Uploaded image for project: 'Drivers'
  1. Drivers
  2. DRIVERS-2339

Improve error messaging when incompatible crypt_shared options are set

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Unresolved
    • Priority: Icon: Unknown Unknown
    • None
    • Component/s: Client Side Encryption
    • None
    • Needed

      Summary

      Setting either bypassAutoEncryption=true or bypassQueryAnalysis=true will prevent the crypt_shared library from being loaded. Setting cryptSharedLibRequired=true in the AutoEncryption extra options will cause Client creation to return an error if the crypt_shared library is not loaded. Both preventing and requiring the crypt_shared library will always result in a Client creation error.

      Currently, the resulting error does not specify why the crypt_shared library was not loaded. For example, the resulting error from the C driver is:

      Option 'cryptSharedLibRequired' is 'true', but we failed to load the crypt_shared libary

      If a user doesn't realize that the problem is related to use of the "bypass" and "require" options together, they may assume the error is a failure to find the crypt_shared library in the provided path(s). To prevent confusion, require that drivers validate AutoEncryption options and return an error in the following case:

      if bypassAutoEncryption and extraOptions.cryptSharedLibRequired:
    raise "bypassAutoEncryption and extraOptions.cryptSharedLibRequired cannot both be true"
if bypassQueryAnalysis and extraOptions.cryptSharedLibRequired:
    raise "bypassQueryAnalysis and extraOptions.cryptSharedLibRequired cannot both be true"

      Motivation

      Who is the affected end user?

      End users trying to enable automatic decryption who mistakenly set extraOptions.cryptSharedLibRequired=true.

      How does this affect the end user?

      The user gets a confusing error message like

      Option 'cryptSharedLibRequired' is 'true', but we failed to load the crypt_shared libary

      How likely is it that this problem or use case will occur?

      Somewhat unlikely. Users who set bypassAutoEncryption or bypassQueryAnalysis are likely trying to use automatic decryption only and do not have an enterprise license, so they probably won't try to load the crypt_shared library. A plausible use case is where someone does have an enterprise license and typically loads the crypt_shared library, but is writing an application that only needs automatic decryption, not automatic encryption.

      If the problem does occur, what are the consequences and how severe are they?

      Confusion about how to resolve the error, possibly leading to wasted time and/or having to contact MongoDB support or ask questions on a developer forum.

      Is this issue urgent?

      No.

      Is this ticket required by a downstream team?

      No.

      Is this ticket only for tests?

      No.

            Assignee:
            Unassigned Unassigned
            Reporter:
            matt.dale@mongodb.com Matt Dale
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: