Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(NODE-6289): allow valid srv hostnames with less than 3 parts #4197

Merged
merged 24 commits into from
Oct 15, 2024
Merged

feat(NODE-6289): allow valid srv hostnames with less than 3 parts #4197

merged 24 commits into from
Oct 15, 2024

Conversation

aditi-khare-mongoDB
Copy link
Contributor

@aditi-khare-mongoDB aditi-khare-mongoDB commented Aug 15, 2024
edited by baileympearson
Loading

Description

Downstream changes for DRIVERS-2922 (PR).

What is changing?

  • Remove logic asserting that SRV URIs need 3 parts
  • When we check if a returned address matches its parent SRV, an SRV with <3 parts must assert that the returned address contains an additional domain level
  • Add in prose tests.
Is there new documentation needed for these changes?

No

What is the motivation for this change?

Do not throw an error on valid URI formats pre-DNS resolution, and require stricter domain matching post-DNS resolution.

Release Highlight

Allow SRV hostnames with less than three . separated parts

In an effort to make internal networking solutions easier to use like deployments using kubernetes, the client now accepts SRV hostname strings with one or two . separated parts.

await new MongoClient('mongodb+srv://mongodb.local').connect();

For security reasons, the returned addresses of SRV strings with less than three parts must end with the entire SRV hostname and contain at least one additional domain level. This is because this added validation ensures that the returned address(es) are from a known host. In future releases, we plan on extending this validation to SRV strings with three or more parts, as well.

// Example 1: Validation fails since the returned address doesn't end with the entire SRV hostname
'mongodb+srv://mySite.com' => 'myEvilSite.com' 

// Example 2: Validation fails since the returned address is identical to the SRV hostname
'mongodb+srv://mySite.com' => 'mySite.com' 

// Example 3: Validation passes since the returned address ends with the entire SRV hostname and contains an additional domain level
'mongodb+srv://mySite.com' => 'cluster_1.mySite.com'

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@aditi-khare-mongoDB aditi-khare-mongoDB mentioned this pull request Aug 15, 2024
Merged
4 tasks
@aditi-khare-mongoDB aditi-khare-mongoDB changed the title feat(NODE-6289): DRIVERS-2922 Downstream Changes PoC feat(NODE-6289): DRIVERS 2922 Downstream Changes PoC Aug 15, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB changed the title feat(NODE-6289): DRIVERS 2922 Downstream Changes PoC feat(NODE-6289): Allow valid SRV hostnames with less than 3 parts Sep 5, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB changed the title feat(NODE-6289): Allow valid SRV hostnames with less than 3 parts feat(NODE-6289): allow valid srv hostnames with less than 3 parts Sep 5, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB marked this pull request as ready for review September 19, 2024 15:45
@W-A-James W-A-James self-assigned this Sep 19, 2024
@W-A-James W-A-James self-requested a review September 19, 2024 15:47
@W-A-James W-A-James added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Sep 19, 2024
W-A-James
W-A-James requested changes Sep 19, 2024
View reviewed changes
test/integration/initial-dns-seedlist-discovery/initial_dns_seedlist_discovery.prose.test.ts Outdated Show resolved Hide resolved
test/integration/initial-dns-seedlist-discovery/initial_dns_seedlist_discovery.prose.test.ts Outdated Show resolved Hide resolved
test/integration/initial-dns-seedlist-discovery/initial_dns_seedlist_discovery.prose.test.ts Outdated Show resolved Hide resolved
test/unit/utils.test.ts Outdated Show resolved Hide resolved
test/unit/utils.test.ts Outdated Show resolved Hide resolved
test/unit/utils.test.ts Outdated Show resolved Hide resolved
test/unit/utils.test.ts Outdated Show resolved Hide resolved
test/integration/initial-dns-seedlist-discovery/initial_dns_seedlist_discovery.prose.test.ts Outdated Show resolved Hide resolved
W-A-James
W-A-James previously approved these changes Sep 27, 2024
View reviewed changes
@W-A-James W-A-James added Team Review Needs review from team and removed Primary Review In Review with primary reviewer, not yet ready for team's eyes labels Sep 27, 2024
@dariakp
Copy link
Contributor

dariakp commented Sep 30, 2024

@aditi-khare-mongoDB @W-A-James Can we confirm the failing tests are all accounted for?

@aditi-khare-mongoDB
Copy link
Contributor Author

@dariakp Seems like the two red failing tests are flaky. I doubt the purple failures would contain any failures if they weren't system failures. For example, 5.0-node-latest-server fails but not 4.0-node-latest or 6.0-node-latest, which makes me assume 5.0-node-latest would pass if not for the CI issues.

dariakp
dariakp previously requested changes Sep 30, 2024
View reviewed changes
src/sdam/srv_polling.ts Show resolved Hide resolved
src/utils.ts Outdated Show resolved Hide resolved
src/utils.ts Outdated Show resolved Hide resolved
test/integration/initial-dns-seedlist-discovery/initial_dns_seedlist_discovery.prose.test.ts Outdated Show resolved Hide resolved
test/unit/utils.test.ts Show resolved Hide resolved
src/utils.ts Outdated Show resolved Hide resolved
@W-A-James
Copy link
Contributor

Failing tests are unrelated known flaky tests

W-A-James
W-A-James requested changes Oct 14, 2024
View reviewed changes
src/utils.ts Show resolved Hide resolved
@dariakp
Copy link
Contributor

dariakp commented Oct 14, 2024

LGTM with respect to my comments

@W-A-James W-A-James self-requested a review October 15, 2024 19:11
@W-A-James W-A-James dismissed dariakp’s stale review October 15, 2024 19:12

LGTM was given by this reviewer

@W-A-James W-A-James merged commit 3d5bd51 into main Oct 15, 2024
25 of 30 checks passed
@W-A-James W-A-James deleted the uri-validate-less branch October 15, 2024 19:12
@github-actions github-actions bot mentioned this pull request Oct 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@W-A-James W-A-James W-A-James approved these changes

@dariakp dariakp Awaiting requested review from dariakp

Assignees

@W-A-James W-A-James

Labels
Team Review Needs review from team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aditi-khare-mongoDB @dariakp @W-A-James