Skip to content

Commit dcf9027

Browse files
kevinAlbseramongodb
kevinAlbs
and
eramongodb
authored
CDRIVER-4528 Permit tlsDisableOCSPEndpointCheck in KMS TLS options (#1153)
* CDRIVER-4528 Permit `tlsDisableOCSPEndpointCheck` in KMS TLS options * Use URI macro Co-authored-by: Ezra Chung <[email protected]>
1 parent da88d0f commit dcf9027

File tree

2 files changed

+20
-0
lines changed

2 files changed

+20
-0
lines changed

src/libmongoc/src/mongoc/mongoc-crypt.c

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1113,6 +1113,10 @@ _parse_one_tls_opts (bson_iter_t *iter,
11131113
continue;
11141114
}
11151115

1116+
if (0 == bson_strcasecmp (key, MONGOC_URI_TLSDISABLEOCSPENDPOINTCHECK)) {
1117+
continue;
1118+
}
1119+
11161120
bson_set_error (
11171121
error,
11181122
MONGOC_ERROR_CLIENT_SIDE_ENCRYPTION,

src/libmongoc/tests/test-mongoc-client-side-encryption.c

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3530,6 +3530,22 @@ test_kms_tls_options_extra_rejected (void *unused)
35303530
ASSERT (NULL == ce);
35313531
mongoc_client_encryption_opts_destroy (ce_opts);
35323532

3533+
/* Test that tlsDisableOCSPEndpointCheck may be set. */
3534+
memset (&error, 0, sizeof (bson_error_t));
3535+
ce_opts = mongoc_client_encryption_opts_new ();
3536+
mongoc_client_encryption_opts_set_keyvault_namespace (
3537+
ce_opts, "keyvault", "datakeys");
3538+
mongoc_client_encryption_opts_set_keyvault_client (ce_opts, keyvault_client);
3539+
mongoc_client_encryption_opts_set_kms_providers (ce_opts, kms_providers);
3540+
mongoc_client_encryption_opts_set_tls_opts (
3541+
ce_opts,
3542+
tmp_bson ("{'aws': {'%s': true}}",
3543+
MONGOC_URI_TLSDISABLEOCSPENDPOINTCHECK));
3544+
ce = mongoc_client_encryption_new (ce_opts, &error);
3545+
ASSERT_OR_PRINT (ce, error);
3546+
mongoc_client_encryption_destroy (ce);
3547+
mongoc_client_encryption_opts_destroy (ce_opts);
3548+
35333549
mongoc_client_destroy (keyvault_client);
35343550
}
35353551

0 commit comments

Comments
 (0)