Mongo Server Side Transaction handles

.gitignore

@@ -0,0 +1 @@
+/_harness

auth_test.go

@@ -42,6 +42,10 @@ import (
 	"gopkg.in/mgo.v2"
 )
 
+// failedAuthRegex covers the various messages that Mongo gives from different versions
+// of mongo when you are asking to run a command that needs authentication.
+const failedAuthRegex = "command.*requires authentication|unauthorized|need to login|not authorized .*"
+
 func (s *S) TestAuthLoginDatabase(c *C) {
 	// Test both with a normal database and with an authenticated shard.
 	for _, addr := range []string{"localhost:40002", "localhost:40203"} {
@@ -51,8 +55,7 @@ func (s *S) TestAuthLoginDatabase(c *C) {
 
 		coll := session.DB("mydb").C("mycoll")
 		err = coll.Insert(M{"n": 1})
-		c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
-
+		c.Assert(err, ErrorMatches, failedAuthRegex)
 		admindb := session.DB("admin")
 
 		err = admindb.Login("root", "wrong")
@@ -75,7 +78,7 @@ func (s *S) TestAuthLoginSession(c *C) {
 
 		coll := session.DB("mydb").C("mycoll")
 		err = coll.Insert(M{"n": 1})
-		c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
+		c.Assert(err, ErrorMatches, failedAuthRegex)
 
 		cred := mgo.Credential{
 			Username: "root",
@@ -109,15 +112,15 @@ func (s *S) TestAuthLoginLogout(c *C) {
 
 		coll := session.DB("mydb").C("mycoll")
 		err = coll.Insert(M{"n": 1})
-		c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
+		c.Assert(err, ErrorMatches, failedAuthRegex)
 
 		// Must have dropped auth from the session too.
 		session = session.Copy()
 		defer session.Close()
 
 		coll = session.DB("mydb").C("mycoll")
 		err = coll.Insert(M{"n": 1})
-		c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
+		c.Assert(err, ErrorMatches, failedAuthRegex)
 	}
 }
 
@@ -134,15 +137,15 @@ func (s *S) TestAuthLoginLogoutAll(c *C) {
 
 	coll := session.DB("mydb").C("mycoll")
 	err = coll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	// Must have dropped auth from the session too.
 	session = session.Copy()
 	defer session.Close()
 
 	coll = session.DB("mydb").C("mycoll")
 	err = coll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 }
 
 func (s *S) TestAuthUpsertUserErrors(c *C) {
@@ -203,7 +206,7 @@ func (s *S) TestAuthUpsertUser(c *C) {
 
 	coll := session.DB("mydb").C("mycoll")
 	err = coll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	err = mydb.Login("myrwuser", "mypass")
 	c.Assert(err, IsNil)
@@ -236,7 +239,7 @@ func (s *S) TestAuthUpsertUser(c *C) {
 	// the roles for myrwuser are different there.
 	othercoll := myotherdb.C("myothercoll")
 	err = othercoll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	// Reading works, though.
 	err = othercoll.Find(nil).One(nil)
@@ -274,7 +277,7 @@ func (s *S) TestAuthUpsertUserOtherDBRoles(c *C) {
 
 	coll := session.DB("mydb").C("mycoll")
 	err = coll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	err = coll.Find(nil).One(nil)
 	c.Assert(err, Equals, mgo.ErrNotFound)
@@ -320,7 +323,7 @@ func (s *S) TestAuthUpsertUserUpdates(c *C) {
 	err = usession.DB("mydb").C("mycoll").Find(nil).One(nil)
 	c.Assert(err, Equals, mgo.ErrNotFound)
 	err = usession.DB("mydb").C("mycoll").Insert(M{"ok": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	// Update the user role.
 	user = &mgo.User{
@@ -362,7 +365,7 @@ func (s *S) TestAuthAddUser(c *C) {
 
 	coll := session.DB("mydb").C("mycoll")
 	err = coll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	err = mydb.Login("mywuser", "mypass")
 	c.Assert(err, IsNil)
@@ -395,7 +398,7 @@ func (s *S) TestAuthAddUserReplaces(c *C) {
 
 	// ReadOnly flag was changed too.
 	err = mydb.C("mycoll").Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 }
 
 func (s *S) TestAuthRemoveUser(c *C) {
@@ -474,7 +477,7 @@ func (s *S) TestAuthLoginSwitchUser(c *C) {
 
 	// Can't write.
 	err = coll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	// But can read.
 	result := struct{ N int }{}
@@ -509,7 +512,7 @@ func (s *S) TestAuthLoginChangePassword(c *C) {
 
 	// The second login must be in effect, which means read-only.
 	err = mydb.C("mycoll").Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 }
 
 func (s *S) TestAuthLoginCachingWithSessionRefresh(c *C) {
@@ -576,7 +579,7 @@ func (s *S) TestAuthLoginCachingWithNewSession(c *C) {
 
 	coll := session.DB("mydb").C("mycoll")
 	err = coll.Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|need to login|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 }
 
 func (s *S) TestAuthLoginCachingAcrossPool(c *C) {
@@ -673,7 +676,7 @@ func (s *S) TestAuthLoginCachingAcrossPoolWithLogout(c *C) {
 	// Can't write, since root has been implicitly logged out
 	// when the collection went into the pool, and not revalidated.
 	err = other.DB("mydb").C("mycoll").Insert(M{"n": 1})
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	// But can read due to the revalidated myuser login.
 	result := struct{ N int }{}
@@ -782,7 +785,7 @@ func (s *S) TestAuthURLWithDatabase(c *C) {
 		err = ucoll.FindId(0).One(nil)
 		c.Assert(err, Equals, mgo.ErrNotFound)
 		err = ucoll.Insert(M{"n": 1})
-		c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+		c.Assert(err, ErrorMatches, failedAuthRegex)
 	}
 }
 
@@ -865,7 +868,7 @@ func (s *S) TestAuthScramSha1Cred(c *C) {
 
 	c.Logf("Connected! Testing the need for authentication...")
 	err = mycoll.Find(nil).One(nil)
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	c.Logf("Authenticating...")
 	err = session.Login(cred)
@@ -988,7 +991,7 @@ func (s *S) TestAuthPlainCred(c *C) {
 
 	c.Logf("Connected! Testing the need for authentication...")
 	err = records.Find(nil).One(nil)
-	c.Assert(err, ErrorMatches, "unauthorized|not authorized .*")
+	c.Assert(err, ErrorMatches, failedAuthRegex)
 
 	c.Logf("Authenticating...")
 	err = session.Login(cred)

cluster_test.go

@@ -2065,6 +2065,11 @@ func (s *S) TestDoNotFallbackToMonotonic(c *C) {
 	if !s.versionAtLeast(3, 0) {
 		c.Skip("command-counting logic depends on 3.0+")
 	}
+	// accessing system.indexes is no longer correct in 3.2.17+ you must
+	// use listIndexes, so the test doesn't apply anymore.
+	if s.versionAtLeast(3, 2, 17) {
+		c.Skip("failing on 3.2.17+")
+	}
 
 	session, err := mgo.Dial("localhost:40012")
 	c.Assert(err, IsNil)

harness/daemons/.env

@@ -1,3 +1,4 @@
+#!/bin/bash
 
 set -e
 
@@ -6,52 +7,81 @@ MONGOMAJOR=$(echo $MONGOVERSION | sed 's/\([0-9]\+\)\..*/\1/')
 MONGOMINOR=$(echo $MONGOVERSION | sed 's/[0-9]\+\.\([0-9]\+\)/\1/')
 
 versionAtLeast() {
-	TESTMAJOR="$1"
-	TESTMINOR="$2"
-	if [ "$MONGOMAJOR" -gt "$TESTMAJOR" ]; then
-		return 0
-	fi
-	if [ "$MONGOMAJOR" -lt "$TESTMAJOR" ]; then
-		return 100
-	fi
-	if [ "$MONGOMINOR" -ge "$TESTMINOR" ]; then
-		return 0
-	fi
-	return 100
+    TESTMAJOR="$1"
+    TESTMINOR="$2"
+    if [ "$MONGOMAJOR" -gt "$TESTMAJOR" ]; then
+        return 0
+    fi
+    if [ "$MONGOMAJOR" -lt "$TESTMAJOR" ]; then
+        return 100
+    fi
+    if [ "$MONGOMINOR" -ge "$TESTMINOR" ]; then
+        return 0
+    fi
+    return 100
 }
 
 COMMONDOPTSNOIP="
-	--nohttpinterface
-	--noprealloc
-	--nojournal
-	--smallfiles
-	--nssize=1
-	--oplogSize=1
-	--dbpath ./db
-	"
+    --nohttpinterface
+    --nojournal
+    --smallfiles
+    --oplogSize=1
+    --dbpath ./db
+    "
 COMMONDOPTS="
-	$COMMONDOPTSNOIP
-	--bind_ip=127.0.0.1
-	"
+    $COMMONDOPTSNOIP
+    --bind_ip=127.0.0.1
+    "
 COMMONCOPTS="
-	$COMMONDOPTS
-	"
+    $COMMONDOPTS
+    "
 COMMONSOPTS="
-	--chunkSize 1
-	--bind_ip=127.0.0.1
-	"
+    --bind_ip=127.0.0.1
+    "
+
+CFG1OPTS=""
+CFG2OPTS=""
+CFG3OPTS=""
+
+MONGOS1OPTS="--configdb 127.0.0.1:40101"
+MONGOS2OPTS="--configdb 127.0.0.1:40102"
+MONGOS3OPTS="--configdb 127.0.0.1:40103"
+
+
 
 if versionAtLeast 3 2; then
-	# 3.2 doesn't like --nojournal on config servers.
-	#COMMONCOPTS="$(echo "$COMMONCOPTS" | sed '/--nojournal/d')"
-	# Using a hacked version of MongoDB 3.2 for now.
-
-	# Go back to MMAPv1 so it's not super sluggish. :-(
-	COMMONDOPTSNOIP="--storageEngine=mmapv1 $COMMONDOPTSNOIP"
-	COMMONDOPTS="--storageEngine=mmapv1 $COMMONDOPTS"
-	COMMONCOPTS="--storageEngine=mmapv1 $COMMONCOPTS"
+
+    # 3.2 doesn't like --nojournal on config servers.
+    COMMONCOPTS="$(echo "$COMMONCOPTS" | sed '/--nojournal/d')"
+
+    if versionAtLeast 3 4; then
+      # http interface is disabled by default, this option does not exist anymore
+      COMMONDOPTSNOIP="$(echo "$COMMONDOPTSNOIP" | sed '/--nohttpinterface/d')"
+      COMMONDOPTS="$(echo "$COMMONDOPTS" | sed '/--nohttpinterface/d')"
+      COMMONCOPTS="$(echo "$COMMONCOPTS" | sed '/--nohttpinterface/d')"
+
+
+        if versionAtLeast 3 6; then
+            #In version 3.6 --nojournal is deprecated for replica set members using WiredTiger
+            COMMONDOPTSNOIP="$(echo "$COMMONDOPTSNOIP" | sed '/--nojournal/d')"
+            COMMONDOPTS="$(echo "$COMMONDOPTS" | sed '/--nojournal/d')"
+            COMMONCOPTS="$(echo "$COMMONCOPTS" | sed '/--nojournal/d')"
+        fi
+
+      # config server need to be started as replica set
+
+      CFG1OPTS="--replSet conf1"
+      CFG2OPTS="--replSet conf2"
+      CFG3OPTS="--replSet conf3"
+
+      MONGOS1OPTS="--configdb conf1/127.0.0.1:40101"
+      MONGOS2OPTS="--configdb conf2/127.0.0.1:40102"
+      MONGOS3OPTS="--configdb conf3/127.0.0.1:40103" 
+    fi
 fi
 
+
+
 if [ "$TRAVIS" = true ]; then
-	set -x
+    set -x
 fi

harness/daemons/cfg1/run

@@ -4,5 +4,6 @@
 
 exec mongod $COMMONCOPTS \
 	--port 40101 \
-	--configsvr
+	--configsvr \
+	$CFG1OPTS
 

harness/daemons/cfg2/run

@@ -4,5 +4,6 @@
 
 exec mongod $COMMONCOPTS \
 	--port 40102 \
-	--configsvr
+	--configsvr \
+	$CFG2OPTS
 

harness/daemons/cfg3/run

@@ -5,5 +5,6 @@
 exec mongod $COMMONCOPTS \
 	--port 40103 \
 	--configsvr \
+	$CFG3OPTS \
 	--auth \
 	--keyFile=../../certs/keyfile

harness/daemons/db2/run

@@ -3,6 +3,5 @@
 . ../.env
 
 exec mongod $COMMONDOPTS \
-	--shardsvr \
 	--port 40002 \
 	--auth

harness/daemons/db3/run

@@ -3,7 +3,6 @@
 . ../.env
 
 exec mongod $COMMONDOPTS \
-	--shardsvr \
 	--port 40003 \
 	--auth \
 	--sslMode preferSSL \

harness/daemons/s1/run

@@ -4,4 +4,4 @@
 
 exec mongos $COMMONSOPTS \
 	--port 40201 \
-	--configdb 127.0.0.1:40101
+	$MONGOS1OPTS 

harness/daemons/s2/run

@@ -4,4 +4,4 @@
 
 exec mongos $COMMONSOPTS \
 	--port 40202 \
-	--configdb 127.0.0.1:40102
+	$MONGOS2OPTS 

harness/daemons/s3/run

@@ -4,5 +4,5 @@
 
 exec mongos $COMMONSOPTS \
 	--port 40203 \
-	--configdb 127.0.0.1:40103 \
+	$MONGOS3OPTS \
 	--keyFile=../../certs/keyfile