lib/mongo/error/lint_error.rb +0 -2
- data/lib/mongo/error/max_bson_size.rb +8 -11
- data/lib/mongo/error/max_message_size.rb +2 -5
- data/lib/mongo/error/mismatched_domain.rb +0 -2
- data/lib/mongo/error/missing_connection.rb +0 -2
- data/lib/mongo/error/missing_file_chunk.rb +0 -3
- data/lib/mongo/error/missing_password.rb +0 -2
- data/lib/mongo/error/missing_resume_token.rb +1 -4
- data/lib/mongo/error/missing_scram_server_signature.rb +2 -4
- data/lib/mongo/error/missing_service_id.rb +0 -2
- data/lib/mongo/error/mongocryptd_spawn_error.rb +0 -2
- data/lib/mongo/error/multi_index_drop.rb +0 -3
- data/lib/mongo/error/need_primary_server.rb +0 -2
- data/lib/mongo/error/no_server_available.rb +3 -8
- data/lib/mongo/error/no_service_connection_available.rb +1 -3
- data/lib/mongo/error/no_srv_records.rb +0 -2
- data/lib/mongo/error/notable.rb +8 -16
- data/lib/mongo/error/operation_failure.rb +22 -35
- data/lib/mongo/error/parser.rb +33 -75
- data/lib/mongo/error/pool_cleared_error.rb +1 -3
- data/lib/mongo/error/pool_closed_error.rb +0 -3
- data/lib/mongo/error/pool_error.rb +0 -3
- data/lib/mongo/error/pool_paused_error.rb +0 -2
- data/lib/mongo/error/raise_original_error.rb +1 -3
- data/lib/mongo/error/read_write_retryable.rb +14 -17
- data/lib/mongo/error/sdam_error_detection.rb +3 -5
- data/lib/mongo/error/server_api_conflict.rb +0 -2
- data/lib/mongo/error/server_certificate_revoked.rb +0 -2
- data/lib/mongo/error/server_not_usable.rb +0 -2
- data/lib/mongo/error/session_ended.rb +1 -3
- data/lib/mongo/error/session_not_materialized.rb +1 -3
- data/lib/mongo/error/sessions_not_supported.rb +1 -4
- data/lib/mongo/error/snapshot_session_invalid_server_version.rb +1 -4
- data/lib/mongo/error/snapshot_session_transaction_prohibited.rb +1 -4
- data/lib/mongo/error/socket_error.rb +0 -2
- data/lib/mongo/error/socket_timeout_error.rb +0 -2
- data/lib/mongo/error/transactions_not_supported.rb +3 -6
- data/lib/mongo/error/unchangeable_collection_option.rb +1 -4
- data/lib/mongo/error/unexpected_chunk_length.rb +0 -3
- data/lib/mongo/error/unexpected_response.rb +1 -4
- data/lib/mongo/error/unknown_payload_type.rb +0 -3
- data/lib/mongo/error/unmet_dependency.rb +0 -2
- data/lib/mongo/error/unsupported_array_filters.rb +3 -24
- data/lib/mongo/error/unsupported_collation.rb +3 -24
- data/lib/mongo/error/unsupported_features.rb +0 -2
- data/lib/mongo/error/unsupported_message_type.rb +0 -2
- data/lib/mongo/error/unsupported_option.rb +19 -21
- data/lib/mongo/error/write_retryable.rb +0 -2
- data/lib/mongo/error.rb +10 -24
- data/lib/mongo/event/base.rb +0 -2
- data/lib/mongo/event/listeners.rb +0 -3
- data/lib/mongo/event/publisher.rb +0 -3
- data/lib/mongo/event/subscriber.rb +0 -4
- data/lib/mongo/event.rb +4 -6
- data/lib/mongo/grid/file/chunk.rb +7 -10
- data/lib/mongo/grid/file/info.rb +20 -24
- data/lib/mongo/grid/file.rb +7 -8
- data/lib/mongo/grid/fs_bucket.rb +40 -48
- data/lib/mongo/grid/stream/read.rb +25 -35
- data/lib/mongo/grid/stream/write.rb +17 -22
- data/lib/mongo/grid/stream.rb +2 -4
- data/lib/mongo/grid.rb +0 -1
- data/lib/mongo/id.rb +0 -1
- data/lib/mongo/index/view.rb +49 -48
- data/lib/mongo/index.rb +7 -10
- data/lib/mongo/lint.rb +31 -37
- data/lib/mongo/loggable.rb +5 -8
- data/lib/mongo/logger.rb +1 -7
- data/lib/mongo/monitoring/cmap_log_subscriber.rb +0 -2
- data/lib/mongo/monitoring/command_log_subscriber.rb +25 -33
- data/lib/mongo/monitoring/event/cmap/base.rb +0 -2
- data/lib/mongo/monitoring/event/cmap/connection_check_out_failed.rb +1 -4
- data/lib/mongo/monitoring/event/cmap/connection_check_out_started.rb +0 -3
- data/lib/mongo/monitoring/event/cmap/connection_checked_in.rb +1 -4
- data/lib/mongo/monitoring/event/cmap/connection_checked_out.rb +2 -5
- data/lib/mongo/monitoring/event/cmap/connection_closed.rb +1 -4
- data/lib/mongo/monitoring/event/cmap/connection_created.rb +1 -4
- data/lib/mongo/monitoring/event/cmap/connection_ready.rb +1 -4
- data/lib/mongo/monitoring/event/cmap/pool_cleared.rb +0 -3
- data/lib/mongo/monitoring/event/cmap/pool_closed.rb +1 -4
- data/lib/mongo/monitoring/event/cmap/pool_created.rb +1 -4
- data/lib/mongo/monitoring/event/cmap/pool_ready.rb +1 -4
- data/lib/mongo/monitoring/event/cmap.rb +0 -1
- data/lib/mongo/monitoring/event/command_failed.rb +5 -9
- data/lib/mongo/monitoring/event/command_started.rb +8 -12
- data/lib/mongo/monitoring/event/command_succeeded.rb +7 -15
- data/lib/mongo/monitoring/event/secure.rb +15 -20
- data/lib/mongo/monitoring/event/server_closed.rb +1 -4
- data/lib/mongo/monitoring/event/server_description_changed.rb +4 -8
- data/lib/mongo/monitoring/event/server_heartbeat_failed.rb +5 -10
- data/lib/mongo/monitoring/event/server_heartbeat_started.rb +1 -4
- data/lib/mongo/monitoring/event/server_heartbeat_succeeded.rb +3 -8
- data/lib/mongo/monitoring/event/server_opening.rb +1 -4
- data/lib/mongo/monitoring/event/topology_changed.rb +2 -5
- data/lib/mongo/monitoring/event/topology_closed.rb +1 -4
- data/lib/mongo/monitoring/event/topology_opening.rb +1 -4
- data/lib/mongo/monitoring/event.rb +0 -1
- data/lib/mongo/monitoring/publishable.rb +20 -30
- data/lib/mongo/monitoring/sdam_log_subscriber.rb +0 -2
- data/lib/mongo/monitoring/server_closed_log_subscriber.rb +0 -3
- data/lib/mongo/monitoring/server_description_changed_log_subscriber.rb +0 -3
- data/lib/mongo/monitoring/server_opening_log_subscriber.rb +0 -3
- data/lib/mongo/monitoring/topology_changed_log_subscriber.rb +5 -8
- data/lib/mongo/monitoring/topology_closed_log_subscriber.rb +0 -3
- data/lib/mongo/monitoring/topology_opening_log_subscriber.rb +0 -3
- data/lib/mongo/monitoring/unified_sdam_log_subscriber.rb +1 -3
- data/lib/mongo/monitoring.rb +38 -39
- data/lib/mongo/operation/aggregate/op_msg.rb +0 -2
- data/lib/mongo/operation/aggregate/result.rb +3 -6
- data/lib/mongo/operation/aggregate.rb +0 -2
- data/lib/mongo/operation/collections_info/result.rb +0 -3
- data/lib/mongo/operation/collections_info.rb +0 -2
- data/lib/mongo/operation/command/op_msg.rb +1 -4
- data/lib/mongo/operation/command.rb +0 -2
- data/lib/mongo/operation/context.rb +13 -16
- data/lib/mongo/operation/count/op_msg.rb +2 -4
- data/lib/mongo/operation/count.rb +0 -2
- data/lib/mongo/operation/create/op_msg.rb +2 -5
- data/lib/mongo/operation/create.rb +0 -2
- data/lib/mongo/operation/create_index/op_msg.rb +3 -7
- data/lib/mongo/operation/create_index.rb +0 -2
- data/lib/mongo/operation/create_user/op_msg.rb +2 -4
- data/lib/mongo/operation/create_user.rb +0 -2
- data/lib/mongo/operation/delete/bulk_result.rb +2 -3
- data/lib/mongo/operation/delete/op_msg.rb +3 -10
- data/lib/mongo/operation/delete/result.rb +0 -3
- data/lib/mongo/operation/delete.rb +1 -5
- data/lib/mongo/operation/distinct/op_msg.rb +2 -5
- data/lib/mongo/operation/distinct.rb +0 -2
- data/lib/mongo/operation/drop/op_msg.rb +0 -2
- data/lib/mongo/operation/drop.rb +0 -2
- data/lib/mongo/operation/drop_database/op_msg.rb +0 -2
- data/lib/mongo/operation/drop_database.rb +0 -2
- data/lib/mongo/operation/drop_index/op_msg.rb +4 -6
- data/lib/mongo/operation/drop_index.rb +0 -2
- data/lib/mongo/operation/explain/op_msg.rb +0 -2
- data/lib/mongo/operation/explain/result.rb +0 -3
- data/lib/mongo/operation/explain.rb +0 -2
- data/lib/mongo/operation/find/builder/command.rb +4 -12
- data/lib/mongo/operation/find/builder/flags.rb +9 -15
- data/lib/mongo/operation/find/builder/modifiers.rb +1 -4
- data/lib/mongo/operation/find/builder.rb +0 -1
- data/lib/mongo/operation/find/op_msg.rb +4 -12
- data/lib/mongo/operation/find/result.rb +0 -3
- data/lib/mongo/operation/find.rb +0 -2
- data/lib/mongo/operation/get_more/command_builder.rb +1 -6
- data/lib/mongo/operation/get_more/op_msg.rb +10 -4
- data/lib/mongo/operation/get_more/result.rb +0 -3
- data/lib/mongo/operation/get_more.rb +0 -2
- data/lib/mongo/operation/indexes/op_msg.rb +0 -2
- data/lib/mongo/operation/indexes/result.rb +1 -5
- data/lib/mongo/operation/indexes.rb +0 -2
- data/lib/mongo/operation/insert/bulk_result.rb +2 -6
- data/lib/mongo/operation/insert/op_msg.rb +2 -4
- data/lib/mongo/operation/insert/result.rb +0 -3
- data/lib/mongo/operation/insert.rb +2 -5
- data/lib/mongo/operation/kill_cursors/command_builder.rb +0 -3
- data/lib/mongo/operation/kill_cursors/op_msg.rb +1 -3
- data/lib/mongo/operation/kill_cursors.rb +0 -2
- data/lib/mongo/operation/list_collections/op_msg.rb +4 -6
- data/lib/mongo/operation/list_collections/result.rb +1 -4
- data/lib/mongo/operation/list_collections.rb +0 -2
- data/lib/mongo/operation/map_reduce/op_msg.rb +0 -2
- data/lib/mongo/operation/map_reduce/result.rb +3 -6
- data/lib/mongo/operation/map_reduce.rb +0 -2
- data/lib/mongo/operation/op_msg_base.rb +0 -1
- data/lib/mongo/operation/parallel_scan/op_msg.rb +4 -5
- data/lib/mongo/operation/parallel_scan/result.rb +2 -5
- data/lib/mongo/operation/parallel_scan.rb +0 -2
- data/lib/mongo/operation/remove_user/op_msg.rb +2 -4
- data/lib/mongo/operation/remove_user.rb +0 -2
- data/lib/mongo/operation/result.rb +38 -48
- data/lib/mongo/operation/shared/bypass_document_validation.rb +3 -7
- data/lib/mongo/operation/shared/causal_consistency_supported.rb +0 -3
- data/lib/mongo/operation/shared/executable.rb +19 -28
- data/lib/mongo/operation/shared/executable_no_validate.rb +0 -3
- data/lib/mongo/operation/shared/executable_transaction_label.rb +0 -2
- data/lib/mongo/operation/shared/idable.rb +3 -6
- data/lib/mongo/operation/shared/limited.rb +0 -3
- data/lib/mongo/operation/shared/object_id_generator.rb +0 -3
- data/lib/mongo/operation/shared/op_msg_executable.rb +0 -2
- data/lib/mongo/operation/shared/polymorphic_lookup.rb +0 -2
- data/lib/mongo/operation/shared/polymorphic_result.rb +2 -4
- data/lib/mongo/operation/shared/read_preference_supported.rb +10 -15
- data/lib/mongo/operation/shared/response_handling.rb +13 -26
- data/lib/mongo/operation/shared/result/aggregatable.rb +12 -13
- data/lib/mongo/operation/shared/sessions_supported.rb +87 -99
- data/lib/mongo/operation/shared/specifiable.rb +32 -58
- data/lib/mongo/operation/shared/write.rb +12 -17
- data/lib/mongo/operation/shared/write_concern_supported.rb +4 -7
- data/lib/mongo/operation/update/bulk_result.rb +13 -17
- data/lib/mongo/operation/update/op_msg.rb +2 -5
- data/lib/mongo/operation/update/result.rb +5 -5
- data/lib/mongo/operation/update.rb +1 -5
- data/lib/mongo/operation/update_user/op_msg.rb +2 -4
- data/lib/mongo/operation/update_user.rb +0 -2
- data/lib/mongo/operation/users_info/op_msg.rb +2 -4
- data/lib/mongo/operation/users_info/result.rb +1 -4
- data/lib/mongo/operation/users_info.rb +0 -2
- data/lib/mongo/operation/write_command/op_msg.rb +2 -10
- data/lib/mongo/operation/write_command.rb +0 -2
- data/lib/mongo/operation.rb +9 -14
- data/lib/mongo/options/mapper.rb +8 -15
- data/lib/mongo/options/redacted.rb +7 -9
- data/lib/mongo/options.rb +0 -1
- data/lib/mongo/protocol/bit_vector.rb +3 -5
- data/lib/mongo/protocol/caching_hash.rb +2 -7
- data/lib/mongo/protocol/compressed.rb +5 -10
- data/lib/mongo/protocol/get_more.rb +2 -8
- data/lib/mongo/protocol/kill_cursors.rb +2 -8
- data/lib/mongo/protocol/message.rb +103 -105
- data/lib/mongo/protocol/msg.rb +48 -63
- data/lib/mongo/protocol/query.rb +32 -41
- data/lib/mongo/protocol/registry.rb +2 -5
- data/lib/mongo/protocol/reply.rb +10 -16
- data/lib/mongo/protocol/serializers.rb +41 -59
- data/lib/mongo/protocol.rb +0 -1
- data/lib/mongo/query_cache.rb +7 -15
- data/lib/mongo/retryable/backpressure.rb +31 -0
- data/lib/mongo/retryable/base_worker.rb +39 -13
- data/lib/mongo/retryable/read_worker.rb +77 -21
- data/lib/mongo/retryable/retry_policy.rb +59 -0
- data/lib/mongo/retryable/write_worker.rb +155 -56
- data/lib/mongo/retryable.rb +70 -9
- data/lib/mongo/search_index/view.rb +1 -1
- data/lib/mongo/semaphore.rb +0 -1
- data/lib/mongo/server/app_metadata/environment.rb +3 -3
- data/lib/mongo/server/app_metadata.rb +4 -5
- data/lib/mongo/server/connection.rb +61 -61
- data/lib/mongo/server/connection_base.rb +43 -53
- data/lib/mongo/server/connection_common.rb +41 -64
- data/lib/mongo/server/connection_pool/generation_manager.rb +6 -11
- data/lib/mongo/server/connection_pool/populator.rb +1 -4
- data/lib/mongo/server/connection_pool.rb +195 -167
- data/lib/mongo/server/description/features.rb +23 -60
- data/lib/mongo/server/description/load_balancer.rb +0 -2
- data/lib/mongo/server/description.rb +117 -138
- data/lib/mongo/server/monitor/app_metadata.rb +3 -4
- data/lib/mongo/server/monitor/connection.rb +28 -35
- data/lib/mongo/server/monitor.rb +65 -60
- data/lib/mongo/server/pending_connection.rb +70 -71
- data/lib/mongo/server/push_monitor/connection.rb +0 -3
- data/lib/mongo/server/push_monitor.rb +21 -29
- data/lib/mongo/server/round_trip_time_calculator.rb +11 -17
- data/lib/mongo/server.rb +60 -93
- data/lib/mongo/server_selector/base.rb +133 -157
- data/lib/mongo/server_selector/nearest.rb +2 -5
- data/lib/mongo/server_selector/primary.rb +1 -5
- data/lib/mongo/server_selector/primary_preferred.rb +2 -6
- data/lib/mongo/server_selector/secondary.rb +2 -6
- data/lib/mongo/server_selector/secondary_preferred.rb +1 -5
- data/lib/mongo/server_selector.rb +3 -4
- data/lib/mongo/session/server_session.rb +6 -7
- data/lib/mongo/session/session_pool.rb +20 -34
- data/lib/mongo/session.rb +287 -188
- data/lib/mongo/socket/ocsp_cache.rb +8 -13
- data/lib/mongo/socket/ocsp_verifier.rb +69 -70
- data/lib/mongo/socket/ssl.rb +44 -43
- data/lib/mongo/socket/tcp.rb +5 -8
- data/lib/mongo/socket/unix.rb +0 -4
- data/lib/mongo/socket.rb +80 -102
- data/lib/mongo/srv/monitor.rb +6 -11
- data/lib/mongo/srv/resolver.rb +15 -24
- data/lib/mongo/srv/result.rb +18 -24
- data/lib/mongo/srv.rb +0 -1
- data/lib/mongo/timeout.rb +4 -11
- data/lib/mongo/topology_version.rb +8 -13
- data/lib/mongo/tracing/open_telemetry/command_tracer.rb +1 -1
- data/lib/mongo/tracing/open_telemetry/operation_tracer.rb +1 -1
- data/lib/mongo/tracing/open_telemetry/tracer.rb +1 -1
- data/lib/mongo/uri/options_mapper.rb +135 -126
- data/lib/mongo/uri/srv_protocol.rb +25 -38
- data/lib/mongo/uri.rb +95 -139
- data/lib/mongo/utils.rb +5 -12
- data/lib/mongo/version.rb +1 -1
- data/lib/mongo/write_concern/acknowledged.rb +0 -2
- data/lib/mongo/write_concern/base.rb +6 -6
- data/lib/mongo/write_concern/unacknowledged.rb +0 -2
- data/lib/mongo/write_concern.rb +14 -15
- data/lib/mongo.rb +1 -3
- data/mongo.gemspec +17 -17
- metadata +5 -5
- data/lib/mongo/error/server_api_not_supported.rb +0 -27
- data/lib/mongo/operation/shared/result/use_legacy_error_parser.rb +0 -32
- data/lib/mongo/operation/shared/validatable.rb +0 -87
data/lib/mongo/crypt/hooks.rb
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2020 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -20,14 +19,12 @@ require 'digest'
|
|
|
20
19
|
|
|
21
20
|
module Mongo
|
|
22
21
|
module Crypt
|
|
23
|
-
|
|
24
22
|
# A helper module that implements cryptography methods required
|
|
25
23
|
# for native Ruby crypto hooks. These methods are passed into FFI
|
|
26
24
|
# as C callbacks and called from the libmongocrypt library.
|
|
27
25
|
#
|
|
28
26
|
# @api private
|
|
29
27
|
module Hooks
|
|
30
|
-
|
|
31
28
|
# An AES encrypt or decrypt method.
|
|
32
29
|
#
|
|
33
30
|
# @param [ String ] key The 32-byte AES encryption key
|
|
@@ -48,7 +45,7 @@ module Mongo
|
|
|
48
45
|
cipher.iv = iv
|
|
49
46
|
cipher.padding = 0
|
|
50
47
|
|
|
51
|
-
|
|
48
|
+
cipher.update(input)
|
|
52
49
|
end
|
|
53
50
|
module_function :aes
|
|
54
51
|
|
|
@@ -98,17 +95,17 @@ module Mongo
|
|
|
98
95
|
# @return [ String ] The signature.
|
|
99
96
|
def rsaes_pkcs_signature(key, input)
|
|
100
97
|
private_key = if BSON::Environment.jruby?
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
private_key.sign(OpenSSL::Digest
|
|
98
|
+
# JRuby cannot read DER format, we need to convert key into PEM first.
|
|
99
|
+
key_pem = [
|
|
100
|
+
'-----BEGIN PRIVATE KEY-----',
|
|
101
|
+
Base64.strict_encode64(Base64.decode64(key)).scan(/.{1,64}/),
|
|
102
|
+
'-----END PRIVATE KEY-----',
|
|
103
|
+
].join("\n")
|
|
104
|
+
OpenSSL::PKey::RSA.new(key_pem)
|
|
105
|
+
else
|
|
106
|
+
OpenSSL::PKey.read(Base64.decode64(key))
|
|
107
|
+
end
|
|
108
|
+
private_key.sign(OpenSSL::Digest.new('SHA256'), input)
|
|
112
109
|
end
|
|
113
110
|
module_function :rsaes_pkcs_signature
|
|
114
111
|
end
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -19,7 +18,6 @@ module Mongo
|
|
|
19
18
|
module Crypt
|
|
20
19
|
module KMS
|
|
21
20
|
module AWS
|
|
22
|
-
|
|
23
21
|
# AWS KMS Credentials object contains credentials for using AWS KMS provider.
|
|
24
22
|
#
|
|
25
23
|
# @api private
|
|
@@ -39,8 +37,8 @@ module Mongo
|
|
|
39
37
|
# @api private
|
|
40
38
|
def_delegator :@opts, :empty?
|
|
41
39
|
|
|
42
|
-
FORMAT_HINT =
|
|
43
|
-
|
|
40
|
+
FORMAT_HINT = 'AWS KMS provider options must be in the format: ' +
|
|
41
|
+
"{ access_key_id: 'YOUR-ACCESS-KEY-ID', secret_access_key: 'SECRET-ACCESS-KEY' }"
|
|
44
42
|
|
|
45
43
|
# Creates an AWS KMS credentials object form a parameters hash.
|
|
46
44
|
#
|
|
@@ -54,11 +52,11 @@ module Mongo
|
|
|
54
52
|
# formatted.
|
|
55
53
|
def initialize(opts)
|
|
56
54
|
@opts = opts
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
55
|
+
return if empty?
|
|
56
|
+
|
|
57
|
+
@access_key_id = validate_param(:access_key_id, opts, FORMAT_HINT)
|
|
58
|
+
@secret_access_key = validate_param(:secret_access_key, opts, FORMAT_HINT)
|
|
59
|
+
@session_token = validate_param(:session_token, opts, FORMAT_HINT, required: false)
|
|
62
60
|
end
|
|
63
61
|
|
|
64
62
|
# Convert credentials object to a BSON document in libmongocrypt format.
|
|
@@ -66,13 +64,12 @@ module Mongo
|
|
|
66
64
|
# @return [ BSON::Document ] AWS KMS credentials in libmongocrypt format.
|
|
67
65
|
def to_document
|
|
68
66
|
return BSON::Document.new if empty?
|
|
67
|
+
|
|
69
68
|
BSON::Document.new({
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
unless session_token.nil?
|
|
74
|
-
bson.update({ sessionToken: session_token })
|
|
75
|
-
end
|
|
69
|
+
accessKeyId: access_key_id,
|
|
70
|
+
secretAccessKey: secret_access_key,
|
|
71
|
+
}).tap do |bson|
|
|
72
|
+
bson.update({ sessionToken: session_token }) unless session_token.nil?
|
|
76
73
|
end
|
|
77
74
|
end
|
|
78
75
|
end
|
|
@@ -80,4 +77,3 @@ module Mongo
|
|
|
80
77
|
end
|
|
81
78
|
end
|
|
82
79
|
end
|
|
83
|
-
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -34,7 +33,7 @@ module Mongo
|
|
|
34
33
|
# @return [ String | nil ] AWS KMS endpoint.
|
|
35
34
|
attr_reader :endpoint
|
|
36
35
|
|
|
37
|
-
FORMAT_HINT =
|
|
36
|
+
FORMAT_HINT = 'AWS key document must be in the format: ' +
|
|
38
37
|
"{ region: 'REGION', key: 'KEY' }"
|
|
39
38
|
|
|
40
39
|
# Creates a master key document object form a parameters hash.
|
|
@@ -62,13 +61,11 @@ module Mongo
|
|
|
62
61
|
# @return [ BSON::Document ] AWS KMS master key document in libmongocrypt format.
|
|
63
62
|
def to_document
|
|
64
63
|
BSON::Document.new({
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
unless endpoint.nil?
|
|
70
|
-
bson.update({ endpoint: endpoint })
|
|
71
|
-
end
|
|
64
|
+
provider: 'aws',
|
|
65
|
+
region: region,
|
|
66
|
+
key: key,
|
|
67
|
+
}).tap do |bson|
|
|
68
|
+
bson.update({ endpoint: endpoint }) unless endpoint.nil?
|
|
72
69
|
end
|
|
73
70
|
end
|
|
74
71
|
end
|
data/lib/mongo/crypt/kms/aws.rb
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -73,7 +72,7 @@ module Mongo
|
|
|
73
72
|
req['Metadata'] = 'true'
|
|
74
73
|
req['Accept'] = 'application/json'
|
|
75
74
|
extra_headers.each { |k, v| req[k] = v }
|
|
76
|
-
[uri, req]
|
|
75
|
+
[ uri, req ]
|
|
77
76
|
end
|
|
78
77
|
private_class_method :prepare_request
|
|
79
78
|
|
|
@@ -116,11 +115,7 @@ module Mongo
|
|
|
116
115
|
def self.do_request(uri, req, timeout_holder)
|
|
117
116
|
timeout_holder&.check_timeout!
|
|
118
117
|
timeout = timeout_holder&.remaining_timeout_sec || 10
|
|
119
|
-
exception_class = if timeout_holder&.csot?
|
|
120
|
-
Error::TimeoutError
|
|
121
|
-
else
|
|
122
|
-
nil
|
|
123
|
-
end
|
|
118
|
+
exception_class = (Error::TimeoutError if timeout_holder&.csot?)
|
|
124
119
|
::Timeout.timeout(timeout, exception_class) do
|
|
125
120
|
Net::HTTP.start(uri.hostname, uri.port, use_ssl: false) do |http|
|
|
126
121
|
http.request(req)
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -34,18 +33,18 @@ module Mongo
|
|
|
34
33
|
# @return [ String | nil ] Azure KMS key version.
|
|
35
34
|
attr_reader :key_version
|
|
36
35
|
|
|
37
|
-
FORMAT_HINT =
|
|
36
|
+
FORMAT_HINT = 'Azure key document must be in the format: ' +
|
|
38
37
|
"{ key_vault_endpoint: 'KEY_VAULT_ENDPOINT', key_name: 'KEY_NAME' }"
|
|
39
38
|
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
39
|
+
# Creates a master key document object form a parameters hash.
|
|
40
|
+
#
|
|
41
|
+
# @param [ Hash ] opts A hash that contains master key options for
|
|
42
|
+
# the Azure KMS provider.
|
|
43
|
+
# @option opts [ String ] :key_vault_endpoint Azure key vault endpoint.
|
|
44
|
+
# @option opts [ String ] :key_name Azure KMS key name.
|
|
45
|
+
# @option opts [ String | nil ] :key_version Azure KMS key version, optional.
|
|
46
|
+
#
|
|
47
|
+
# @raise [ ArgumentError ] If required options are missing or incorrectly.
|
|
49
48
|
def initialize(opts)
|
|
50
49
|
unless opts.is_a?(Hash)
|
|
51
50
|
raise ArgumentError.new(
|
|
@@ -62,13 +61,11 @@ module Mongo
|
|
|
62
61
|
# @return [ BSON::Document ] Azure KMS credentials in libmongocrypt format.
|
|
63
62
|
def to_document
|
|
64
63
|
BSON::Document.new({
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
unless key_version.nil?
|
|
70
|
-
bson.update({ keyVersion: key_version })
|
|
71
|
-
end
|
|
64
|
+
provider: 'azure',
|
|
65
|
+
keyVaultEndpoint: key_vault_endpoint,
|
|
66
|
+
keyName: key_name,
|
|
67
|
+
}).tap do |bson|
|
|
68
|
+
bson.update({ keyVersion: key_version }) unless key_version.nil?
|
|
72
69
|
end
|
|
73
70
|
end
|
|
74
71
|
end
|
|
@@ -76,4 +73,3 @@ module Mongo
|
|
|
76
73
|
end
|
|
77
74
|
end
|
|
78
75
|
end
|
|
79
|
-
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -18,12 +17,10 @@
|
|
|
18
17
|
module Mongo
|
|
19
18
|
module Crypt
|
|
20
19
|
module KMS
|
|
21
|
-
|
|
22
20
|
# KMS Credentials object contains credentials for using KMS providers.
|
|
23
21
|
#
|
|
24
22
|
# @api private
|
|
25
23
|
class Credentials
|
|
26
|
-
|
|
27
24
|
# @return [ Credentials::AWS | nil ] AWS KMS credentials.
|
|
28
25
|
attr_reader :aws
|
|
29
26
|
|
|
@@ -52,30 +49,19 @@ module Mongo
|
|
|
52
49
|
# @raise [ ArgumentError ] If required options are missing or incorrectly
|
|
53
50
|
# formatted.
|
|
54
51
|
def initialize(kms_providers)
|
|
55
|
-
if kms_providers.nil?
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
if kms_providers.key?(:
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
if kms_providers.key?(:
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
@kmip = KMIP::Credentials.new(kms_providers[:kmip])
|
|
69
|
-
end
|
|
70
|
-
if kms_providers.key?(:local)
|
|
71
|
-
@local = Local::Credentials.new(kms_providers[:local])
|
|
72
|
-
end
|
|
73
|
-
if @aws.nil? && @azure.nil? && @gcp.nil? && @kmip.nil? && @local.nil?
|
|
74
|
-
raise ArgumentError.new(
|
|
75
|
-
"KMS providers options must have one of the following keys: " +
|
|
76
|
-
":aws, :azure, :gcp, :kmip, :local"
|
|
77
|
-
)
|
|
78
|
-
end
|
|
52
|
+
raise ArgumentError.new('KMS providers options must not be nil') if kms_providers.nil?
|
|
53
|
+
|
|
54
|
+
@aws = AWS::Credentials.new(kms_providers[:aws]) if kms_providers.key?(:aws)
|
|
55
|
+
@azure = Azure::Credentials.new(kms_providers[:azure]) if kms_providers.key?(:azure)
|
|
56
|
+
@gcp = GCP::Credentials.new(kms_providers[:gcp]) if kms_providers.key?(:gcp)
|
|
57
|
+
@kmip = KMIP::Credentials.new(kms_providers[:kmip]) if kms_providers.key?(:kmip)
|
|
58
|
+
@local = Local::Credentials.new(kms_providers[:local]) if kms_providers.key?(:local)
|
|
59
|
+
return unless @aws.nil? && @azure.nil? && @gcp.nil? && @kmip.nil? && @local.nil?
|
|
60
|
+
|
|
61
|
+
raise ArgumentError.new(
|
|
62
|
+
'KMS providers options must have one of the following keys: ' +
|
|
63
|
+
':aws, :azure, :gcp, :kmip, :local'
|
|
64
|
+
)
|
|
79
65
|
end
|
|
80
66
|
|
|
81
67
|
# Convert credentials object to a BSON document in libmongocrypt format.
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -42,8 +41,8 @@ module Mongo
|
|
|
42
41
|
# @api private
|
|
43
42
|
def_delegator :@opts, :empty?
|
|
44
43
|
|
|
45
|
-
FORMAT_HINT =
|
|
46
|
-
|
|
44
|
+
FORMAT_HINT = 'GCP KMS provider options must be in the format: ' +
|
|
45
|
+
"{ email: 'EMAIL', private_key: 'PRIVATE-KEY' }"
|
|
47
46
|
|
|
48
47
|
# Creates an GCP KMS credentials object form a parameters hash.
|
|
49
48
|
#
|
|
@@ -77,10 +76,10 @@ module Mongo
|
|
|
77
76
|
pkey = OpenSSL::PKey::RSA.new(private_key_opt)
|
|
78
77
|
# PEM it is, need to be converted to base64 encoded DER.
|
|
79
78
|
der = if pkey.respond_to?(:private_to_der)
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
79
|
+
pkey.private_to_der
|
|
80
|
+
else
|
|
81
|
+
pkey.to_der
|
|
82
|
+
end
|
|
84
83
|
Base64.encode64(der)
|
|
85
84
|
end
|
|
86
85
|
rescue OpenSSL::PKey::RSAError
|
|
@@ -91,7 +90,7 @@ module Mongo
|
|
|
91
90
|
private_key_opt
|
|
92
91
|
rescue OpenSSL::PKey::PKeyError
|
|
93
92
|
raise ArgumentError.new(
|
|
94
|
-
|
|
93
|
+
'The private_key option must be either either base64 encoded DER format, or PEM format.'
|
|
95
94
|
)
|
|
96
95
|
end
|
|
97
96
|
end
|
|
@@ -107,16 +106,15 @@ module Mongo
|
|
|
107
106
|
# @return [ BSON::Document ] Azure KMS credentials in libmongocrypt format.
|
|
108
107
|
def to_document
|
|
109
108
|
return BSON::Document.new if empty?
|
|
109
|
+
|
|
110
110
|
if access_token
|
|
111
111
|
BSON::Document.new({ accessToken: access_token })
|
|
112
112
|
else
|
|
113
113
|
BSON::Document.new({
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
unless endpoint.nil?
|
|
118
|
-
bson.update({ endpoint: endpoint })
|
|
119
|
-
end
|
|
114
|
+
email: email,
|
|
115
|
+
privateKey: BSON::Binary.new(private_key, :generic),
|
|
116
|
+
}).tap do |bson|
|
|
117
|
+
bson.update({ endpoint: endpoint }) unless endpoint.nil?
|
|
120
118
|
end
|
|
121
119
|
end
|
|
122
120
|
end
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -19,7 +18,7 @@ module Mongo
|
|
|
19
18
|
module Crypt
|
|
20
19
|
module KMS
|
|
21
20
|
module GCP
|
|
22
|
-
# This class retrieves
|
|
21
|
+
# This class retrieves GCP credentials using Google Compute Engine
|
|
23
22
|
# metadata host. This should be used when the driver is used on the
|
|
24
23
|
# Google Compute Engine instance.
|
|
25
24
|
#
|
|
@@ -45,22 +44,22 @@ module Mongo
|
|
|
45
44
|
resp = fetch_response(uri, req, timeout_holder)
|
|
46
45
|
if resp.code != '200'
|
|
47
46
|
raise KMS::CredentialsNotFound,
|
|
48
|
-
|
|
47
|
+
"GCE metadata host responded with code #{resp.code}"
|
|
49
48
|
end
|
|
50
49
|
parsed_resp = JSON.parse(resp.body)
|
|
51
50
|
parsed_resp.fetch('access_token')
|
|
52
51
|
rescue JSON::ParserError, KeyError => e
|
|
53
52
|
raise KMS::CredentialsNotFound,
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
|
|
53
|
+
"GCE metadata response is invalid: '#{resp.body}'; #{e.class}: #{e.message}"
|
|
54
|
+
rescue ::Timeout::Error, IOError, SystemCallError, SocketError => e
|
|
55
|
+
raise KMS::CredentialsNotFound,
|
|
56
|
+
"Could not receive GCP metadata response; #{e.class}: #{e.message}"
|
|
58
57
|
end
|
|
59
58
|
|
|
60
59
|
def self.fetch_response(uri, req, timeout_holder)
|
|
61
60
|
timeout_holder&.check_timeout!
|
|
62
61
|
if timeout_holder&.timeout?
|
|
63
|
-
::Timeout.timeout(timeout_holder.remaining_timeout_sec, Error:TimeoutError) do
|
|
62
|
+
::Timeout.timeout(timeout_holder.remaining_timeout_sec, Error: TimeoutError) do
|
|
64
63
|
do_fetch(uri, req)
|
|
65
64
|
end
|
|
66
65
|
else
|
|
@@ -80,4 +79,3 @@ module Mongo
|
|
|
80
79
|
end
|
|
81
80
|
end
|
|
82
81
|
end
|
|
83
|
-
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -43,9 +42,9 @@ module Mongo
|
|
|
43
42
|
# @return [ String | nil ] GCP KMS endpoint.
|
|
44
43
|
attr_reader :endpoint
|
|
45
44
|
|
|
46
|
-
FORMAT_HINT =
|
|
47
|
-
|
|
48
|
-
|
|
45
|
+
FORMAT_HINT = 'GCP key document must be in the format: ' +
|
|
46
|
+
"{ project_id: 'PROJECT_ID', location: 'LOCATION', " +
|
|
47
|
+
"key_ring: 'KEY-RING', key_name: 'KEY-NAME' }"
|
|
49
48
|
|
|
50
49
|
# Creates a master key document object form a parameters hash.
|
|
51
50
|
#
|
|
@@ -77,19 +76,16 @@ module Mongo
|
|
|
77
76
|
# @return [ BSON::Document ] GCP KMS credentials in libmongocrypt format.
|
|
78
77
|
def to_document
|
|
79
78
|
return BSON::Document.new({}) if @empty
|
|
79
|
+
|
|
80
80
|
BSON::Document.new({
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
unless key_version.nil?
|
|
88
|
-
|
|
89
|
-
end
|
|
90
|
-
unless endpoint.nil?
|
|
91
|
-
bson.update({ endpoint: endpoint })
|
|
92
|
-
end
|
|
81
|
+
provider: 'gcp',
|
|
82
|
+
projectId: project_id,
|
|
83
|
+
location: location,
|
|
84
|
+
keyRing: key_ring,
|
|
85
|
+
keyName: key_name
|
|
86
|
+
}).tap do |bson|
|
|
87
|
+
bson.update({ keyVersion: key_version }) unless key_version.nil?
|
|
88
|
+
bson.update({ endpoint: endpoint }) unless endpoint.nil?
|
|
93
89
|
end
|
|
94
90
|
end
|
|
95
91
|
end
|
data/lib/mongo/crypt/kms/gcp.rb
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -18,4 +17,3 @@
|
|
|
18
17
|
require 'mongo/crypt/kms/gcp/credentials'
|
|
19
18
|
require 'mongo/crypt/kms/gcp/credentials_retriever'
|
|
20
19
|
require 'mongo/crypt/kms/gcp/master_document'
|
|
21
|
-
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -33,7 +32,7 @@ module Mongo
|
|
|
33
32
|
# @api private
|
|
34
33
|
def_delegator :@opts, :empty?
|
|
35
34
|
|
|
36
|
-
FORMAT_HINT =
|
|
35
|
+
FORMAT_HINT = 'KMIP KMS provider options must be in the format: ' +
|
|
37
36
|
"{ endpoint: 'ENDPOINT' }"
|
|
38
37
|
|
|
39
38
|
# Creates a KMIP KMS credentials object form a parameters hash.
|
|
@@ -46,9 +45,9 @@ module Mongo
|
|
|
46
45
|
# formatted.
|
|
47
46
|
def initialize(opts)
|
|
48
47
|
@opts = opts
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
48
|
+
return if empty?
|
|
49
|
+
|
|
50
|
+
@endpoint = validate_param(:endpoint, opts, FORMAT_HINT)
|
|
52
51
|
end
|
|
53
52
|
|
|
54
53
|
# Convert credentials object to a BSON document in libmongocrypt format.
|
|
@@ -56,13 +55,13 @@ module Mongo
|
|
|
56
55
|
# @return [ BSON::Document ] Local KMS credentials in libmongocrypt format.
|
|
57
56
|
def to_document
|
|
58
57
|
return BSON::Document.new({}) if empty?
|
|
58
|
+
|
|
59
59
|
BSON::Document.new({
|
|
60
|
-
|
|
61
|
-
|
|
60
|
+
endpoint: endpoint,
|
|
61
|
+
})
|
|
62
62
|
end
|
|
63
63
|
end
|
|
64
64
|
end
|
|
65
65
|
end
|
|
66
66
|
end
|
|
67
67
|
end
|
|
68
|
-
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -32,7 +31,7 @@ module Mongo
|
|
|
32
31
|
# @return [ String | nil ] KMIP KMS endpoint with optional port.
|
|
33
32
|
attr_reader :endpoint
|
|
34
33
|
|
|
35
|
-
FORMAT_HINT =
|
|
34
|
+
FORMAT_HINT = 'KMIP KMS key document must be in the format: ' +
|
|
36
35
|
"{ key_id: 'KEY-ID', endpoint: 'ENDPOINT' }"
|
|
37
36
|
|
|
38
37
|
# Creates a master key document object form a parameters hash.
|
|
@@ -60,8 +59,8 @@ module Mongo
|
|
|
60
59
|
# @return [ BSON::Document ] KMIP KMS credentials in libmongocrypt format.
|
|
61
60
|
def to_document
|
|
62
61
|
BSON::Document.new({
|
|
63
|
-
|
|
64
|
-
|
|
62
|
+
provider: 'kmip',
|
|
63
|
+
}).tap do |bson|
|
|
65
64
|
bson.update({ endpoint: endpoint }) unless endpoint.nil?
|
|
66
65
|
bson.update({ keyId: key_id }) unless key_id.nil?
|
|
67
66
|
end
|
|
@@ -71,4 +70,3 @@ module Mongo
|
|
|
71
70
|
end
|
|
72
71
|
end
|
|
73
72
|
end
|
|
74
|
-
|
data/lib/mongo/crypt/kms/kmip.rb
CHANGED
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -32,7 +31,7 @@ module Mongo
|
|
|
32
31
|
# @api private
|
|
33
32
|
def_delegator :@opts, :empty?
|
|
34
33
|
|
|
35
|
-
FORMAT_HINT =
|
|
34
|
+
FORMAT_HINT = 'Local KMS provider options must be in the format: ' +
|
|
36
35
|
"{ key: 'MASTER-KEY' }"
|
|
37
36
|
|
|
38
37
|
# Creates a local KMS credentials object form a parameters hash.
|
|
@@ -45,21 +44,21 @@ module Mongo
|
|
|
45
44
|
# formatted.
|
|
46
45
|
def initialize(opts)
|
|
47
46
|
@opts = opts
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
47
|
+
return if empty?
|
|
48
|
+
|
|
49
|
+
@key = validate_param(:key, opts, FORMAT_HINT)
|
|
51
50
|
end
|
|
52
51
|
|
|
53
52
|
# @return [ BSON::Document ] Local KMS credentials in libmongocrypt format.
|
|
54
53
|
def to_document
|
|
55
54
|
return BSON::Document.new({}) if empty?
|
|
55
|
+
|
|
56
56
|
BSON::Document.new({
|
|
57
|
-
|
|
58
|
-
|
|
57
|
+
key: BSON::Binary.new(@key, :generic),
|
|
58
|
+
})
|
|
59
59
|
end
|
|
60
60
|
end
|
|
61
61
|
end
|
|
62
62
|
end
|
|
63
63
|
end
|
|
64
64
|
end
|
|
65
|
-
|
|
@@ -1,5 +1,4 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
|
-
# rubocop:todo all
|
|
3
2
|
|
|
4
3
|
# Copyright (C) 2019-2021 MongoDB Inc.
|
|
5
4
|
#
|
|
@@ -23,21 +22,18 @@ module Mongo
|
|
|
23
22
|
#
|
|
24
23
|
# @api private
|
|
25
24
|
class MasterKeyDocument
|
|
26
|
-
|
|
27
25
|
# Creates a master key document object form a parameters hash.
|
|
28
26
|
# This empty method is to keep a uniform interface for all KMS providers.
|
|
29
|
-
def initialize(_opts)
|
|
30
|
-
end
|
|
27
|
+
def initialize(_opts); end
|
|
31
28
|
|
|
32
29
|
# Convert master key document object to a BSON document in libmongocrypt format.
|
|
33
30
|
#
|
|
34
31
|
# @return [ BSON::Document ] Local KMS credentials in libmongocrypt format.
|
|
35
32
|
def to_document
|
|
36
|
-
BSON::Document.new({ provider:
|
|
33
|
+
BSON::Document.new({ provider: 'local' })
|
|
37
34
|
end
|
|
38
35
|
end
|
|
39
36
|
end
|
|
40
37
|
end
|
|
41
38
|
end
|
|
42
39
|
end
|
|
43
|
-
|