def test_parse_tls_insecure_options(self):
# tlsInsecure is expanded correctly.
uri = "mongodb://example.com/?tlsInsecure=true"
res = get_validated_options(
{
"ssl_match_hostname": False,
"ssl_cert_reqs": ssl.CERT_NONE,
"tlsinsecure": True
},
warn=False)
self.assertEqual(res, parse_uri(uri)["options"])
# tlsAllow* specified AFTER tlsInsecure.
# tlsAllow* options warns and overrides values implied by tlsInsecure.
uri = ("mongodb://example.com/?tlsInsecure=true"
"&tlsAllowInvalidCertificates=false"
"&tlsAllowInvalidHostnames=false")
res = get_validated_options(
{
"ssl_match_hostname": True,
"ssl_cert_reqs": ssl.CERT_REQUIRED,
"tlsinsecure": True
},
warn=False)
with warnings.catch_warnings(record=True) as ctx:
warnings.simplefilter('always')
self.assertEqual(res, parse_uri(uri)["options"])
for warning in ctx:
self.assertRegexpMatches(
warning.message.args[0],
".*tlsAllowInvalid.*overrides.*tlsInsecure.*")
clear_warning_registry()
# tlsAllow* specified BEFORE tlsInsecure.
# tlsAllow* options warns and overrides values implied by tlsInsecure.
uri = ("mongodb://example.com/"
"?tlsAllowInvalidCertificates=false"
"&tlsAllowInvalidHostnames=false"
"&tlsInsecure=true")
res = get_validated_options(
{
"ssl_match_hostname": True,
"ssl_cert_reqs": ssl.CERT_REQUIRED,
"tlsinsecure": True
},
warn=False)
with warnings.catch_warnings(record=True) as ctx:
warnings.simplefilter('always')
self.assertEqual(res, parse_uri(uri)["options"])
for warning in ctx:
self.assertRegexpMatches(
warning.message.args[0],
".*tlsAllowInvalid.*overrides.*tlsInsecure.*")
def test_parse_tls_insecure_options(self):
# tlsInsecure is expanded correctly.
uri = "mongodb://example.com/?tlsInsecure=true"
res = get_validated_options(
{"ssl_match_hostname": False, "ssl_cert_reqs": ssl.CERT_NONE,
"tlsinsecure": True}, warn=False)
self.assertEqual(res, parse_uri(uri)["options"])
# tlsAllow* specified AFTER tlsInsecure.
# tlsAllow* options warns and overrides values implied by tlsInsecure.
uri = ("mongodb://example.com/?tlsInsecure=true"
"&tlsAllowInvalidCertificates=false"
"&tlsAllowInvalidHostnames=false")
res = get_validated_options(
{"ssl_match_hostname": True, "ssl_cert_reqs": ssl.CERT_REQUIRED,
"tlsinsecure": True}, warn=False)
with warnings.catch_warnings(record=True) as ctx:
warnings.simplefilter('always')
self.assertEqual(res, parse_uri(uri)["options"])
for warning in ctx:
self.assertRegexpMatches(
warning.message.args[0],
".*tlsAllowInvalid.*overrides.*tlsInsecure.*")
clear_warning_registry()
# tlsAllow* specified BEFORE tlsInsecure.
# tlsAllow* options warns and overrides values implied by tlsInsecure.
uri = ("mongodb://example.com/"
"?tlsAllowInvalidCertificates=false"
"&tlsAllowInvalidHostnames=false"
"&tlsInsecure=true")
res = get_validated_options(
{"ssl_match_hostname": True, "ssl_cert_reqs": ssl.CERT_REQUIRED,
"tlsinsecure": True}, warn=False)
with warnings.catch_warnings(record=True) as ctx:
warnings.simplefilter('always')
self.assertEqual(res, parse_uri(uri)["options"])
for warning in ctx:
self.assertRegexpMatches(
warning.message.args[0],
".*tlsAllowInvalid.*overrides.*tlsInsecure.*")
def validate_options(opts, warn=False):
"""Validates and normalizes options passed in a MongoDB URI.
Returns a new dictionary of validated and normalized options. If warn is
False then errors will be thrown for invalid options, otherwise they will
be ignored and a warning will be issued.
:Parameters:
- `opts`: A dict of MongoDB URI options.
- `warn` (optional): If ``True`` then warnigns will be logged and
invalid options will be ignored. Otherwise invalid options will
cause errors.
"""
return get_validated_options(opts, warn)
def validate_options(opts, warn=False):
"""Validates and normalizes options passed in a MongoDB URI.
Returns a new dictionary of validated and normalized options. If warn is
False then errors will be thrown for invalid options, otherwise they will
be ignored and a warning will be issued.
:Parameters:
- `opts`: A dict of MongoDB URI options.
- `warn` (optional): If ``True`` then warnigns will be logged and
invalid options will be ignored. Otherwise invalid options will
cause errors.
"""
return get_validated_options(opts, warn)
