mongodb 3.2.5 → 3.3.0-beta2

package/lib/core/connection/connect.js

@@ -0,0 +1,370 @@
+'use strict';
+const net = require('net');
+const tls = require('tls');
+const Connection = require('./connection');
+const Query = require('./commands').Query;
+const createClientInfo = require('../topologies/shared').createClientInfo;
+const MongoError = require('../error').MongoError;
+const MongoNetworkError = require('../error').MongoNetworkError;
+const defaultAuthProviders = require('../auth/defaultAuthProviders').defaultAuthProviders;
+const WIRE_CONSTANTS = require('../wireprotocol/constants');
+const MAX_SUPPORTED_WIRE_VERSION = WIRE_CONSTANTS.MAX_SUPPORTED_WIRE_VERSION;
+const MAX_SUPPORTED_SERVER_VERSION = WIRE_CONSTANTS.MAX_SUPPORTED_SERVER_VERSION;
+const MIN_SUPPORTED_WIRE_VERSION = WIRE_CONSTANTS.MIN_SUPPORTED_WIRE_VERSION;
+const MIN_SUPPORTED_SERVER_VERSION = WIRE_CONSTANTS.MIN_SUPPORTED_SERVER_VERSION;
+let AUTH_PROVIDERS;
+
+function connect(options, callback) {
+  if (AUTH_PROVIDERS == null) {
+    AUTH_PROVIDERS = defaultAuthProviders(options.bson);
+  }
+
+  if (options.family !== void 0) {
+    makeConnection(options.family, options, (err, socket) => {
+      if (err) {
+        callback(err, socket); // in the error case, `socket` is the originating error event name
+        return;
+      }
+
+      performInitialHandshake(new Connection(socket, options), options, callback);
+    });
+
+    return;
+  }
+
+  return makeConnection(6, options, (err, ipv6Socket) => {
+    if (err) {
+      makeConnection(4, options, (err, ipv4Socket) => {
+        if (err) {
+          callback(err, ipv4Socket); // in the error case, `ipv4Socket` is the originating error event name
+          return;
+        }
+
+        performInitialHandshake(new Connection(ipv4Socket, options), options, callback);
+      });
+
+      return;
+    }
+
+    performInitialHandshake(new Connection(ipv6Socket, options), options, callback);
+  });
+}
+
+function getSaslSupportedMechs(options) {
+  if (!(options && options.credentials)) {
+    return {};
+  }
+
+  const credentials = options.credentials;
+
+  // TODO: revisit whether or not items like `options.user` and `options.dbName` should be checked here
+  const authMechanism = credentials.mechanism;
+  const authSource = credentials.source || options.dbName || 'admin';
+  const user = credentials.username || options.user;
+
+  if (typeof authMechanism === 'string' && authMechanism.toUpperCase() !== 'DEFAULT') {
+    return {};
+  }
+
+  if (!user) {
+    return {};
+  }
+
+  return { saslSupportedMechs: `${authSource}.${user}` };
+}
+
+function checkSupportedServer(ismaster, options) {
+  const serverVersionHighEnough =
+    ismaster &&
+    typeof ismaster.maxWireVersion === 'number' &&
+    ismaster.maxWireVersion >= MIN_SUPPORTED_WIRE_VERSION;
+  const serverVersionLowEnough =
+    ismaster &&
+    typeof ismaster.minWireVersion === 'number' &&
+    ismaster.minWireVersion <= MAX_SUPPORTED_WIRE_VERSION;
+
+  if (serverVersionHighEnough) {
+    if (serverVersionLowEnough) {
+      return null;
+    }
+
+    const message = `Server at ${options.host}:${options.port} reports minimum wire version ${
+      ismaster.minWireVersion
+    }, but this version of the Node.js Driver requires at most ${MAX_SUPPORTED_WIRE_VERSION} (MongoDB ${MAX_SUPPORTED_SERVER_VERSION})`;
+    return new MongoError(message);
+  }
+
+  const message = `Server at ${options.host}:${
+    options.port
+  } reports maximum wire version ${ismaster.maxWireVersion ||
+    0}, but this version of the Node.js Driver requires at least ${MIN_SUPPORTED_WIRE_VERSION} (MongoDB ${MIN_SUPPORTED_SERVER_VERSION})`;
+  return new MongoError(message);
+}
+
+function performInitialHandshake(conn, options, _callback) {
+  const callback = function(err, ret) {
+    if (err && conn) {
+      conn.destroy();
+    }
+    _callback(err, ret);
+  };
+
+  let compressors = [];
+  if (options.compression && options.compression.compressors) {
+    compressors = options.compression.compressors;
+  }
+
+  const handshakeDoc = Object.assign(
+    {
+      ismaster: true,
+      client: createClientInfo(options),
+      compression: compressors
+    },
+    getSaslSupportedMechs(options)
+  );
+
+  const start = new Date().getTime();
+  runCommand(conn, 'admin.$cmd', handshakeDoc, options, (err, ismaster) => {
+    if (err) {
+      callback(err, null);
+      return;
+    }
+
+    if (ismaster.ok === 0) {
+      callback(new MongoError(ismaster), null);
+      return;
+    }
+
+    const supportedServerErr = checkSupportedServer(ismaster, options);
+    if (supportedServerErr) {
+      callback(supportedServerErr, null);
+      return;
+    }
+
+    // resolve compression
+    if (ismaster.compression) {
+      const agreedCompressors = compressors.filter(
+        compressor => ismaster.compression.indexOf(compressor) !== -1
+      );
+
+      if (agreedCompressors.length) {
+        conn.agreedCompressor = agreedCompressors[0];
+      }
+
+      if (options.compression && options.compression.zlibCompressionLevel) {
+        conn.zlibCompressionLevel = options.compression.zlibCompressionLevel;
+      }
+    }
+
+    // NOTE: This is metadata attached to the connection while porting away from
+    //       handshake being done in the `Server` class. Likely, it should be
+    //       relocated, or at very least restructured.
+    conn.ismaster = ismaster;
+    conn.lastIsMasterMS = new Date().getTime() - start;
+
+    const credentials = options.credentials;
+    if (!ismaster.arbiterOnly && credentials) {
+      credentials.resolveAuthMechanism(ismaster);
+      authenticate(conn, credentials, callback);
+      return;
+    }
+
+    callback(null, conn);
+  });
+}
+
+const LEGAL_SSL_SOCKET_OPTIONS = [
+  'pfx',
+  'key',
+  'passphrase',
+  'cert',
+  'ca',
+  'ciphers',
+  'NPNProtocols',
+  'ALPNProtocols',
+  'servername',
+  'ecdhCurve',
+  'secureProtocol',
+  'secureContext',
+  'session',
+  'minDHSize',
+  'crl',
+  'rejectUnauthorized'
+];
+
+function parseConnectOptions(family, options) {
+  const host = typeof options.host === 'string' ? options.host : 'localhost';
+  if (host.indexOf('/') !== -1) {
+    return { path: host };
+  }
+
+  const result = {
+    family,
+    host,
+    port: typeof options.port === 'number' ? options.port : 27017,
+    rejectUnauthorized: false
+  };
+
+  return result;
+}
+
+function parseSslOptions(family, options) {
+  const result = parseConnectOptions(family, options);
+
+  // Merge in valid SSL options
+  for (const name in options) {
+    if (options[name] != null && LEGAL_SSL_SOCKET_OPTIONS.indexOf(name) !== -1) {
+      result[name] = options[name];
+    }
+  }
+
+  // Override checkServerIdentity behavior
+  if (options.checkServerIdentity === false) {
+    // Skip the identiy check by retuning undefined as per node documents
+    // https://nodejs.org/api/tls.html#tls_tls_connect_options_callback
+    result.checkServerIdentity = function() {
+      return undefined;
+    };
+  } else if (typeof options.checkServerIdentity === 'function') {
+    result.checkServerIdentity = options.checkServerIdentity;
+  }
+
+  // Set default sni servername to be the same as host
+  if (result.servername == null) {
+    result.servername = result.host;
+  }
+
+  return result;
+}
+
+function makeConnection(family, options, _callback) {
+  const useSsl = typeof options.ssl === 'boolean' ? options.ssl : false;
+  const keepAlive = typeof options.keepAlive === 'boolean' ? options.keepAlive : true;
+  let keepAliveInitialDelay =
+    typeof options.keepAliveInitialDelay === 'number' ? options.keepAliveInitialDelay : 300000;
+  const noDelay = typeof options.noDelay === 'boolean' ? options.noDelay : true;
+  const connectionTimeout =
+    typeof options.connectionTimeout === 'number' ? options.connectionTimeout : 30000;
+  const socketTimeout = typeof options.socketTimeout === 'number' ? options.socketTimeout : 360000;
+  const rejectUnauthorized =
+    typeof options.rejectUnauthorized === 'boolean' ? options.rejectUnauthorized : true;
+
+  if (keepAliveInitialDelay > socketTimeout) {
+    keepAliveInitialDelay = Math.round(socketTimeout / 2);
+  }
+
+  let socket;
+  const callback = function(err, ret) {
+    if (err && socket) {
+      socket.destroy();
+    }
+    _callback(err, ret);
+  };
+
+  try {
+    if (useSsl) {
+      socket = tls.connect(parseSslOptions(family, options));
+      if (typeof socket.disableRenegotiation === 'function') {
+        socket.disableRenegotiation();
+      }
+    } else {
+      socket = net.createConnection(parseConnectOptions(family, options));
+    }
+  } catch (err) {
+    return callback(err);
+  }
+
+  socket.setKeepAlive(keepAlive, keepAliveInitialDelay);
+  socket.setTimeout(connectionTimeout);
+  socket.setNoDelay(noDelay);
+
+  const errorEvents = ['error', 'close', 'timeout', 'parseError'];
+  function errorHandler(eventName) {
+    return err => {
+      errorEvents.forEach(event => socket.removeAllListeners(event));
+      socket.removeListener('connect', connectHandler);
+      callback(connectionFailureError(eventName, err), eventName);
+    };
+  }
+
+  function connectHandler() {
+    errorEvents.forEach(event => socket.removeAllListeners(event));
+    if (socket.authorizationError && rejectUnauthorized) {
+      return callback(socket.authorizationError);
+    }
+
+    socket.setTimeout(socketTimeout);
+    callback(null, socket);
+  }
+
+  socket.once('error', errorHandler('error'));
+  socket.once('close', errorHandler('close'));
+  socket.once('timeout', errorHandler('timeout'));
+  socket.once('parseError', errorHandler('parseError'));
+  socket.once('connect', connectHandler);
+}
+
+const CONNECTION_ERROR_EVENTS = ['error', 'close', 'timeout', 'parseError'];
+function runCommand(conn, ns, command, options, callback) {
+  if (typeof options === 'function') (callback = options), (options = {});
+  const socketTimeout = typeof options.socketTimeout === 'number' ? options.socketTimeout : 360000;
+  const bson = conn.options.bson;
+  const query = new Query(bson, ns, command, {
+    numberToSkip: 0,
+    numberToReturn: 1
+  });
+
+  function errorHandler(err) {
+    conn.resetSocketTimeout();
+    CONNECTION_ERROR_EVENTS.forEach(eventName => conn.removeListener(eventName, errorHandler));
+    conn.removeListener('message', messageHandler);
+    callback(err, null);
+  }
+
+  function messageHandler(msg) {
+    if (msg.responseTo !== query.requestId) {
+      return;
+    }
+
+    conn.resetSocketTimeout();
+    CONNECTION_ERROR_EVENTS.forEach(eventName => conn.removeListener(eventName, errorHandler));
+    conn.removeListener('message', messageHandler);
+
+    msg.parse({ promoteValues: true });
+    callback(null, msg.documents[0]);
+  }
+
+  conn.setSocketTimeout(socketTimeout);
+  CONNECTION_ERROR_EVENTS.forEach(eventName => conn.once(eventName, errorHandler));
+  conn.on('message', messageHandler);
+  conn.write(query.toBin());
+}
+
+function authenticate(conn, credentials, callback) {
+  const mechanism = credentials.mechanism;
+  if (!AUTH_PROVIDERS[mechanism]) {
+    callback(new MongoError(`authMechanism '${mechanism}' not supported`));
+    return;
+  }
+
+  const provider = AUTH_PROVIDERS[mechanism];
+  provider.auth(runCommand, [conn], credentials, err => {
+    if (err) return callback(err);
+    callback(null, conn);
+  });
+}
+
+function connectionFailureError(type, err) {
+  switch (type) {
+    case 'error':
+      return new MongoNetworkError(err);
+    case 'timeout':
+      return new MongoNetworkError(`connection timed out`);
+    case 'close':
+      return new MongoNetworkError(`connection closed`);
+    default:
+      return new MongoNetworkError(`unknown network error`);
+  }
+}
+
+module.exports = connect;