Fix crypt shared issues - not sure why this fixes the problems, but it seems to.

Author: baileympearson

.evergreen/prepare-crypt-shared-lib.sh

@@ -4,10 +4,9 @@ bash ${DRIVERS_TOOLS}/.evergreen/csfle/setup-secrets.sh
 source secrets-export.sh
 
 if [ -z "${RUN_WITH_MONGOCRYPTD}" ]; then
-  # Set up crypt shared lib if we don't want to use mongocryptd
-  bash .evergreen/prepare-crypt-shared-lib.sh
-  source crypt_shared.sh
-  echo "CRYPT_SHARED_LIB_PATH: $CRYPT_SHARED_LIB_PATH"
+  echo "crypt shared: $CRYPT_SHARED_LIB_PATH"
 else
+  rm $CRYPT_SHARED_LIB_PATH
+  unset CRYPT_SHARED_LIB_PATH
   echo "CRYPT_SHARED_LIB_PATH not set; using mongocryptd"
 fi

.evergreen/setup-fle.sh

@@ -19,6 +19,7 @@ import { MongoCryptInvalidArgumentError } from './errors';
 import { MongocryptdManager } from './mongocryptd_manager';
 import { type KMSProviders, refreshKMSCredentials } from './providers';
 import { type CSFLEKMSTlsOptions, StateMachine } from './state_machine';
+import { createWriteStream } from 'fs';
 
 /** @public */
 export interface AutoEncryptionOptions {
@@ -123,6 +124,8 @@ export const AutoEncryptionLoggerLevel = Object.freeze({
   Trace: 4
 } as const);
 
+const searchPaths = new Set<string>();
+const logs = createWriteStream('./logs');
 /**
  * @public
  * The level of severity of the log message
@@ -262,6 +265,12 @@ export class AutoEncrypter {
     }
 
     if (options.extraOptions && options.extraOptions.cryptSharedLibPath) {
+      if (!searchPaths.has(options.extraOptions.cryptSharedLibPath)) {
+        console.error("********* ", options.extraOptions.cryptSharedLibPath);
+        logs.write(options.extraOptions.cryptSharedLibPath);
+        logs.write('\n');
+      }
+      searchPaths.add(options.extraOptions.cryptSharedLibPath);
       mongoCryptOptions.cryptSharedLibPath = options.extraOptions.cryptSharedLibPath;
     }
 

src/client-side-encryption/auto_encrypter.ts

@@ -7,7 +7,7 @@ const path = require('path');
 const { dropCollection, APMEventCollector } = require('../shared');
 
 const { EJSON } = BSON;
-const { LEGACY_HELLO_COMMAND, MongoCryptError } = require('../../mongodb');
+const { LEGACY_HELLO_COMMAND, MongoCryptError, AutoEncrypter } = require('../../mongodb');
 const { MongoServerError, MongoServerSelectionError, MongoClient } = require('../../mongodb');
 const { getEncryptExtraOptions } = require('../../tools/utils');
 
@@ -42,7 +42,7 @@ const getKmsProviders = (localKey, kmipEndpoint, azureEndpoint, gcpEndpoint) =>
   return result;
 };
 
-const noop = () => {};
+const noop = () => { };
 const metadata = {
   requires: {
     clientSideEncryption: true,
@@ -1105,6 +1105,14 @@ describe('Client Side Encryption Prose Tests', metadata, function () {
   describe('Bypass spawning mongocryptd', function () {
     describe('via mongocryptdBypassSpawn', function () {
       let clientEncrypted;
+
+      beforeEach(`cannot run on Alpine linux.`, function () {
+        if (this.configuration instanceof AlpineTestConfiguration) {
+          this.currentTest.skipReason =
+            'alpine tests cannot spawn mongocryptds or use the crypt_shared.';
+          this.skip();
+        }
+      })
       // Create a MongoClient configured with auto encryption
       // Configure the required options. use the `local` KMS provider as follows:
       // ```javascript
@@ -1114,12 +1122,6 @@ describe('Client Side Encryption Prose Tests', metadata, function () {
       // configure with `client_encrypted` to use the schema `external/external-schema.json` for
       // `db.coll` by setting a schema map like `{"db.coll": <contents of external-schema.json }`
       beforeEach(async function () {
-        if (this.configuration instanceof AlpineTestConfiguration) {
-          this.currentTest.skipReason =
-            'alpine tests cannot spawn mongocryptds or use the crypt_shared.';
-          this.skip();
-        }
-
         clientEncrypted = this.configuration.newClient(
           {},
           {
@@ -1146,7 +1148,8 @@ describe('Client Side Encryption Prose Tests', metadata, function () {
                 mongocryptdSpawnArgs: [
                   '--pidfilepath=bypass-spawning-mongocryptd.pid',
                   '--port=27021'
-                ]
+                ],
+                cryptSharedLibSearchPaths: []
               }
             }
           }
@@ -1355,7 +1358,7 @@ describe('Client Side Encryption Prose Tests', metadata, function () {
 
   // TODO(NODE-3151): Implement kms prose tests
   describe('KMS TLS Tests', () => {
-    it.skip('TBD', () => {}).skipReason = 'TODO(NODE-3151): Implement "KMS TLS Tests"';
+    it.skip('TBD', () => { }).skipReason = 'TODO(NODE-3151): Implement "KMS TLS Tests"';
   });
 
   /**
@@ -1696,7 +1699,7 @@ describe('Client Side Encryption Prose Tests', metadata, function () {
     context(
       'Case 5: `tlsDisableOCSPEndpointCheck` is permitted',
       metadata,
-      function () {}
+      function () { }
     ).skipReason = 'TODO(NODE-4840): Node does not support any OCSP options';
 
     context('Case 6: named KMS providers apply TLS options', function () {

test/integration/client-side-encryption/client_side_encryption.prose.test.js

@@ -771,14 +771,15 @@ describe('CSOT', function () {
               autoEncryption: {
                 keyVaultClient,
                 keyVaultNamespace: 'admin.datakeys',
-                kmsProviders: getLocalKmsProvider()
+                kmsProviders: getLocalKmsProvider(),
+                extraOptions: getEncryptExtraOptions()
               }
             }
           );
         });
 
         afterEach(async function () {
-          await encryptedClient.close();
+          await encryptedClient?.close();
         });
 
         it('the command succeeds', metadata, async function () {

test/integration/client-side-encryption/driver.test.ts

@@ -91,20 +91,20 @@ describe('CSOT spec unit tests', function () {
     /* eslint-disable @typescript-eslint/no-empty-function */
     context.skip(
       'If a new connection is required to execute an operation, min(remaining computedServerSelectionTimeout, connectTimeoutMS) should apply to socket establishment.',
-      () => {}
+      () => { }
     ).skipReason =
       'TODO(DRIVERS-2347): Requires this ticket to be implemented before we can assert on connection CSOT behaviour';
 
     context(
       'For drivers that have control over OCSP behavior, min(remaining computedServerSelectionTimeout, 5 seconds) should apply to HTTP requests against OCSP responders.',
-      () => {}
+      () => { }
     );
   });
 
   context.skip('Socket timeouts', function () {
     context(
       'If timeoutMS is unset, operations fail after two non-consecutive socket timeouts.',
-      () => {}
+      () => { }
     );
   }).skipReason =
     'TODO(NODE-6518): Add CSOT support for socket read/write at the connection layer for CRUD APIs';
@@ -113,7 +113,7 @@ describe('CSOT spec unit tests', function () {
     describe('KMS requests', function () {
       const stateMachine = new StateMachine({} as any);
       const request = {
-        addResponse: _response => {},
+        addResponse: _response => { },
         status: {
           type: 1,
           code: 1,
@@ -127,7 +127,7 @@ describe('CSOT spec unit tests', function () {
 
       context('when StateMachine.kmsRequest() is passed a `CSOTimeoutContext`', function () {
         beforeEach(async function () {
-          sinon.stub(TLSSocket.prototype, 'connect').callsFake(function (..._args) {});
+          sinon.stub(TLSSocket.prototype, 'connect').callsFake(function (..._args) { });
         });
 
         afterEach(async function () {
@@ -200,7 +200,8 @@ describe('CSOT spec unit tests', function () {
                     mongocryptdSpawnArgs: [
                       `--pidfilepath=${new ObjectId().toHexString()}.pid`,
                       '--port=27020'
-                    ]
+                    ],
+                    cryptSharedLibSearchPaths: []
                   },
                   keyVaultNamespace: 'admin.datakeys',
                   kmsProviders: {
@@ -250,7 +251,7 @@ describe('CSOT spec unit tests', function () {
   context.skip('Background Connection Pooling', function () {
     context(
       'When doing minPoolSize maintenance, connectTimeoutMS is used as the timeout for socket establishment.',
-      () => {}
+      () => { }
     );
   }).skipReason = 'TODO(NODE-6091): Implement CSOT logic for Background Connection Pooling';
   /* eslint-enable @typescript-eslint/no-empty-function */

test/integration/client-side-operations-timeout/client_side_operations_timeout.unit.test.ts

@@ -14,6 +14,7 @@ import {
   MongoServerError
 } from '../../mongodb';
 import { filterForCommands } from '../shared';
+import { getEncryptExtraOptions } from '../../tools/utils';
 
 describe('CRUD Prose Spec Tests', () => {
   let client: MongoClient;
@@ -1023,7 +1024,8 @@ describe('CRUD Prose Spec Tests', () => {
                 accessKeyId: 'foo',
                 secretAccessKey: 'bar'
               }
-            }
+            },
+            extraOptions: getEncryptExtraOptions()
           }
         }
       );