Uploaded image for project: 'Node.js Driver'
  1. Node.js Driver
  2. NODE-931

Latest NodeJS driver does not mind if SSL options are nested under any property

    • Type: Icon: Task Task
    • Resolution: Done
    • Priority: Icon: Major - P3 Major - P3
    • 2.2.23
    • Affects Version/s: None
    • Component/s: None
    • None

      First some background: One customer reported that they are unable to connect with sslValidate: false using the v2.1.6 driver.

      This is a sample code they tried to use:

      // Connection URL
      
      var url = 'mongodb://web:secret@aws10-g02-mgs11.stage.glip.net:27017,aws10-g02-mgs01.stage.glip.net:27017/ec?replicaSet=rs0&ssl=true';
      
      var options = {
        sslValidate: false
      };
      
      // Use connect method to connect to the server
      MongoClient.connect(url, options, function(err, db) {
        assert.equal(null, err);
        console.log("Connected successfully to server");
      
        setTimeout(function() { console.log('Blah blah'); } , 60000)
      
        db.close();
      });
      

      The app was still trying to validate the server's certificate and failing as no CA file has been specified:

      AssertionError: null == { [MongoError: self signed certificate] name: 'MongoError', message: 'self signed certificate' }
      

      It was quickly discovered that the sslValidate: false option can take effect only if it is nested under the server property:

      var options = {
        server: {
          sslValidate: false
        }
      };
      

      Which matches the driver's documentation. Unfortunately all of the other properties mentioned in the documentation (i.e. replset & mongos) do not work for the 2.1.x driver.

      It is also worth noting that the `server` property, if used, is respected strictly - if you try using it with a URI that has the replicaSet option set, the driver won't connect:

      AssertionError: null == {"name":"MongoError","message":"no valid seed servers in list"}
      

      Eventually the latest (2.2.22) driver version was tested where it was discovered that the driver does not really mind if the SSL options are nested under any property or not. And if they are nested, then the property name can really be anything - the options will still take effect!

      E.g. this code works with 2.2.22 but not with 2.1.6:

      // Connection URL
      
      var url = 'mongodb://mvamgo2:27000/test?replicaSet=rs1&ssl=true'
      
      var options = { wutPropertyLol:
              {
                sslValidate: false
              }
      };
      
      // Use connect method to connect to the server
      MongoClient.connect(url, options, function(err, db) {
      

      Yet the 2.2 driver's documentation still suggests that one of the three mentioned properties (mongos, server or replset) has to be used to hold the SSL options.

      Can somebody please help me understand if that change in the driver's behaviour was intentional? If that is the case, shouldn't we remove the requirement for having the SSL options nested under a property removed from the driver's documentation?

      Thank you in advance.

            Assignee:
            christkv Christian Amor Kvalheim
            Reporter:
            dmitry.ryabtsev@mongodb.com Dmitry Ryabtsev
            Votes:
            0 Vote for this issue
            Watchers:
            40 Start watching this issue

              Created:
              Updated:
              Resolved: