[CDRIVER-4414] Allow applications and wrapping drivers to detect crypt_shared availability Created: 23/Jun/22 Updated: 03/Aug/22 Resolved: 03/Aug/22 |
|
| Status: | Closed |
| Project: | C Driver |
| Component/s: | libmongocrypt |
| Affects Version/s: | 1.22.0-beta0 |
| Fix Version/s: | 1.23.0 |
| Type: | Improvement | Priority: | Unknown |
| Reporter: | Jeremy Mikola | Assignee: | Colby Pike |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||
| Description |
|
Related to: Detecting crypt_shared Availability in the CSFLE spec. Applications and drivers wrapping libmongoc don't have any way to determine if crypt_shared is used, because mongocrypt_crypt_shared_lib_version_string requires a mongocrypt_t * resource, which is internal to libmongoc's private struct __mongoc_crypt_t (typedef-ed as _mongoc_crypt_t). _mongoc_crypt_t is created by _mongoc_crypt_new, which is only called in three places within libmongoc:
In a previous discussion with colby.pike@mongodb.com I asked if libmongoc or libmongocrypt had any safeguards in place to avoid loading multiple versions of crypt_shared. His response was:
Ideally, it'd be great if libmongoc or libmongocrypt could provide some global API (not tied to a client/pool) that allowed applications to query the crypt_shared version. This would allow PHP to report its version the same way we do libmongoc and libmongocrypt itself. If that's not possible, providing some API to query the crypt_shared version through a pool or client would be sufficient (although that could be more complicated as it would require exposing mongoc_crypt_t _and its mongocrypt_t *. |
| Comments |
| Comment by Jeremy Mikola [ 27/Jun/22 ] | |||||
|
The API I was thinking of would likely need to be some global function that would be expected to return NULL until the process happens to dynamically load the library. It looks like there's always some global state tracked in mongocrypt.c around where _try_load_csfle is called, so that's what I was expecting could be updated. If that's not feasible, then an API on mongoc_client_t works. | |||||
| Comment by Kevin Albertson [ 27/Jun/22 ] | |||||
I am not sure if that is possible. crypt_shared is dynamically linked at runtime. It will not be linked until a mongoc_client_t or mongoc_client_pool_t is created with auto encryption options. I think it is OK to add an API on mongoc_client_t or mongoc_client_pool_t. jmikola@mongodb.com would this API be sufficient?
|