From 27fb1fa3aa01e00adccd6407ed576adfa69b43db Mon Sep 17 00:00:00 2001
From: Neal Beeken <neal.beeken@mongodb.com>
Date: Mon, 1 Mar 2021 17:33:39 -0500
Subject: [PATCH 1/4] fix: remove validation on nodejs option

---
 package-lock.json        |  6 +++---
 package.json             |  2 +-
 src/connection_string.ts | 11 +----------
 3 files changed, 5 insertions(+), 14 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2e91967c52c..700138be6e3 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -623,9 +623,9 @@
       "dev": true
     },
     "@types/node": {
-      "version": "14.6.4",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-14.6.4.tgz",
-      "integrity": "sha512-Wk7nG1JSaMfMpoMJDKUsWYugliB2Vy55pdjLpmLixeyMi7HizW2I/9QoxsPCkXl3dO+ZOVqPumKaDUv5zJu2uQ==",
+      "version": "14.14.31",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-14.14.31.tgz",
+      "integrity": "sha512-vFHy/ezP5qI0rFgJ7aQnjDXwAMrG0KqqIH7tQG5PPv3BWBayOPIQNBjVc/P6hhdZfMx51REc6tfDNXHUio893g==",
       "dev": true
     },
     "@types/normalize-package-data": {
diff --git a/package.json b/package.json
index 5e0d7ab48f8..d4cb9360ade 100644
--- a/package.json
+++ b/package.json
@@ -39,7 +39,7 @@
     "@types/chai-subset": "^1.3.3",
     "@types/kerberos": "^1.1.0",
     "@types/mocha": "^8.2.0",
-    "@types/node": "^14.6.4",
+    "@types/node": "^14.14.31",
     "@types/saslprep": "^1.0.0",
     "@types/semver": "^7.3.4",
     "@typescript-eslint/eslint-plugin": "^4.15.1",
diff --git a/src/connection_string.ts b/src/connection_string.ts
index cbfdd92c586..0a4ad1e998d 100644
--- a/src/connection_string.ts
+++ b/src/connection_string.ts
@@ -575,16 +575,6 @@ export const OPTIONS = {
   checkKeys: {
     type: 'boolean'
   },
-  checkServerIdentity: {
-    target: 'checkServerIdentity',
-    transform({
-      values: [value]
-    }): boolean | ((hostname: string, cert: Document) => Error | undefined) {
-      if (typeof value !== 'boolean' && typeof value !== 'function')
-        throw new MongoParseError('check server identity must be a boolean or custom function');
-      return value as boolean | ((hostname: string, cert: Document) => Error | undefined);
-    }
-  },
   compressors: {
     default: 'none',
     target: 'compressors',
@@ -1041,6 +1031,7 @@ export const OPTIONS = {
   enableTrace: { type: 'any' },
   requestCert: { type: 'any' },
   rejectUnauthorized: { type: 'any' },
+  checkServerIdentity: { type: 'any' },
   ALPNProtocols: { type: 'any' },
   SNICallback: { type: 'any' },
   session: { type: 'any' },

From 28ac2a59e70464c45475919d1ec335e5a49243cc Mon Sep 17 00:00:00 2001
From: Neal Beeken <neal.beeken@mongodb.com>
Date: Mon, 1 Mar 2021 17:34:47 -0500
Subject: [PATCH 2/4] fix: remove catch for synchronous socket errors

---
 src/cmap/connect.ts | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/src/cmap/connect.ts b/src/cmap/connect.ts
index 5673180dceb..4503e3d8fce 100644
--- a/src/cmap/connect.ts
+++ b/src/cmap/connect.ts
@@ -289,18 +289,14 @@ function makeConnection(options: ConnectionOptions, _callback: CallbackWithType<
     _callback(err, ret);
   };
 
-  try {
-    if (useTLS) {
-      const tlsSocket = tls.connect(parseSslOptions(options));
-      if (typeof tlsSocket.disableRenegotiation === 'function') {
-        tlsSocket.disableRenegotiation();
-      }
-      socket = tlsSocket;
-    } else {
-      socket = net.createConnection(parseConnectOptions(options));
+  if (useTLS) {
+    const tlsSocket = tls.connect(parseSslOptions(options));
+    if (typeof tlsSocket.disableRenegotiation === 'function') {
+      tlsSocket.disableRenegotiation();
     }
-  } catch (err) {
-    return callback(err);
+    socket = tlsSocket;
+  } else {
+    socket = net.createConnection(parseConnectOptions(options));
   }
 
   socket.setKeepAlive(keepAlive, keepAliveInitialDelay);

From 0fd3d357a567cf4323f17a2d092bf202141dbd2d Mon Sep 17 00:00:00 2001
From: Neal Beeken <neal.beeken@mongodb.com>
Date: Mon, 8 Mar 2021 17:39:46 -0500
Subject: [PATCH 3/4] fix: remove auto disable of serverIdentityCheck

---
 src/cmap/connect.ts | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/src/cmap/connect.ts b/src/cmap/connect.ts
index 4503e3d8fce..615e4d9f952 100644
--- a/src/cmap/connect.ts
+++ b/src/cmap/connect.ts
@@ -247,15 +247,6 @@ function parseSslOptions(options: ConnectionOptions): TLSConnectionOpts {
     }
   }
 
-  // Override checkServerIdentity behavior
-  if (!options.checkServerIdentity) {
-    // Skip the identity check by retuning undefined as per node documents
-    // https://nodejs.org/api/tls.html#tls_tls_connect_options_callback
-    result.checkServerIdentity = () => undefined;
-  } else if (typeof options.checkServerIdentity === 'function') {
-    result.checkServerIdentity = options.checkServerIdentity;
-  }
-
   // Set default sni servername to be the same as host
   if (result.servername == null) {
     result.servername = result.host;

From 2686a6bc979575eed2dc6bf8e6bf85da08710368 Mon Sep 17 00:00:00 2001
From: Neal Beeken <neal.beeken@mongodb.com>
Date: Tue, 9 Mar 2021 13:01:50 -0500
Subject: [PATCH 4/4] fix: index test failing on latest

---
 test/functional/index.test.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/functional/index.test.js b/test/functional/index.test.js
index d3246843a58..3f90b7cfbc4 100644
--- a/test/functional/index.test.js
+++ b/test/functional/index.test.js
@@ -1174,7 +1174,7 @@ describe('Indexes', function () {
     metadata: {
       requires: {
         topology: ['single', 'replicaset', 'sharded', 'ssl', 'heap', 'wiredtiger'],
-        mongodb: '>=3.0.0'
+        mongodb: '>=3.0.0 <=4.8.0'
       }
     },