diff --git a/Gopkg.lock b/Gopkg.lock index c6c43c89e..939b6bd1d 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -144,7 +144,7 @@ version = "v0.0.4" [[projects]] - digest = "1:f261a553bab9a3563efafc931b488cee4ffc947b3d9451c6106ac12b6e448b33" + digest = "1:c15623a1b3ae959bbc8044210912a3fcdb21d2cfc1be11e11327e1d405b2d75f" name = "github.com/mongodb/mongo-tools-common" packages = [ "archive", @@ -166,8 +166,8 @@ "util", ] pruneopts = "T" - revision = "7429375e93a3bf276d9a997eac284640e5010065" - version = "v4.0.3" + revision = "c58e80ae30ceed308463dde4645e55595caf9791" + version = "v4.0.4" [[projects]] digest = "1:f363c75e8cac5653bc5c0c2b90cbd8a522fdc48c13a5f8d85078750f82d1a009" diff --git a/Gopkg.toml b/Gopkg.toml index 455aa7bc8..ea4055543 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -29,7 +29,7 @@ required = ["github.com/3rf/mongo-lint"] [[constraint]] name = "github.com/mongodb/mongo-tools-common" - version = "v4.0.3" + version = "v4.0.4" [[constraint]] name = "github.com/nsf/termbox-go" diff --git a/test/qa-tests/jstests/stat/stat_custom_headers.js b/test/qa-tests/jstests/stat/stat_custom_headers.js index 251762bdf..f874684c9 100644 --- a/test/qa-tests/jstests/stat/stat_custom_headers.js +++ b/test/qa-tests/jstests/stat/stat_custom_headers.js @@ -20,13 +20,13 @@ x = runMongoProgram.apply(this, ["mongostat", "--port", port, "-o", "host,conn,time", "-n", 4, "--humanReadable=false"].concat(commonToolArgs)); assert.eq(x, 0, "mongostat should succeed with -o and -n options"); - assert.eq.soon(5, function() { + assert.eq.soon(6, function() { rows = allShellRows(); return rows.length; - }, "expected 5 rows in mongostat output"); - assert.eq(statFields(rows[0]).join(), "host,conn,time", - "first row doesn't match 'host conn time'"); - assert.eq(statFields(rows[1]).length, 3, + }, "expected 6 rows in mongostat output"); + assert.eq(statFields(rows[1]).join(), "host,conn,time", + "second row doesn't match 'host conn time'"); + assert.eq(statFields(rows[2]).length, 3, "there should be exactly three entries for a row of this stat output"); clearRawMongoProgramOutput(); @@ -34,14 +34,14 @@ x = runMongoProgram.apply(this, ["mongostat", "--port", port, "-o", "host,conn,time", "-n", 4].concat(commonToolArgs)); assert.eq(x, 0, "mongostat should succeed with -o and -n options"); - assert.eq.soon(5, function() { + assert.eq.soon(6, function() { rows = allShellRows(); return rows.length; - }, "expected 5 rows in mongostat output"); - assert.eq(statFields(rows[0]).join(), "host,conn,time", - "first row doesn't match 'host conn time'"); - assert.eq(statFields(rows[1]).length, 5, - "there should be exactly five entries for a row of this stat output (time counts as three)"); + }, "expected 6 rows in mongostat output"); + assert.eq(statFields(rows[1]).join(), "host,conn,time", + "second row doesn't match 'host conn time'"); + assert.eq(statFields(rows[2]).length, 5, + "third row should have exactly five entries (time counts as three)"); clearRawMongoProgramOutput(); // basic -O @@ -49,7 +49,7 @@ "-O", "host", "-n", 4].concat(commonToolArgs)); assert.eq(x, 0, "mongostat should succeed with -o and -n options"); rows = allShellRows(); - var fields = statFields(rows[0]); + var fields = statFields(rows[1]); assert.eq(fields[fields.length-1], "host", "first row should end with added 'host' field"); clearRawMongoProgramOutput(); @@ -58,13 +58,13 @@ x = runMongoProgram.apply(this, ["mongostat", "--port", port, "-o", "host=H,conn=C,time=MYTiME", "-n", 4].concat(commonToolArgs)); assert.eq(x, 0, "mongostat should succeed with -o and -n options"); - assert.eq.soon(5, function() { + assert.eq.soon(6, function() { rows = allShellRows(); return rows.length; - }, "expected 5 rows in mongostat output"); - assert.eq(statFields(rows[0]).join(), "H,C,MYTiME", + }, "expected 6 rows in mongostat output"); + assert.eq(statFields(rows[1]).join(), "H,C,MYTiME", "first row doesn't match 'H C MYTiME'"); - assert.eq(statFields(rows[1]).length, 5, + assert.eq(statFields(rows[2]).length, 5, "there should be exactly five entries for a row of this stat output (time counts as three)"); clearRawMongoProgramOutput(); @@ -72,13 +72,13 @@ x = runMongoProgram.apply(this, ["mongostat", "--port", port, "-o", "host,conn,mem.bits", "-n", 4].concat(commonToolArgs)); assert.eq(x, 0, "mongostat should succeed with -o and -n options"); - assert.eq.soon(5, function() { + assert.eq.soon(6, function() { rows = allShellRows(); return rows.length; - }, "expected 5 rows in mongostat output"); - assert.eq(statFields(rows[0]).join(), "host,conn,mem.bits", + }, "expected 6 rows in mongostat output"); + assert.eq(statFields(rows[1]).join(), "host,conn,mem.bits", "first row doesn't match 'host time mem.bits'"); - fields = statFields(rows[1]); + fields = statFields(rows[2]); assert.eq(fields.length, 3, "there should be exactly three entries for a row of this stat output"); assert(fields[2] === "32" || fields[2] === "64", @@ -90,13 +90,13 @@ x = runMongoProgram.apply(this, ["mongostat", "--port", port, "-o", "host,conn=MYCoNN,mem.bits=BiTs", "-n", 4].concat(commonToolArgs)); assert.eq(x, 0, "mongostat should succeed with -o and -n options"); - assert.eq.soon(5, function() { + assert.eq.soon(6, function() { rows = allShellRows(); return rows.length; }, "expected 5 rows in mongostat output"); - assert.eq(statFields(rows[0]).join(), "host,MYCoNN,BiTs", + assert.eq(statFields(rows[1]).join(), "host,MYCoNN,BiTs", "first row doesn't match 'host MYTiME BiTs'"); - fields = statFields(rows[1]); + fields = statFields(rows[2]); assert.eq(fields.length, 3, "there should be exactly three entries for a row of this stat output"); assert(fields[2] === "32" || fields[2] === "64", diff --git a/test/qa-tests/jstests/top/mongotop_json.js b/test/qa-tests/jstests/top/mongotop_json.js index af8ed69cb..73e56c444 100644 --- a/test/qa-tests/jstests/top/mongotop_json.js +++ b/test/qa-tests/jstests/top/mongotop_json.js @@ -34,10 +34,10 @@ var testName = 'mongotop_json'; .concat(passthrough.args) .concat(sslOptions)); assert.eq(ret.exitCode, 0, 'failed 2'); - assert.eq.soon(rowcount, function() { + assert.eq.soon(rowcount + 1, function() { return ret.getOutput().split('\n').length; - }, "expected " + rowcount + " top results"); - ret.getOutput().split('\n').forEach(function(line) { + }, "expected " + (rowcount + 1) + " top results"); + ret.getOutput().split('\n').slice(1).forEach(function(line) { assert(typeof JSON.parse(extractJSON(line)) === 'object', 'invalid JSON 2'); }); diff --git a/test/qa-tests/jstests/top/mongotop_sharded.js b/test/qa-tests/jstests/top/mongotop_sharded.js index 07ab8e046..e0341b777 100644 --- a/test/qa-tests/jstests/top/mongotop_sharded.js +++ b/test/qa-tests/jstests/top/mongotop_sharded.js @@ -11,9 +11,9 @@ var testName = 'mongotop_sharded'; assert.strContains.soon(expectedError, getOutput, 'error message must appear at least once'); var shellOutput = getOutput(); jsTest.log('shell output: ' + shellOutput); - shellOutput.split('\n').forEach(function(line) { + shellOutput.split('\n').slice(1).forEach(function(line) { // check the displayed error message - assert.neq(line.match(expectedError), null, 'unexpeced error message'); + assert.neq(line.match(expectedError), null, 'unexpected error message'); }); }; diff --git a/vendor/github.com/mongodb/mongo-tools-common/db/db.go b/vendor/github.com/mongodb/mongo-tools-common/db/db.go index 1ad1f04f7..cc640fc26 100644 --- a/vendor/github.com/mongodb/mongo-tools-common/db/db.go +++ b/vendor/github.com/mongodb/mongo-tools-common/db/db.go @@ -426,7 +426,7 @@ func configureClient(opts options.ToolOptions) (*mongo.Client, error) { } tlsConfig := &tls.Config{} - if opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost { + if opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost || opts.TLSInsecure { tlsConfig.InsecureSkipVerify = true } diff --git a/vendor/github.com/mongodb/mongo-tools-common/options/options.go b/vendor/github.com/mongodb/mongo-tools-common/options/options.go index b4a99fd81..e059eda54 100644 --- a/vendor/github.com/mongodb/mongo-tools-common/options/options.go +++ b/vendor/github.com/mongodb/mongo-tools-common/options/options.go @@ -41,6 +41,8 @@ func ConflictingArgsErrorFormat(optionName, uriValue, cliValue, cliOptionName st return fmt.Errorf("Invalid Options: Cannot specify different %s in connection URI and command-line option (\"%s\" was specified in the URI and \"%s\" was specified in the %s option)", optionName, uriValue, cliValue, cliOptionName) } +const deprecationWarningSSLAllow = "WARNING: --sslAllowInvalidCertificates and --sslAllowInvalidHostnames are deprecated, please use --tlsInsecure instead" + // Struct encompassing all of the options that are reused across tools: "help", // "version", verbosity settings, ssl settings, etc. type ToolOptions struct { @@ -155,9 +157,10 @@ type SSL struct { SSLPEMKeyFile string `long:"sslPEMKeyFile" value-name:"" description:"the .pem file containing the certificate and key"` SSLPEMKeyPassword string `long:"sslPEMKeyPassword" value-name:"" description:"the password to decrypt the sslPEMKeyFile, if necessary"` SSLCRLFile string `long:"sslCRLFile" value-name:"" description:"the .pem file containing the certificate revocation list"` - SSLAllowInvalidCert bool `long:"sslAllowInvalidCertificates" description:"bypass the validation for server certificates"` - SSLAllowInvalidHost bool `long:"sslAllowInvalidHostnames" description:"bypass the validation for server name"` + SSLAllowInvalidCert bool `long:"sslAllowInvalidCertificates" hidden:"true" description:"bypass the validation for server certificates"` + SSLAllowInvalidHost bool `long:"sslAllowInvalidHostnames" hidden:"true" description:"bypass the validation for server name"` SSLFipsMode bool `long:"sslFIPSMode" description:"use FIPS mode of the installed openssl library"` + TLSInsecure bool `long:"tlsInsecure" description:"bypass the validation for server's certificate chain and host name"` } // Struct holding auth-related options @@ -428,6 +431,10 @@ func (opts *ToolOptions) ParseArgs(args []string) ([]string, error) { return []string{}, err } + if opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost { + log.Logvf(log.Always, deprecationWarningSSLAllow) + } + if opts.parsePositionalArgsAsURI { args, err = opts.setURIFromPositionalArg(args) if err != nil { @@ -801,18 +808,19 @@ func (opts *ToolOptions) setOptionsFromURI(cs connstring.ConnString) error { // ignore (opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost) being false due to zero-value problem (TOOLS-2459 PR for details) // Have cs take precedence in cases where it is unclear - if (opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost) && cs.SSLInsecureSet { + if (opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost || opts.TLSInsecure) && cs.SSLInsecureSet { if !cs.SSLInsecure { return ConflictingArgsErrorFormat("sslInsecure or tlsInsecure", "false", "true", "--sslAllowInvalidCert or --sslAllowInvalidHost") } } - if (opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost) && !cs.SSLInsecureSet { + if (opts.SSLAllowInvalidCert || opts.SSLAllowInvalidHost || opts.TLSInsecure) && !cs.SSLInsecureSet { cs.SSLInsecure = true cs.SSLInsecureSet = true } - if (!opts.SSLAllowInvalidCert && !opts.SSLAllowInvalidHost) && cs.SSLInsecureSet { + if (!opts.SSLAllowInvalidCert && !opts.SSLAllowInvalidHost || !opts.TLSInsecure) && cs.SSLInsecureSet { opts.SSLAllowInvalidCert = cs.SSLInsecure opts.SSLAllowInvalidHost = cs.SSLInsecure + opts.TLSInsecure = cs.SSLInsecure } if strings.ToLower(cs.AuthMechanism) == "gssapi" {