Implement SSL (#175)

* Implement SSL

Author: saghm

.travis.yml

@@ -3,18 +3,29 @@ language: rust
 cache: cargo
 
 before_install:
-    - wget http://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.0.14.tgz
-    - tar xvf mongodb-linux-x86_64-3.0.14.tgz
-    - mv mongodb-linux-x86_64-3.0.14 3.0.14
-    - wget http://fastdl.mongodb.org/linux/mongodb-linux-x86_64-3.2.11.tgz
-    - tar xvf mongodb-linux-x86_64-3.2.11.tgz
-    - mv mongodb-linux-x86_64-3.2.11 3.2.11
+    - wget http://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1204-3.0.14.tgz
+    - tar xvf mongodb-linux-x86_64-ubuntu1204-3.0.14.tgz
+    - mv mongodb-linux-x86_64-ubuntu1204-3.0.14 3.0.14
+    - wget http://fastdl.mongodb.org/linux/mongodb-linux-x86_64-ubuntu1204-3.2.11.tgz
+    - tar xvf mongodb-linux-x86_64-ubuntu1204-3.2.11.tgz
+    - mv mongodb-linux-x86_64-ubuntu1204-3.2.11 3.2.11
 
 script:
-    - mkdir -p ./data/db ./data/db2
-    - 3.0.14/bin/mongod --fork --nopreallocj --dbpath ./data/db --syslog --port 27017
+    - mkdir -p ./data/db30 ./data/db30-ssl ./data/db32 ./data/db32-ssl
+    - 3.0.14/bin/mongod --fork --dbpath ./data/db30 --syslog --port 27017
     - cargo build --verbose
     - cargo test --verbose
     - killall mongod
-    - 3.2.11/bin/mongod --fork --nopreallocj --dbpath ./data/db2 --syslog --port 27017
+    - 3.2.11/bin/mongod --fork --dbpath ./data/db32 --syslog --port 27017
     - cargo test --verbose
+    - killall mongod
+    - 3.0.14/bin/mongod --fork --dbpath ./data/db30 --syslog --port 27017
+    - 3.0.14/bin/mongod --fork --dbpath ./data/db30-ssl --syslog --port 27018 --sslMode requireSSL --sslPEMKeyFile tests/ssl/server.pem --sslCAFile tests/ssl/ca.pem
+    - cargo build --features ssl --verbose
+    - cargo test --features ssl --verbose
+    - killall mongod
+    - 3.2.11/bin/mongod --fork --dbpath ./data/db32 --syslog --port 27017
+    - 3.2.11/bin/mongod --fork --dbpath ./data/db32-ssl --syslog --port 27018 --sslMode requireSSL --sslPEMKeyFile tests/ssl/server.pem --sslCAFile tests/ssl/ca.pem
+    - cargo test --features ssl --verbose
+
+

Cargo.toml

@@ -12,11 +12,17 @@ readme = "README.md"
 keywords = ["mongo", "mongodb", "database", "bson", "nosql"]
 license = "Apache-2.0"
 
+[features]
+default = []
+ssl = ["openssl"]
+
 [dependencies]
 bitflags = "0.7.0"
 bson = "0.3.2"
+bufstream = "0.1.1"
 byteorder = "0.5.3"
 chrono = "0.2.25"
+openssl = { version = "0.9.3", optional = true }
 rand = "0.3.14"
 rust-crypto = "0.2.31"
 rustc-serialize = "0.3.19"
@@ -25,7 +31,6 @@ semver = "0.5.0"
 separator = "0.3.1"
 textnonce = { version = "0.4.1", default-features = false }
 time = "0.1.35"
-bufstream = "0.1.1"
 
 [dev-dependencies]
 nalgebra = "0.10.1"

README.md

@@ -18,14 +18,22 @@ Installation
 
 #### Importing
 
-The 1.0 driver is available on crates.io. To use the MongoDB driver in your code, add the bson and mongodb packages to your `Cargo.toml`:
+The driver is available on crates.io. To use the MongoDB driver in your code, add the bson and mongodb packages to your `Cargo.toml`:
 
 ```
 [dependencies]
-bson = "0.3.1"
+bson = "0.3.2"
 mongodb = "0.1.8"
 ```
 
+Alternately, you can use the MongoDB driver with SSL support. To do this, you must have OpenSSL installed on your system. Then, enable the `ssl` feature for MongoDB in your Cargo.toml:
+
+```
+[dependencies]
+...
+mongodb = { version = "0.1.8", features = ["ssl"] }
+```
+
 Then, import the bson and driver libraries within your code.
 
 ```rust
@@ -46,7 +54,7 @@ use mongodb::db::ThreadedDatabase;
 
 fn main() {
     let client = Client::connect("localhost", 27017)
-        .ok().expect("Failed to initialize standalone client.");
+        .expect("Failed to initialize standalone client.");
 
     let coll = client.db("test").collection("movies");
 
@@ -74,3 +82,33 @@ fn main() {
     }
 }
 ```
+
+To connect with SSL, use `ClientOptions::with_ssl` and `Client::connect_with_options`. Afterwards, the client can be used as above (note that the server will have to be configured to accept SSL connections and that you'll have to generate your own keys and certificates):
+
+```rust
+use bson::Bson;
+use mongodb::{Client, ClientOptions, ThreadedClient};
+use mongodb::db::ThreadedDatabase;
+
+fn main() {
+    // Path to file containing trusted server certificates.
+    let ca_file = "path/to/ca.crt";
+    // Path to file containing client certificate.
+    let certificate = "path/to/client.crt";
+    // Path to file containing the client private key.
+    let key_file = "path/to/client.key";
+    // Whether or not to verify that the server certificate is valid. Unless you're just testing out something locally, this should ALWAYS be true.
+    let verify_peer = true;
+
+    let options = ClientOptions::with_ssl(ca_file, certificate, key_file, verify_peer);
+
+    let client = Client::connect_with_options("localhost", 27017, options)
+        .expect("Failed to initialize standalone client.");
+
+    // Insert document into 'test.movies' collection
+    coll.insert_one(doc.clone(), None)
+        .ok().expect("Failed to insert document.");
+
+    ...
+}
+```

src/coll/mod.rs

@@ -415,11 +415,7 @@ impl Collection {
             }
         }
 
-        vec![
-            Batch::Insert(inserts),
-            Batch::Delete(deletes),
-            Batch::Update(updates),
-        ]
+        vec![Batch::Insert(inserts), Batch::Delete(deletes), Batch::Update(updates)]
     }
 
     pub fn get_ordered_batches(mut requests: VecDeque<WriteModel>) -> Vec<Batch> {
@@ -472,12 +468,10 @@ impl Collection {
                             exception: &mut BulkWriteException)
                             -> bool {
         let original_models = models.iter()
-            .map(|model| {
-                if model.multi {
-                    WriteModel::DeleteMany { filter: model.filter.clone() }
-                } else {
-                    WriteModel::DeleteOne { filter: model.filter.clone() }
-                }
+            .map(|model| if model.multi {
+                WriteModel::DeleteMany { filter: model.filter.clone() }
+            } else {
+                WriteModel::DeleteOne { filter: model.filter.clone() }
             })
             .collect();
 
@@ -500,12 +494,10 @@ impl Collection {
                             exception: &mut BulkWriteException)
                             -> bool {
         let original_models = models.iter()
-            .map(|model| {
-                if model.multi {
-                    WriteModel::DeleteMany { filter: model.filter.clone() }
-                } else {
-                    WriteModel::DeleteOne { filter: model.filter.clone() }
-                }
+            .map(|model| if model.multi {
+                WriteModel::DeleteMany { filter: model.filter.clone() }
+            } else {
+                WriteModel::DeleteOne { filter: model.filter.clone() }
             })
             .collect();
 

src/cursor.rs

@@ -170,12 +170,10 @@ impl Cursor {
 
                         // Extract first batch documents
                         let map = batch.iter()
-                            .filter_map(|bdoc| {
-                                if let Bson::Document(ref doc) = *bdoc {
-                                    Some(doc.clone())
-                                } else {
-                                    None
-                                }
+                            .filter_map(|bdoc| if let Bson::Document(ref doc) = *bdoc {
+                                Some(doc.clone())
+                            } else {
+                                None
                             })
                             .collect();
 

src/db/mod.rs

@@ -235,8 +235,9 @@ impl ThreadedDatabase for Database {
         options.read_preference = read_preference;
         let res = try!(coll.find_one_with_command_type(Some(spec.clone()), Some(options),
                                                        cmd_type));
-        res.ok_or_else(|| OperationError(
-                format!("Failed to execute command with spec {:?}.", spec)))
+        res.ok_or_else(|| {
+            OperationError(format!("Failed to execute command with spec {:?}.", spec))
+        })
     }
 
     fn list_collections(&self, filter: Option<bson::Document>) -> Result<Cursor> {
@@ -281,15 +282,15 @@ impl ThreadedDatabase for Database {
 
     fn version(&self) -> Result<Version> {
         let doc = doc! { "buildinfo" => 1 };
-        let out = try!(self.command(doc,
-                                    CommandType::BuildInfo,
-                                    None));
+        let out = try!(self.command(doc, CommandType::BuildInfo, None));
 
         match out.get("version") {
-            Some(&Bson::String(ref s)) => match Version::parse(s) {
-                Ok(v) => Ok(v),
-                Err(e) => Err(ResponseError(String::from(e.description()))),
-            },
+            Some(&Bson::String(ref s)) => {
+                match Version::parse(s) {
+                    Ok(v) => Ok(v),
+                    Err(e) => Err(ResponseError(String::from(e.description()))),
+                }
+            }
             _ => Err(ResponseError(String::from("No version received from server"))),
         }
     }