[GODRIVER-2288] FLE 1.0 Shared Library Created: 27/Jan/22  Updated: 28/Oct/23  Resolved: 25/Jul/22

Status: Closed
Project: Go Driver
Component/s: None
Affects Version/s: None
Fix Version/s: 1.10.0

Type: Epic Priority: Major - P3
Reporter: PM Bot Assignee: Matt Dale
Resolution: Fixed Votes: 0
Labels: size-medium
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Issue split
split from DRIVERS-1950 FLE 1.0 Shared Library Closed
Server Compat: 5.3
Quarter: FY23Q2
Upstream Changes Summary:

DRIVERS-1950:
Note: the following instructions do not account for the rename of the shared library. Please also see DRIVERS-2338.

The csfle shared library is a new component that replaces the mongocryptd process. csfle is loaded by libmongocrypt at runtime.

Please see the following specifications PRs for a description of the driver changes:

Please see the C driver implementation for reference.

Bindings changes

Upgrade libmongocrypt dependency to 1.5.0. Drivers can use 1.5.0-alpha0 to test. Binaries are available from this upload-all task.

Update the bindings to libmongocrypt to add the new functions:

  • mongocrypt_csfle_version_string
  • mongocrypt_csfle_version
  • mongocrypt_setopt_append_csfle_search_path
  • mongocrypt_setopt_set_csfle_lib_path_override

Driver changes

Pass AutoEncryptionOpts.extraOptions.csflePath to libmongocrypt with {} mongocrypt_setopt_set_crypt_shared_lib_path_override.

If AutoEncryptionOpts.bypassAutoEncryption is unset or false, pass "$SYSTEM" to mongocrypt_setopt_append_csfle_search_path for the mongocrypt_t in a MongoClient configured with AutoEncryptionOpts.

If AutoEncryptionOpts.extraOptions.csfleRequired is true, error if csfle is not loaded. Determine if csfle is loaded by checking if mongocrypt_csfle_version_string is NULL.

Do not attempt to spawn mongocryptd if csfle is loaded.

Test changes

Please see https://github.com/mongodb/specifications/pull/1199 for a description of test changes.

Please see https://github.com/mongodb-labs/drivers-evergreen-tools/pull/196 for a script to download the csfle shared library.

Start date:
End date:
Calendar Time: 8 weeks
Scope Cost Estimate: 4
Cost to Date: 4
Final Cost Estimate: 5
Cost Threshold %: 100
Detailed Project Statuses:

Engineer: Matt

Summary: Support the csfle shared library, which replaces mongocryptd.

2022-06-28: Setting end-date to 2022-07-01

Status update:

  • Implementation complete. Only remaining work is to add a test variant for mongocryptd.

Rationale for delays:

  • Was not prioritized last week, but is this week.

Risks:

  • No risks.

2022-06-13: Setting end date to 2022-06-17

Status update:

  • In review, needs to be updated to account for shared library rename.

Rationale for delays:

  • Paused during MDBW.

Risks:

  • No risks.

2022-05-31: Setting end date to 2022-06-03

Status update:

  • Updating CGO bindings and integrating shared library in progress in review.

Rationale for delays:

  • No significant delays. Testing both csfle and mongocryptd presented challenges. There is not an easy way to disable csfle with public API. This is being worked around.

Risks:

  • No risks. This is not a 6.0 requirement and can be moved out of the 1.10.0 release if need be.

2022-05-16: Setting end date to 2022-05-30

Status update:

  • Working on updating CGO bindings.

Rationale for delays:

  • No delays.

Risks:

  • No risks.


 Description   

This ticket was split from DRIVERS-1950, please see that ticket for a detailed description.



 Comments   
Comment by PM Bot [ 27/Jan/22 ]

If you are not logged in, you can view the tickets in this epic by following this link.

Generated at Thu Feb 08 08:38:15 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.