add public proxy type

Author: isabelatkinson

src/client/csfle.rs

@@ -73,7 +73,7 @@ impl ClientState {
             mongocryptd_client,
             aux_clients.metadata_client,
             #[cfg(feature = "socks5-proxy")]
-            crate::runtime::stream::Proxy::from_client_options(client.options()),
+            client.options().socks5_proxy.clone(),
         )
         .await?;
 

src/client/csfle/state_machine.rs

@@ -5,9 +5,6 @@ use std::{
     time::Duration,
 };
 
-use crate::bson::{rawdoc, Document, RawDocument, RawDocumentBuf};
-#[cfg(feature = "socks5-proxy")]
-use crate::runtime::stream::Proxy;
 use futures_util::{stream, TryStreamExt};
 use mongocrypt::ctx::{Ctx, KmsCtx, KmsProviderType, State};
 use rayon::ThreadPool;
@@ -16,7 +13,10 @@ use tokio::{
     sync::{oneshot, Mutex},
 };
 
+#[cfg(feature = "socks5-proxy")]
+use crate::options::Socks5Proxy;
 use crate::{
+    bson::{rawdoc, Document, RawDocument, RawDocumentBuf},
     client::{csfle::options::KmsProvidersTlsOptions, options::ServerAddress, WeakClient},
     error::{Error, Result},
     operation::{raw_output::RawOutput, run_command::RunCommand},
@@ -40,7 +40,7 @@ pub(crate) struct CryptExecutor {
     #[cfg(feature = "azure-kms")]
     azure: azure::ExecutorState,
     #[cfg(feature = "socks5-proxy")]
-    proxy: Option<Proxy>,
+    proxy: Option<Socks5Proxy>,
 }
 
 impl CryptExecutor {
@@ -76,7 +76,7 @@ impl CryptExecutor {
         mongocryptd_opts: Option<MongocryptdOptions>,
         mongocryptd_client: Option<Client>,
         metadata_client: Option<WeakClient>,
-        #[cfg(feature = "socks5-proxy")] proxy: Option<Proxy>,
+        #[cfg(feature = "socks5-proxy")] proxy: Option<Socks5Proxy>,
     ) -> Result<Self> {
         let mongocryptd = match mongocryptd_opts {
             Some(opts) => Some(Mongocryptd::new(opts).await?),
@@ -188,7 +188,7 @@ impl CryptExecutor {
                     async fn execute(
                         kms_ctx: &mut KmsCtx<'_>,
                         tls_options: Option<&KmsProvidersTlsOptions>,
-                        #[cfg(feature = "socks5-proxy")] proxy: Option<&Proxy>,
+                        #[cfg(feature = "socks5-proxy")] proxy: Option<&Socks5Proxy>,
                     ) -> Result<()> {
                         let endpoint = kms_ctx.endpoint()?;
                         let addr = ServerAddress::parse(endpoint)?;

src/client/options.rs

@@ -415,6 +415,54 @@ pub struct ServerApi {
     pub deprecation_errors: Option<bool>,
 }
 
+/// Configuration for connecting to a SOCKS5 proxy.
+#[cfg(feature = "socks5-proxy")]
+#[derive(Clone, Debug, Deserialize, PartialEq, TypedBuilder)]
+#[builder(field_defaults(default, setter(into)))]
+#[non_exhaustive]
+pub struct Socks5Proxy {
+    /// The hostname or IP address on which the proxy is listening.
+    pub host: String,
+
+    /// The port on which the proxy is listening. Defaults to 1080 if unset.
+    pub port: Option<u16>,
+
+    /// A username/password pair to authenticate to the proxy.
+    pub authentication: Option<(String, String)>,
+}
+
+#[cfg(feature = "socks5-proxy")]
+impl Socks5Proxy {
+    fn serialize<S>(
+        proxy: &Option<Socks5Proxy>,
+        serializer: S,
+    ) -> std::result::Result<S::Ok, S::Error>
+    where
+        S: serde::Serializer,
+    {
+        #[derive(Serialize)]
+        #[serde(rename_all = "camelCase")]
+        struct Helper<'a> {
+            proxy_host: &'a String,
+            proxy_port: Option<u16>,
+            proxy_username: Option<&'a String>,
+            proxy_password: Option<&'a String>,
+        }
+
+        if let Some(proxy) = proxy.as_ref() {
+            let helper = Helper {
+                proxy_host: &proxy.host,
+                proxy_port: proxy.port,
+                proxy_username: proxy.authentication.as_ref().map(|auth| &auth.0),
+                proxy_password: proxy.authentication.as_ref().map(|auth| &auth.1),
+            };
+            helper.serialize(serializer)
+        } else {
+            serializer.serialize_none()
+        }
+    }
+}
+
 /// Contains the options that can be used to create a new [`Client`](../struct.Client.html).
 #[derive(Clone, Deserialize, TypedBuilder)]
 #[builder(field_defaults(default, setter(into)))]
@@ -624,22 +672,9 @@ pub struct ClientOptions {
     #[cfg(feature = "opentelemetry")]
     pub tracing: Option<crate::otel::OpentelemetryOptions>,
 
-    /// The IPv4 or IPv6 address or domain name of a proxy server used for connecting to MongoDB
-    /// services.
+    /// Configuration for connecting to a SOCKS5 proxy.
     #[cfg(feature = "socks5-proxy")]
-    pub proxy_host: Option<String>,
-
-    /// The port of the proxy server. Defaults to 1080 if unspecified.
-    #[cfg(feature = "socks5-proxy")]
-    pub proxy_port: Option<u16>,
-
-    /// The username for authentication to the proxy server.
-    #[cfg(feature = "socks5-proxy")]
-    pub proxy_username: Option<String>,
-
-    /// The password for authentication to the proxy server.
-    #[cfg(feature = "socks5-proxy")]
-    pub proxy_password: Option<String>,
+    pub socks5_proxy: Option<Socks5Proxy>,
 
     /// Information from the SRV URI that generated these client options, if applicable.
     #[builder(setter(skip))]
@@ -773,6 +808,10 @@ impl Serialize for ClientOptions {
             srvmaxhosts: Option<i32>,
 
             srvservicename: &'a Option<String>,
+
+            #[cfg(feature = "socks5-proxy")]
+            #[serde(flatten, serialize_with = "Socks5Proxy::serialize")]
+            socks5proxy: &'a Option<Socks5Proxy>,
         }
 
         let client_options = ClientOptionsHelper {
@@ -807,6 +846,8 @@ impl Serialize for ClientOptions {
                 .transpose()
                 .map_err(serde::ser::Error::custom)?,
             srvservicename: &self.srv_service_name,
+            #[cfg(feature = "socks5-proxy")]
+            socks5proxy: &self.socks5_proxy,
         };
 
         client_options.serialize(serializer)
@@ -1002,22 +1043,9 @@ pub struct ConnectionString {
     /// Overrides the default "mongodb" service name for SRV lookup in both discovery and polling
     pub srv_service_name: Option<String>,
 
-    /// The IPv4 or IPv6 address or domain name of a proxy server used for connecting to MongoDB
-    /// services.
-    #[cfg(feature = "socks5-proxy")]
-    pub proxy_host: Option<String>,
-
-    /// The port of the proxy server. Defaults to 1080 if unspecified.
-    #[cfg(feature = "socks5-proxy")]
-    pub proxy_port: Option<u16>,
-
-    /// The username for authentication to the proxy server.
-    #[cfg(feature = "socks5-proxy")]
-    pub proxy_username: Option<String>,
-
-    /// The password for authentication to the proxy server.
-    #[cfg(feature = "socks5-proxy")]
-    pub proxy_password: Option<String>,
+    /// Configuration for connecting to a SOCKS5 proxy.
+    #[serde(serialize_with = "Socks5Proxy::serialize")]
+    pub socks5_proxy: Option<Socks5Proxy>,
 
     #[serde(serialize_with = "serde_util::serialize_duration_option_as_int_millis")]
     wait_queue_timeout: Option<Duration>,
@@ -1037,6 +1065,14 @@ struct ConnectionStringParts {
     auth_mechanism_properties: Option<Document>,
     zlib_compression: Option<i32>,
     auth_source: Option<String>,
+    #[cfg(feature = "socks5-proxy")]
+    proxy_host: Option<String>,
+    #[cfg(feature = "socks5-proxy")]
+    proxy_port: Option<u16>,
+    #[cfg(feature = "socks5-proxy")]
+    proxy_username: Option<String>,
+    #[cfg(feature = "socks5-proxy")]
+    proxy_password: Option<String>,
 }
 
 /// Specification for mongodb server connections.
@@ -1361,7 +1397,7 @@ impl ClientOptions {
 
         #[cfg(feature = "socks5-proxy")]
         {
-            if self.proxy_host.is_some() {
+            if let Some(proxy) = self.socks5_proxy.as_ref() {
                 if self
                     .hosts
                     .iter()
@@ -1372,25 +1408,12 @@ impl ClientOptions {
                     ));
                 }
 
-                if self.proxy_username.is_some() != self.proxy_password.is_some() {
-                    return Err(Error::invalid_argument(
-                        "proxy username and proxy password must both be specified or unset",
-                    ));
-                }
-            } else {
-                let error = |option: &str| {
-                    Error::invalid_argument(format!(
-                        "cannot specify a proxy {option} without a proxy host"
-                    ))
-                };
-                if self.proxy_port.is_some() {
-                    return Err(error("port"));
-                }
-                if self.proxy_username.is_some() {
-                    return Err(error("username"));
-                }
-                if self.proxy_password.is_some() {
-                    return Err(error("password"));
+                if let Some((username, password)) = proxy.authentication.as_ref() {
+                    if username.is_empty() || password.is_empty() {
+                        return Err(Error::invalid_argument(
+                            "cannot specify an empty username or password for proxy host",
+                        ));
+                    }
                 }
             }
         }
@@ -1742,6 +1765,43 @@ impl ConnectionString {
             conn_str.tls = Some(Tls::Enabled(Default::default()));
         }
 
+        #[cfg(feature = "socks5-proxy")]
+        {
+            if let Some(host) = parts.proxy_host {
+                let mut proxy = Socks5Proxy::builder().host(host).build();
+                if let Some(port) = parts.proxy_port {
+                    proxy.port = Some(port);
+                }
+                match (parts.proxy_username, parts.proxy_password) {
+                    (Some(username), Some(password)) => {
+                        proxy.authentication = Some((username, password))
+                    }
+                    (None, None) => {}
+                    _ => {
+                        return Err(Error::invalid_argument(
+                            "proxy username and password must both be specified as nonempty \
+                             strings or unset",
+                        ));
+                    }
+                }
+            } else {
+                let error = |option: &str| {
+                    Error::invalid_argument(format!(
+                        "{option} cannot be set if {PROXY_HOST} is unspecified"
+                    ))
+                };
+                if parts.proxy_port.is_some() {
+                    return Err(error(PROXY_PORT));
+                }
+                if parts.proxy_username.is_some() {
+                    return Err(error(PROXY_USERNAME));
+                }
+                if parts.proxy_password.is_some() {
+                    return Err(error(PROXY_PASSWORD));
+                }
+            }
+        }
+
         Ok(conn_str)
     }
 
@@ -1783,13 +1843,7 @@ impl ConnectionString {
             wait_queue_timeout,
             tls_insecure,
             #[cfg(feature = "socks5-proxy")]
-            proxy_host,
-            #[cfg(feature = "socks5-proxy")]
-            proxy_port,
-            #[cfg(feature = "socks5-proxy")]
-            proxy_username,
-            #[cfg(feature = "socks5-proxy")]
-            proxy_password,
+            socks5_proxy,
             #[cfg(test)]
                 original_uri: _,
         } = self;
@@ -2092,21 +2146,15 @@ impl ConnectionString {
         }
 
         #[cfg(feature = "socks5-proxy")]
-        {
-            if let Some(proxy_host) = proxy_host {
-                opts.push_str(&format!("&proxyHost={proxy_host}"));
-            }
-
-            if let Some(proxy_port) = proxy_port {
-                opts.push_str(&format!("&proxyPort={proxy_port}"));
+        if let Some(proxy) = socks5_proxy {
+            opts.push_str(&format!("&proxyHost={}", proxy.host));
+            if let Some(port) = proxy.port {
+                opts.push_str(&format!("&proxyPort={port}"));
             }
-
-            if let Some(proxy_username) = proxy_username {
-                opts.push_str(&format!("&proxyUsername={proxy_username}"));
-            }
-
-            if let Some(proxy_password) = proxy_password {
-                opts.push_str(&format!("&proxyPassword={proxy_password}"));
+            if let Some((username, password)) = proxy.authentication.as_ref() {
+                opts.push_str(&format!(
+                    "&proxyUsername={username}&proxyPassword={password}"
+                ));
             }
         }
 
@@ -2689,17 +2737,17 @@ impl ConnectionString {
                 parts.zlib_compression = Some(i);
             }
             #[cfg(feature = "socks5-proxy")]
-            PROXY_HOST => self.proxy_host = Some(value.to_string()),
+            PROXY_HOST => parts.proxy_host = Some(value.to_string()),
             #[cfg(feature = "socks5-proxy")]
             PROXY_PORT => {
                 let port = u16::from_str(value)
                     .map_err(|_| Error::invalid_argument(format!("invalid proxy port: {value}")))?;
-                self.proxy_port = Some(port);
+                parts.proxy_port = Some(port);
             }
             #[cfg(feature = "socks5-proxy")]
-            PROXY_USERNAME => self.proxy_username = Some(value.to_string()),
+            PROXY_USERNAME if !value.is_empty() => parts.proxy_username = Some(value.to_string()),
             #[cfg(feature = "socks5-proxy")]
-            PROXY_PASSWORD => self.proxy_password = Some(value.to_string()),
+            PROXY_PASSWORD if !value.is_empty() => parts.proxy_password = Some(value.to_string()),
             #[cfg(not(feature = "socks5-proxy"))]
             PROXY_HOST | PROXY_PORT | PROXY_USERNAME | PROXY_PASSWORD => {
                 return Err(Error::invalid_argument(format!(

src/client/options/parse.rs

@@ -165,13 +165,7 @@ impl ClientOptions {
             #[cfg(feature = "opentelemetry")]
             tracing: None,
             #[cfg(feature = "socks5-proxy")]
-            proxy_host: conn_str.proxy_host,
-            #[cfg(feature = "socks5-proxy")]
-            proxy_port: conn_str.proxy_port,
-            #[cfg(feature = "socks5-proxy")]
-            proxy_username: conn_str.proxy_username,
-            #[cfg(feature = "socks5-proxy")]
-            proxy_password: conn_str.proxy_password,
+            socks5_proxy: conn_str.socks5_proxy,
         }
     }
 }