Skip to content

Commit

Permalink
feat(NODE-3633): add Socks5 support
Browse files Browse the repository at this point in the history
  • Loading branch information
@addaleax
addaleax committed Nov 19, 2021
1 parent 52520aa commit fd65f77
Show file tree
Hide file tree
Showing 15 changed files with 934 additions and 13 deletions.
48 changes: 48 additions & 0 deletions .evergreen/config.yml
View file
Expand Up @@ -293,6 +293,27 @@ functions:
export NODE_LTS_NAME='${NODE_LTS_NAME}'
bash ${PROJECT_DIRECTORY}/.evergreen/run-atlas-tests.sh
run socks5 tests:
- command: shell.exec
type: test
params:
working_dir: src
script: >
export PYTHON_BINARY=$([ "Windows_NT" = "$OS" ] && echo "/cygdrive/c/python/python38/python.exe" || echo
"/opt/mongodbtoolchain/v3/bin/python3")
export PROJECT_DIRECTORY="$(pwd)"
export DRIVERS_TOOLS="${DRIVERS_TOOLS}"
export NODE_LTS_NAME='${NODE_LTS_NAME}'
export MONGODB_URI="${MONGODB_URI}"
export SSL="${SSL}"
bash ${PROJECT_DIRECTORY}/.evergreen/run-socks5-tests.sh
run kerberos tests:
- command: shell.exec
type: test
Expand Down Expand Up @@ -907,6 +928,27 @@ tasks:
commands:
- func: install dependencies
- func: run ldap tests
- name: test-socks5
tags: []
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
VERSION: latest
TOPOLOGY: replica_set
- func: run socks5 tests
- name: test-socks5-tls
tags: []
commands:
- func: install dependencies
- func: bootstrap mongo-orchestration
vars:
SSL: ssl
VERSION: latest
TOPOLOGY: replica_set
- func: run socks5 tests
vars:
SSL: ssl
- name: test-ocsp-valid-cert-server-staples
tags:
- ocsp
Expand Down Expand Up @@ -1683,6 +1725,8 @@ buildvariants:
- test-atlas-data-lake
- test-auth-kerberos
- test-auth-ldap
- test-socks5
- test-socks5-tls
- test-ocsp-valid-cert-server-staples
- test-ocsp-invalid-cert-server-staples
- test-ocsp-valid-cert-server-does-not-staple
Expand Down Expand Up @@ -1753,6 +1797,8 @@ buildvariants:
- test-load-balancer
- test-auth-kerberos
- test-auth-ldap
- test-socks5
- test-socks5-tls
- test-ocsp-valid-cert-server-staples
- test-ocsp-invalid-cert-server-staples
- test-ocsp-valid-cert-server-does-not-staple
Expand Down Expand Up @@ -1819,6 +1865,8 @@ buildvariants:
- test-3.6-sharded_cluster
- test-latest-server-v1-api
- test-atlas-data-lake
- test-socks5
- test-socks5-tls
- test-ocsp-valid-cert-server-staples
- test-ocsp-invalid-cert-server-staples
- test-ocsp-valid-cert-server-does-not-staple
Expand Down
15 changes: 15 additions & 0 deletions .evergreen/config.yml.in
View file
Expand Up @@ -326,6 +326,21 @@ functions:

bash ${PROJECT_DIRECTORY}/.evergreen/run-atlas-tests.sh

"run socks5 tests":
- command: shell.exec
type: test
params:
working_dir: "src"
script: |
export PYTHON_BINARY=$([ "Windows_NT" = "$OS" ] && echo "/cygdrive/c/python/python38/python.exe" || echo "/opt/mongodbtoolchain/v3/bin/python3")
export PROJECT_DIRECTORY="$(pwd)"
export DRIVERS_TOOLS="${DRIVERS_TOOLS}"
export NODE_LTS_NAME='${NODE_LTS_NAME}'
export MONGODB_URI="${MONGODB_URI}"
export SSL="${SSL}"

bash ${PROJECT_DIRECTORY}/.evergreen/run-socks5-tests.sh

"run kerberos tests":
- command: shell.exec
type: test
Expand Down
31 changes: 31 additions & 0 deletions .evergreen/generate_evergreen_tasks.js
View file
Expand Up @@ -136,6 +136,37 @@ TASKS.push(
tags: ['auth', 'ldap'],
commands: [{ func: 'install dependencies' }, { func: 'run ldap tests' }]
},
{
name: 'test-socks5',
tags: [],
commands: [
{ func: 'install dependencies' },
{
func: 'bootstrap mongo-orchestration',
vars: {
VERSION: 'latest',
TOPOLOGY: 'replica_set'
}
},
{ func: 'run socks5 tests' }
]
},
{
name: 'test-socks5-tls',
tags: [],
commands: [
{ func: 'install dependencies' },
{
func: 'bootstrap mongo-orchestration',
vars: {
SSL: 'ssl',
VERSION: 'latest',
TOPOLOGY: 'replica_set'
}
},
{ func: 'run socks5 tests', vars: { SSL: 'ssl' } }
]
},
{
name: 'test-ocsp-valid-cert-server-staples',
tags: ['ocsp'],
Expand Down
42 changes: 42 additions & 0 deletions .evergreen/run-socks5-tests.sh
View file
@@ -0,0 +1,42 @@
#!/bin/bash

set -o errexit # Exit the script with error if any of the commands fail
set -o xtrace # For debuggability, no external credentials are used here

source "${PROJECT_DIRECTORY}/.evergreen/init-nvm.sh"

PYTHON_BINARY=${PYTHON_BINARY:-python3}

# ssl setup
SSL=${SSL:-nossl}
if [ "$SSL" != "nossl" ]; then
export SSL_KEY_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/client.pem"
export SSL_CA_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/ca.pem"
fi

# Grab a connection string that only refers to *one* of the hosts in MONGODB_URI
FIRST_HOST=$(node -p 'new (require("mongodb-connection-string-url").default)(process.env.MONGODB_URI).hosts[0]')
# Use localhost:12345 as the URL for the single host that we connect to,
# we configure the Socks5 proxy server script to redirect from this to FIRST_HOST
export MONGODB_URI_SINGLEHOST="mongodb://localhost:12345/"

# Compute path to socks5 fake server script in a way that works on Windows
SOCKS5_SERVER_SCRIPT="${PROJECT_DIRECTORY}/.evergreen/socks5srv.py"
if [ "Windows_NT" = "$OS" ]; then
SOCKS5_SERVER_SCRIPT=$(cygpath -w "$SOCKS5_SERVER_SCRIPT")
fi

# First, test with Socks5 + authentication required
"$PYTHON_BINARY" "$SOCKS5_SERVER_SCRIPT" --port 1080 --auth username:p4ssw0rd --map "localhost:12345 to $FIRST_HOST" &
PID=$!
env SOCKS5_CONFIG='["localhost",1080,"username","p4ssw0rd"]' npm run check:socks5
kill $PID

# Second, test with Socks5 + no authentication
"$PYTHON_BINARY" "$SOCKS5_SERVER_SCRIPT" --port 1081 --map "localhost:12345 to $FIRST_HOST" &
PID=$!
env SOCKS5_CONFIG='["localhost",1081]' npm run check:socks5
kill $PID

# TODO: It might be worth using something more robust to control
# the Socks5 proxy server script's lifetime

0 comments on commit fd65f77

Please sign in to comment.