Uploaded image for project: 'Go Driver'
  1. Go Driver
  2. GODRIVER-2288

FLE 1.0 Shared Library

XMLWordPrintableJSON

    • Type: Icon: Epic Epic
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 1.10.0
    • Affects Version/s: None
    • Component/s: None
    • Labels:
    • Hide

      DRIVERS-1950:
      Note: the following instructions do not account for the rename of the shared library. Please also see DRIVERS-2338.

      The csfle shared library is a new component that replaces the mongocryptd process. csfle is loaded by libmongocrypt at runtime.

      Please see the following specifications PRs for a description of the driver changes:

      Please see the C driver implementation for reference.

      Bindings changes

      Upgrade libmongocrypt dependency to 1.5.0. Drivers can use 1.5.0-alpha0 to test. Binaries are available from this upload-all task.

      Update the bindings to libmongocrypt to add the new functions:

      • mongocrypt_csfle_version_string
      • mongocrypt_csfle_version
      • mongocrypt_setopt_append_csfle_search_path
      • mongocrypt_setopt_set_csfle_lib_path_override

      Driver changes

      Pass AutoEncryptionOpts.extraOptions.csflePath to libmongocrypt with {} mongocrypt_setopt_set_crypt_shared_lib_path_override.

      If AutoEncryptionOpts.bypassAutoEncryption is unset or false, pass "$SYSTEM" to mongocrypt_setopt_append_csfle_search_path for the mongocrypt_t in a MongoClient configured with AutoEncryptionOpts.

      If AutoEncryptionOpts.extraOptions.csfleRequired is true, error if csfle is not loaded. Determine if csfle is loaded by checking if mongocrypt_csfle_version_string is NULL.

      Do not attempt to spawn mongocryptd if csfle is loaded.

      Test changes

      Please see https://github.com/mongodb/specifications/pull/1199 for a description of test changes.

      Please see https://github.com/mongodb-labs/drivers-evergreen-tools/pull/196 for a script to download the csfle shared library.

      Show
      DRIVERS-1950 : Note : the following instructions do not account for the rename of the shared library. Please also see DRIVERS-2338. The csfle shared library is a new component that replaces the mongocryptd process. csfle is loaded by libmongocrypt at runtime. Please see the following specifications PRs for a description of the driver changes: https://github.com/mongodb/specifications/pull/1165 https://github.com/mongodb/specifications/pull/1185 Please see the C driver implementation for reference. Bindings changes Upgrade libmongocrypt dependency to 1.5.0. Drivers can use 1.5.0-alpha0 to test. Binaries are available from this upload-all task . Update the bindings to libmongocrypt to add the new functions: mongocrypt_csfle_version_string mongocrypt_csfle_version mongocrypt_setopt_append_csfle_search_path mongocrypt_setopt_set_csfle_lib_path_override Driver changes Pass AutoEncryptionOpts.extraOptions.csflePath to libmongocrypt with { } mongocrypt_setopt_set_crypt_shared_lib_path_override . If AutoEncryptionOpts.bypassAutoEncryption is unset or false, pass "$SYSTEM" to mongocrypt_setopt_append_csfle_search_path for the mongocrypt_t in a MongoClient configured with AutoEncryptionOpts . If AutoEncryptionOpts.extraOptions.csfleRequired is true, error if csfle is not loaded. Determine if csfle is loaded by checking if mongocrypt_csfle_version_string is NULL. Do not attempt to spawn mongocryptd if csfle is loaded. Test changes Please see https://github.com/mongodb/specifications/pull/1199 for a description of test changes. Please see https://github.com/mongodb-labs/drivers-evergreen-tools/pull/196 for a script to download the csfle shared library.
    • 4
    • 4
    • 5
    • 100
    • Hide

      Engineer: Matt

      Summary: Support the csfle shared library, which replaces mongocryptd.

      2022-06-28: Setting end-date to 2022-07-01

      Status update:

      • Implementation complete. Only remaining work is to add a test variant for mongocryptd.

      Rationale for delays:

      • Was not prioritized last week, but is this week.

      Risks:

      • No risks.

      2022-06-13: Setting end date to 2022-06-17

      Status update:

      • In review, needs to be updated to account for shared library rename.

      Rationale for delays:

      • Paused during MDBW.

      Risks:

      • No risks.

      2022-05-31: Setting end date to 2022-06-03

      Status update:

      • Updating CGO bindings and integrating shared library in progress in review.

      Rationale for delays:

      • No significant delays. Testing both csfle and mongocryptd presented challenges. There is not an easy way to disable csfle with public API. This is being worked around.

      Risks:

      • No risks. This is not a 6.0 requirement and can be moved out of the 1.10.0 release if need be.

      2022-05-16: Setting end date to 2022-05-30

      Status update:

      • Working on updating CGO bindings.

      Rationale for delays:

      • No delays.

      Risks:

      • No risks.
      Show
      Engineer: Matt Summary: Support the csfle shared library, which replaces mongocryptd. 2022-06-28: Setting end-date to 2022-07-01 Status update: Implementation complete. Only remaining work is to add a test variant for mongocryptd. Rationale for delays: Was not prioritized last week, but is this week. Risks: No risks. 2022-06-13: Setting end date to 2022-06-17 Status update: In review, needs to be updated to account for shared library rename. Rationale for delays: Paused during MDBW. Risks: No risks. 2022-05-31: Setting end date to 2022-06-03 Status update: Updating CGO bindings and integrating shared library in progress in review. Rationale for delays: No significant delays. Testing both csfle and mongocryptd presented challenges. There is not an easy way to disable csfle with public API. This is being worked around. Risks: No risks. This is not a 6.0 requirement and can be moved out of the 1.10.0 release if need be. 2022-05-16: Setting end date to 2022-05-30 Status update: Working on updating CGO bindings. Rationale for delays: No delays. Risks: No risks.

      This ticket was split from DRIVERS-1950, please see that ticket for a detailed description.

            Assignee:
            matt.dale@mongodb.com Matt Dale
            Reporter:
            dbeng-pm-bot PM Bot
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved:
              8 weeks