mongodb 3.6.5 → 3.6.6

package/HISTORY.md

@@ -2,6 +2,19 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+### [3.6.6](https://github.com/mongodb/node-mongodb-native/compare/v3.6.5...v3.6.6) (2021-04-06)
+
+
+### Bug Fixes
+
+* always close gridfs upload stream on finish ([#2758](https://github.com/mongodb/node-mongodb-native/issues/2758)) ([c976a01](https://github.com/mongodb/node-mongodb-native/commit/c976a01bf385941bee07fa7f021adf1d425109a8))
+* **csfle:** ensure that monitoring connections are not encrypted ([#2749](https://github.com/mongodb/node-mongodb-native/issues/2749)) ([86bddf1](https://github.com/mongodb/node-mongodb-native/commit/86bddf1ef516d6b8c752082e33c15624753579ab))
+* ensure cursor readPreference is applied to find operations ([#2751](https://github.com/mongodb/node-mongodb-native/issues/2751)) ([91ba19e](https://github.com/mongodb/node-mongodb-native/commit/91ba19efdc4713903584c6161cfdd7b91b0e61f9))
+* ensure monitor has rtt pinger in when calculating rtt ([#2757](https://github.com/mongodb/node-mongodb-native/issues/2757)) ([b94519b](https://github.com/mongodb/node-mongodb-native/commit/b94519ba894b4442d3dabbac59bd12784d8b7178))
+* no infinite loop on windows requiring optional deps ([f2a4ff8](https://github.com/mongodb/node-mongodb-native/commit/f2a4ff870178fbbe8de616c45891368665f29f4b))
+* **NODE-2995:** Add shared metadata MongoClient ([#2760](https://github.com/mongodb/node-mongodb-native/issues/2760)) ([9256242](https://github.com/mongodb/node-mongodb-native/commit/9256242d51c037059c0af5ada9639fc0a74ad033))
+* **NODE-3109:** prevent servername from being IP ([#2763](https://github.com/mongodb/node-mongodb-native/issues/2763)) ([312ffef](https://github.com/mongodb/node-mongodb-native/commit/312ffef18c66a0020f19bdc1d654987d9148d709))
+
 ### [3.6.5](https://github.com/mongodb/node-mongodb-native/compare/v3.6.4...v3.6.5) (2021-03-16)
 
 

package/lib/core/connection/connect.js

@@ -243,7 +243,7 @@ function parseSslOptions(family, options) {
   }
 
   // Set default sni servername to be the same as host
-  if (result.servername == null) {
+  if (result.servername == null && !net.isIP(result.host)) {
     result.servername = result.host;
   }
 

package/lib/core/connection/utils.js

@@ -1,9 +1,9 @@
 'use strict';
 
-const require_optional = require('require_optional');
+const require_optional = require('optional-require')(require);
 
 function debugOptions(debugFields, options) {
-  var finaloptions = {};
+  const finaloptions = {};
   debugFields.forEach(function(n) {
     finaloptions[n] = options[n];
   });
@@ -12,16 +12,14 @@ function debugOptions(debugFields, options) {
 }
 
 function retrieveBSON() {
-  var BSON = require('bson');
+  const BSON = require('bson');
   BSON.native = false;
 
-  try {
-    var optionalBSON = require_optional('bson-ext');
-    if (optionalBSON) {
-      optionalBSON.native = true;
-      return optionalBSON;
-    }
-  } catch (err) {} // eslint-disable-line
+  const optionalBSON = require_optional('bson-ext');
+  if (optionalBSON) {
+    optionalBSON.native = true;
+    return optionalBSON;
+  }
 
   return BSON;
 }
@@ -35,10 +33,7 @@ function noSnappyWarning() {
 
 // Facilitate loading Snappy optionally
 function retrieveSnappy() {
-  var snappy = null;
-  try {
-    snappy = require_optional('snappy');
-  } catch (error) {} // eslint-disable-line
+  let snappy = require_optional('snappy');
   if (!snappy) {
     snappy = {
       compress: noSnappyWarning,

package/lib/core/index.js

@@ -1,7 +1,7 @@
 'use strict';
 
 let BSON = require('bson');
-const require_optional = require('require_optional');
+const require_optional = require('optional-require')(require);
 const EJSON = require('./utils').retrieveEJSON();
 
 try {

package/lib/core/sdam/monitor.js

@@ -91,6 +91,10 @@ class Monitor extends EventEmitter {
 
     // ensure no authentication is used for monitoring
     delete connectOptions.credentials;
+
+    // ensure encryption is not requested for monitoring
+    delete connectOptions.autoEncrypter;
+
     this.connectOptions = Object.freeze(connectOptions);
   }
 
@@ -222,9 +226,10 @@ function checkServer(monitor, callback) {
       }
 
       const isMaster = result.result;
-      const duration = isAwaitable
-        ? monitor[kRTTPinger].roundTripTime
-        : calculateDurationInMs(start);
+      const rttPinger = monitor[kRTTPinger];
+
+      const duration =
+        isAwaitable && rttPinger ? rttPinger.roundTripTime : calculateDurationInMs(start);
 
       monitor.emit(
         'serverHeartbeatSucceeded',

package/lib/core/utils.js

@@ -1,7 +1,7 @@
 'use strict';
 const os = require('os');
 const crypto = require('crypto');
-const requireOptional = require('require_optional');
+const requireOptional = require('optional-require')(require);
 
 /**
  * Generate a UUIDv4
@@ -46,10 +46,7 @@ const noEJSONError = function() {
 
 // Facilitate loading EJSON optionally
 function retrieveEJSON() {
-  let EJSON = null;
-  try {
-    EJSON = requireOptional('mongodb-extjson');
-  } catch (error) {} // eslint-disable-line
+  let EJSON = requireOptional('mongodb-extjson');
   if (!EJSON) {
     EJSON = {
       parse: noEJSONError,

package/lib/encrypter.js

@@ -0,0 +1,163 @@
+'use strict';
+const MongoClient = require('./mongo_client');
+const BSON = require('./core/connection/utils').retrieveBSON();
+const MongoError = require('./core/error').MongoError;
+
+try {
+  require.resolve('mongodb-client-encryption');
+} catch (err) {
+  throw new MongoError(
+    'Auto-encryption requested, but the module is not installed. ' +
+      'Please add `mongodb-client-encryption` as a dependency of your project'
+  );
+}
+
+const mongodbClientEncryption = require('mongodb-client-encryption');
+if (typeof mongodbClientEncryption.extension !== 'function') {
+  throw new MongoError(
+    'loaded version of `mongodb-client-encryption` does not have property `extension`. ' +
+      'Please make sure you are loading the correct version of `mongodb-client-encryption`'
+  );
+}
+const AutoEncrypter = mongodbClientEncryption.extension(require('../index')).AutoEncrypter;
+
+const kInternalClient = Symbol('internalClient');
+
+class Encrypter {
+  /**
+   * @param {MongoClient} client
+   * @param {{autoEncryption: import('./mongo_client').AutoEncryptionOptions, bson: object}} options
+   */
+  constructor(client, options) {
+    this.bypassAutoEncryption = !!options.autoEncryption.bypassAutoEncryption;
+    this.needsConnecting = false;
+
+    if (options.maxPoolSize === 0 && options.autoEncryption.keyVaultClient == null) {
+      options.autoEncryption.keyVaultClient = client;
+    } else if (options.autoEncryption.keyVaultClient == null) {
+      options.autoEncryption.keyVaultClient = this.getInternalClient(client);
+    }
+
+    if (this.bypassAutoEncryption) {
+      options.autoEncryption.metadataClient = undefined;
+    } else if (options.maxPoolSize === 0) {
+      options.autoEncryption.metadataClient = client;
+    } else {
+      options.autoEncryption.metadataClient = this.getInternalClient(client);
+    }
+
+    options.autoEncryption.bson = Encrypter.makeBSON(options);
+
+    this.autoEncrypter = new AutoEncrypter(client, options.autoEncryption);
+  }
+
+  getInternalClient(client) {
+    if (!this[kInternalClient]) {
+      const clonedOptions = {};
+
+      for (const key of Object.keys(client.s.options)) {
+        if (
+          ['autoEncryption', 'minPoolSize', 'servers', 'caseTranslate', 'dbName'].indexOf(key) !==
+          -1
+        )
+          continue;
+        clonedOptions[key] = client.s.options[key];
+      }
+
+      clonedOptions.minPoolSize = 0;
+
+      const allEvents = [
+        // APM
+        'commandStarted',
+        'commandSucceeded',
+        'commandFailed',
+
+        // SDAM
+        'serverOpening',
+        'serverClosed',
+        'serverDescriptionChanged',
+        'serverHeartbeatStarted',
+        'serverHeartbeatSucceeded',
+        'serverHeartbeatFailed',
+        'topologyOpening',
+        'topologyClosed',
+        'topologyDescriptionChanged',
+
+        // Legacy
+        'joined',
+        'left',
+        'ping',
+        'ha',
+
+        // CMAP
+        'connectionPoolCreated',
+        'connectionPoolClosed',
+        'connectionCreated',
+        'connectionReady',
+        'connectionClosed',
+        'connectionCheckOutStarted',
+        'connectionCheckOutFailed',
+        'connectionCheckedOut',
+        'connectionCheckedIn',
+        'connectionPoolCleared'
+      ];
+
+      this[kInternalClient] = new MongoClient(client.s.url, clonedOptions);
+
+      for (const eventName of allEvents) {
+        for (const listener of client.listeners(eventName)) {
+          this[kInternalClient].on(eventName, listener);
+        }
+      }
+
+      client.on('newListener', (eventName, listener) => {
+        this[kInternalClient].on(eventName, listener);
+      });
+
+      this.needsConnecting = true;
+    }
+    return this[kInternalClient];
+  }
+
+  connectInternalClient(callback) {
+    if (this.needsConnecting) {
+      this.needsConnecting = false;
+      return this[kInternalClient].connect(callback);
+    }
+
+    return callback();
+  }
+
+  close(client, force, callback) {
+    this.autoEncrypter.teardown(e => {
+      if (this[kInternalClient] && client !== this[kInternalClient]) {
+        return this[kInternalClient].close(force, callback);
+      }
+      callback(e);
+    });
+  }
+
+  static makeBSON(options) {
+    return (
+      (options || {}).bson ||
+      new BSON([
+        BSON.Binary,
+        BSON.Code,
+        BSON.DBRef,
+        BSON.Decimal128,
+        BSON.Double,
+        BSON.Int32,
+        BSON.Long,
+        BSON.Map,
+        BSON.MaxKey,
+        BSON.MinKey,
+        BSON.ObjectId,
+        BSON.BSONRegExp,
+        BSON.Symbol,
+        BSON.Timestamp
+      ])
+    );
+  }
+}
+
+module.exports = { Encrypter };

package/lib/gridfs-stream/upload.js

@@ -284,6 +284,7 @@ function checkDone(_this, callback) {
         return __handleError(_this, error, callback);
       }
       _this.emit('finish', filesDoc);
+      _this.emit('close');
     });
 
     return true;

package/lib/mongo_client.js

@@ -71,6 +71,24 @@ const validOptions = require('./operations/connect').validOptions;
  * @property {string} [platform] Optional platform information
  */
 
+/**
+ * @public
+ * @typedef AutoEncryptionOptions
+ * @property {MongoClient} [keyVaultClient] A `MongoClient` used to fetch keys from a key vault
+ * @property {string} [keyVaultNamespace] The namespace where keys are stored in the key vault
+ * @property {object} [kmsProviders] Configuration options that are used by specific KMS providers during key generation, encryption, and decryption.
+ * @property {object} [schemaMap] A map of namespaces to a local JSON schema for encryption
+ *
+ * > **NOTE**: Supplying options.schemaMap provides more security than relying on JSON Schemas obtained from the server.
+ * > It protects against a malicious server advertising a false JSON Schema, which could trick the client into sending decrypted data that should be encrypted.
+ * > Schemas supplied in the schemaMap only apply to configuring automatic encryption for client side encryption.
+ * > Other validation rules in the JSON schema will not be enforced by the driver and will result in an error.
+ *
+ * @property {object} [options] An optional hook to catch logging messages from the underlying encryption engine
+ * @property {object} [extraOptions]
+ * @property {boolean} [bypassAutoEncryption]
+ */
+
 /**
  * Creates a new MongoClient instance
  * @class
@@ -151,7 +169,18 @@ const validOptions = require('./operations/connect').validOptions;
  * @param {number} [options.minPoolSize=0] **Only applies to the unified topology** The minimum number of connections that MUST exist at any moment in a single connection pool.
  * @param {number} [options.maxIdleTimeMS] **Only applies to the unified topology** The maximum amount of time a connection should remain idle in the connection pool before being marked idle. The default is infinity.
  * @param {number} [options.waitQueueTimeoutMS=0] **Only applies to the unified topology** The maximum amount of time operation execution should wait for a connection to become available. The default is 0 which means there is no limit.
- * @param {AutoEncrypter~AutoEncryptionOptions} [options.autoEncryption] Optionally enable client side auto encryption
+ * @param {AutoEncryptionOptions} [options.autoEncryption] Optionally enable client side auto encryption.
+ *
+ * > Automatic encryption is an enterprise only feature that only applies to operations on a collection. Automatic encryption is not supported for operations on a database or view, and operations that are not bypassed will result in error
+ * > (see [libmongocrypt: Auto Encryption Allow-List](https://github.com/mongodb/specifications/blob/master/source/client-side-encryption/client-side-encryption.rst#libmongocrypt-auto-encryption-allow-list)). To bypass automatic encryption for all operations, set bypassAutoEncryption=true in AutoEncryptionOpts.
+ * >
+ * > Automatic encryption requires the authenticated user to have the [listCollections privilege action](https://docs.mongodb.com/manual/reference/command/listCollections/#dbcmd.listCollections).
+ * >
+ * > If a MongoClient with a limited connection pool size (i.e a non-zero maxPoolSize) is configured with AutoEncryptionOptions, a separate internal MongoClient is created if any of the following are true:
+ * > - AutoEncryptionOptions.keyVaultClient is not passed.
+ * > - AutoEncryptionOptions.bypassAutomaticEncryption is false.
+ * > If an internal MongoClient is created, it is configured with the same options as the parent MongoClient except minPoolSize is set to 0 and AutoEncryptionOptions is omitted.
+ *
  * @param {DriverInfoOptions} [options.driverInfo] Allows a wrapping driver to amend the client metadata generated by the driver to include information about the wrapping driver
  * @param {boolean} [options.directConnection=false] Enable directConnection
  * @param {MongoClient~connectCallback} [callback] The command result callback
@@ -162,6 +191,8 @@ function MongoClient(url, options) {
   // Set up event emitter
   EventEmitter.call(this);
 
+  if (options && options.autoEncryption) require('./encrypter'); // Does CSFLE lib check
+
   // The internal state
   this.s = {
     url: url,
@@ -268,13 +299,13 @@ MongoClient.prototype.close = function(force, callback) {
     }
 
     client.topology.close(force, err => {
-      const autoEncrypter = client.topology.s.options.autoEncrypter;
-      if (!autoEncrypter) {
-        completeClose(err);
-        return;
+      const encrypter = client.topology.s.options.encrypter;
+      if (encrypter) {
+        return encrypter.close(client, force, err2 => {
+          completeClose(err || err2);
+        });
       }
-
-      autoEncrypter.teardown(force, err2 => completeClose(err || err2));
+      completeClose(err);
     });
   });
 };

package/lib/operations/connect.js

@@ -16,7 +16,6 @@ const emitDeprecationWarning = require('../utils').emitDeprecationWarning;
 const emitWarningOnce = require('../utils').emitWarningOnce;
 const fs = require('fs');
 const WriteConcern = require('../write_concern');
-const BSON = require('../core/connection/utils').retrieveBSON();
 const CMAP_EVENT_NAMES = require('../cmap/events').CMAP_EVENT_NAMES;
 
 let client;
@@ -496,58 +495,9 @@ function createTopology(mongoClient, topologyType, options, callback) {
 
   // determine CSFLE support
   if (options.autoEncryption != null) {
-    let AutoEncrypter;
-    try {
-      require.resolve('mongodb-client-encryption');
-    } catch (err) {
-      callback(
-        new MongoError(
-          'Auto-encryption requested, but the module is not installed. Please add `mongodb-client-encryption` as a dependency of your project'
-        )
-      );
-      return;
-    }
-
-    try {
-      let mongodbClientEncryption = require('mongodb-client-encryption');
-      if (typeof mongodbClientEncryption.extension !== 'function') {
-        callback(
-          new MongoError(
-            'loaded version of `mongodb-client-encryption` does not have property `extension`. Please make sure you are loading the correct version of `mongodb-client-encryption`'
-          )
-        );
-      }
-      AutoEncrypter = mongodbClientEncryption.extension(require('../../index')).AutoEncrypter;
-    } catch (err) {
-      callback(err);
-      return;
-    }
-
-    const mongoCryptOptions = Object.assign(
-      {
-        bson:
-          options.bson ||
-          new BSON([
-            BSON.Binary,
-            BSON.Code,
-            BSON.DBRef,
-            BSON.Decimal128,
-            BSON.Double,
-            BSON.Int32,
-            BSON.Long,
-            BSON.Map,
-            BSON.MaxKey,
-            BSON.MinKey,
-            BSON.ObjectId,
-            BSON.BSONRegExp,
-            BSON.Symbol,
-            BSON.Timestamp
-          ])
-      },
-      options.autoEncryption
-    );
-
-    options.autoEncrypter = new AutoEncrypter(mongoClient, mongoCryptOptions);
+    const Encrypter = require('../encrypter').Encrypter;
+    options.encrypter = new Encrypter(mongoClient, options);
+    options.autoEncrypter = options.encrypter.autoEncrypter;
   }
 
   // Create the topology
@@ -585,7 +535,10 @@ function createTopology(mongoClient, topologyType, options, callback) {
           return;
         }
 
-        callback(undefined, topology);
+        options.encrypter.connectInternalClient(error => {
+          if (error) return callback(error);
+          callback(undefined, topology);
+        });
       });
     });
 

package/lib/operations/find.js

@@ -20,6 +20,9 @@ class FindOperation extends OperationBase {
     // copied from `CommandOperationV2`, to be subclassed in the future
     this.server = server;
 
+    // updates readPreference if setReadPreference was called on the cursor
+    this.readPreference = ReadPreference.resolve(this, this.options);
+
     if (typeof this.cmd.allowDiskUse !== 'undefined' && maxWireVersion(server) < 4) {
       callback(new MongoError('The `allowDiskUse` option is not supported on MongoDB < 3.2'));
       return;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mongodb",
-  "version": "3.6.5",
+  "version": "3.6.6",
   "description": "The official MongoDB driver for Node.js",
   "main": "index.js",
   "files": [
@@ -16,13 +16,6 @@
     "driver",
     "official"
   ],
-  "peerOptionalDependencies": {
-    "kerberos": "^1.1.0",
-    "mongodb-client-encryption": "^1.0.0",
-    "mongodb-extjson": "^2.1.2",
-    "snappy": "^6.3.4",
-    "bson-ext": "^2.0.0"
-  },
   "peerDependenciesMeta": {
     "kerberos": {
       "optional": true
@@ -47,7 +40,7 @@
     "bl": "^2.2.1",
     "bson": "^1.1.4",
     "denque": "^1.4.1",
-    "require_optional": "^1.0.1",
+    "optional-require": "^1.0.2",
     "safe-buffer": "^5.1.2"
   },
   "devDependencies": {