-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(NODE-6289): allow valid srv hostnames with less than 3 parts #4197
base: main
Are you sure you want to change the base?
Conversation
bda0451
to
586f7c0
Compare
|
||
describe( | ||
'Initial DNS Seedlist Discovery (Prose Tests)', | ||
{ requires: { topology: 'single' } }, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The metadata doesn't actually apply to context or describe blocks, only to it
blocks, if you check this against a replica set, it still runs.
Also, why do we only want these tests to run against single topologies?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure why I originally made it only single topologies, if it's running and working for all I'll remove this line.
client.close(); | ||
}); | ||
|
||
it('do not error on an SRV because it has two domain levels', async function () { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it('do not error on an SRV because it has two domain levels', async function () { | |
it('does not error on an SRV because it has two domain levels', async function () { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Made the change!
sinon.restore(); | ||
}); | ||
|
||
it('do not error on an SRV because it has one domain level', async function () { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it('do not error on an SRV because it has one domain level', async function () { | |
it('does not error on an SRV because it has one domain level', async function () { |
test/unit/utils.test.ts
Outdated
}); | ||
}); | ||
|
||
context('when SRV host ends with a dot', () => { | ||
it('accepts address if it ends with a dot', () => { | ||
expect(matchesParentDomain(exampleHostNamesWithDot, exampleSrvNameWithDot)).to.be.true; | ||
expect(() => checkParentDomainMatch(exampleHostNamesWithDot, exampleSrvNameWithDot)).to.not | ||
.throw; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
throw
is one of the few chai clauses that always needs to be called
.throw; | |
.throw(); |
test/unit/utils.test.ts
Outdated
expect(() => checkParentDomainMatch(exampleHostNameWithoutDot, exampleSrvName)).to.not | ||
.throw; | ||
}); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
expect(() => checkParentDomainMatch(exampleHostNameWithoutDot, exampleSrvName)).to.not | |
.throw; | |
}); | |
expect(() => checkParentDomainMatch(exampleHostNameWithoutDot, exampleSrvName)).to.not | |
.throw(); | |
}); |
test/unit/utils.test.ts
Outdated
}); | ||
}); | ||
|
||
context('when addresses in SRV record end without dots', () => { | ||
it('accepts address since it matches the parent domain', () => { | ||
expect(matchesParentDomain(exampleHostNamesWithDot, exampleSrvName)).to.be.true; | ||
expect(() => checkParentDomainMatch(exampleHostNamesWithDot, exampleSrvName)).to.not.throw; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
expect(() => checkParentDomainMatch(exampleHostNamesWithDot, exampleSrvName)).to.not.throw; | |
expect(() => checkParentDomainMatch(exampleHostNamesWithDot, exampleSrvName)).to.not.throw(); |
test/unit/utils.test.ts
Outdated
}); | ||
}); | ||
|
||
context('when addresses in SRV record end with a dot', () => { | ||
it('accepts address since it is considered to still match the parent domain', () => { | ||
expect(matchesParentDomain(exampleHostNamesWithDot, exampleSrvName)).to.be.true; | ||
expect(() => checkParentDomainMatch(exampleHostNamesWithDot, exampleSrvName)).to.not.throw; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
expect(() => checkParentDomainMatch(exampleHostNamesWithDot, exampleSrvName)).to.not.throw; | |
expect(() => checkParentDomainMatch(exampleHostNamesWithDot, exampleSrvName)).to.not.throw(); |
}); | ||
|
||
context( | ||
'When given a host from DNS resolution that does NOT end with the original SRVs domain name', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we add the number of the prose test. Makes it quicker to map from our test implementation to the test in the spec
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep, added them in!
import { topologyWithPlaceholderClient } from '../../tools/utils'; | ||
|
||
describe('Initial DNS Seedlist Discovery (Prose Tests)', () => { | ||
context('1) When running validation on an SRV string before DNS resolution', function () { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
context('1) When running validation on an SRV string before DNS resolution', function () { | |
context('1. When running validation on an SRV string before DNS resolution', function () { |
}); | ||
|
||
context( | ||
'2) When given a host from DNS resolution that does NOT end with the original SRVs domain name', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'2) When given a host from DNS resolution that does NOT end with the original SRVs domain name', | |
'2. When given a host from DNS resolution that does NOT end with the original SRVs domain name', |
); | ||
|
||
context( | ||
'3) When given a host from DNS resolution that is identical to the original SRVs hostname', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'3) When given a host from DNS resolution that is identical to the original SRVs hostname', | |
'3. When given a host from DNS resolution that is identical to the original SRVs hostname', |
|
||
it('does not error on an SRV because it has one domain level', async function () { | ||
const client = await this.configuration.newClient('mongodb+srv://localhost', {}); | ||
client.connect(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
be sure to await client.connect() and client.close()
client.connect(); | |
await client.connect(); |
it('does not error on an SRV because it has one domain level', async function () { | ||
const client = await this.configuration.newClient('mongodb+srv://localhost', {}); | ||
client.connect(); | ||
client.close(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For these tests, I'd move the client.close() call to an afterEach hook so that even if the connect fails, we clean up any resources created.
Description
Downstream changes for DRIVERS-2922 (PR).
What is changing?
Is there new documentation needed for these changes?
No
What is the motivation for this change?
Do not throw an error on valid URI formats pre-DNS resolution, and require stricter domain matching post-DNS resolution.
Release Highlight
Allow SRV hostnames with less than three
.
separated partsThe client now accepts SRV hostname strings with one or two
.
separated parts.For example, the following code no longer throws an error.
For security reasons, the returned addresses of SRV strings with less than three parts must end with the entire SRV hostname and contain at least one additional domain level. This is because this added validation ensures that the returned address(es) are from a known host. In future releases, we plan on extending this validation to SRV strings with three or more parts, as well.
Double check the following
npm run check:lint
scripttype(NODE-xxxx)[!]: description
feat(NODE-1234)!: rewriting everything in coffeescript