@@ -699,109 +699,6 @@ _state_machine_run (_state_machine_t *state_machine,
699699 return ret ;
700700}
701701
702- /* _parse_tls_options parses the subdocument in @kms_providers identified by
703- * @provider and checks for "tls" options.
704- *
705- * Pre-conditions:
706- * - @kms_providers_for_libmongocrypt is initialized.
707- * Post-conditions:
708- * - @tls_opt is always initialized. If no TLS options are parsed, it is
709- * initialized with mongoc_ssl_opt_get_default().
710- * - If @provider exists in @kms_providers, it is appended to
711- * @kms_provider_for_libmongocrypt with the optional "tls" document removed.
712- * - tls_opt must be freed with _mongoc_ssl_opts_cleanup. */
713- static bool
714- _parse_tls_options (const bson_t * kms_providers ,
715- bson_t * kms_providers_for_libmongocrypt ,
716- const char * provider ,
717- mongoc_ssl_opt_t * tls_opt ,
718- bson_error_t * error )
719- {
720- bson_t kmip ;
721- bson_t tls_bson ;
722- bson_t child ;
723- bson_iter_t iter ;
724- const uint8_t * data ;
725- uint32_t len ;
726- bson_string_t * errmsg ;
727- bool ok = false;
728-
729- /* No change is needed if kms_providers does not contain the provider
730- * subdocument. */
731- if (!bson_has_field (kms_providers , provider )) {
732- MONGOC_DEBUG ("no provider: %s" , provider );
733- _mongoc_ssl_opts_copy_to (
734- mongoc_ssl_opt_get_default (), tls_opt , false /* copy internal */ );
735- return true;
736- }
737-
738- errmsg = bson_string_new (NULL );
739-
740- if (!bson_iter_init_find (& iter , kms_providers , provider )) {
741- bson_set_error (error ,
742- MONGOC_ERROR_CLIENT_SIDE_ENCRYPTION ,
743- MONGOC_ERROR_CLIENT_INVALID_ENCRYPTION_ARG ,
744- "Could not iterate to KMS providers %s document" ,
745- provider );
746- goto fail ;
747- }
748-
749- if (!BSON_ITER_HOLDS_DOCUMENT (& iter )) {
750- bson_set_error (error ,
751- MONGOC_ERROR_CLIENT_SIDE_ENCRYPTION ,
752- MONGOC_ERROR_CLIENT_INVALID_ENCRYPTION_ARG ,
753- "Expected KMS providers %s to be a document, got: %s" ,
754- provider ,
755- _mongoc_bson_type_to_str (bson_iter_type (& iter )));
756- goto fail ;
757- }
758-
759- bson_iter_document (& iter , & len , & data );
760- bson_init_static (& kmip , data , len );
761-
762- bson_iter_recurse (& iter , & iter );
763- if (bson_iter_find (& iter , "tls" )) {
764- MONGOC_DEBUG ("found TLS options for provider: %s" , provider );
765- if (!BSON_ITER_HOLDS_DOCUMENT (& iter )) {
766- bson_set_error (error ,
767- MONGOC_ERROR_CLIENT_SIDE_ENCRYPTION ,
768- MONGOC_ERROR_CLIENT_INVALID_ENCRYPTION_ARG ,
769- "Expected %s.tls to be a document, got: %s" ,
770- provider ,
771- _mongoc_bson_type_to_str (bson_iter_type (& iter )));
772- goto fail ;
773- }
774-
775- bson_iter_document (& iter , & len , & data );
776- bson_init_static (& tls_bson , data , len );
777-
778- if (!_mongoc_ssl_opts_from_bson (tls_opt , & tls_bson , errmsg )) {
779- bson_set_error (error ,
780- MONGOC_ERROR_CLIENT_SIDE_ENCRYPTION ,
781- MONGOC_ERROR_CLIENT_INVALID_ENCRYPTION_ARG ,
782- "Error parsing %s.tls: %s" ,
783- provider ,
784- errmsg -> str );
785- goto fail ;
786- }
787- } else {
788- _mongoc_ssl_opts_copy_to (
789- mongoc_ssl_opt_get_default (), tls_opt , false /* copy internal */ );
790- }
791-
792- /* Copy kms_provider document to kms_providers_for_libmongocrypt excluding
793- * the "tls" field. */
794- BSON_APPEND_DOCUMENT_BEGIN (
795- kms_providers_for_libmongocrypt , provider , & child );
796- bson_copy_to_excluding_noinit (& kmip , & child , "tls" , NULL );
797- bson_append_document_end (kms_providers_for_libmongocrypt , & child );
798-
799- ok = true;
800- fail :
801- bson_string_free (errmsg , true /* free_segment */ );
802- return ok ;
803- }
804-
805702static bool
806703_parse_one_tls_opts (bson_iter_t * iter ,
807704 mongoc_ssl_opt_t * out_opt ,
@@ -973,7 +870,6 @@ _mongoc_crypt_new (const bson_t *kms_providers,
973870 mongocrypt_binary_t * schema_map_bin = NULL ;
974871 mongocrypt_binary_t * kms_providers_bin = NULL ;
975872 bool success = false;
976- // bson_t kms_providers_for_libmongocrypt = BSON_INITIALIZER;
977873
978874 /* Create the handle to libmongocrypt. */
979875 crypt = bson_malloc0 (sizeof (* crypt ));
@@ -983,49 +879,6 @@ _mongoc_crypt_new (const bson_t *kms_providers,
983879 goto fail ;
984880 }
985881
986- /*
987- TODO: remove dead code
988- bson_copy_to_excluding_noinit (kms_providers,
989- &kms_providers_for_libmongocrypt,
990- "kmip",
991- "aws",
992- "azure",
993- "gcp",
994- NULL);
995-
996- if (!_parse_tls_options (kms_providers,
997- &kms_providers_for_libmongocrypt,
998- "kmip",
999- &crypt->kmip_tls_opt,
1000- error)) {
1001- goto fail;
1002- }
1003-
1004- if (!_parse_tls_options (kms_providers,
1005- &kms_providers_for_libmongocrypt,
1006- "aws",
1007- &crypt->aws_tls_opt,
1008- error)) {
1009- goto fail;
1010- }
1011-
1012- if (!_parse_tls_options (kms_providers,
1013- &kms_providers_for_libmongocrypt,
1014- "azure",
1015- &crypt->azure_tls_opt,
1016- error)) {
1017- goto fail;
1018- }
1019-
1020- if (!_parse_tls_options (kms_providers,
1021- &kms_providers_for_libmongocrypt,
1022- "gcp",
1023- &crypt->gcp_tls_opt,
1024- error)) {
1025- goto fail;
1026- }
1027- */
1028-
1029882 mongocrypt_setopt_log_handler (
1030883 crypt -> handle , _log_callback , NULL /* context */ );
1031884
@@ -1056,7 +909,6 @@ _mongoc_crypt_new (const bson_t *kms_providers,
1056909 mongocrypt_binary_destroy (local_masterkey_bin );
1057910 mongocrypt_binary_destroy (schema_map_bin );
1058911 mongocrypt_binary_destroy (kms_providers_bin );
1059- // bson_destroy (&kms_providers_for_libmongocrypt);
1060912
1061913 if (!success ) {
1062914 _mongoc_crypt_destroy (crypt );
0 commit comments