mongodb · kevinAlbs · Apr 25, 2024 · Apr 5, 2024 · Apr 5, 2024 · Apr 5, 2024
@@ -10,8 +10,8 @@ compile_libmongocrypt() {
   # `.evergreen/scripts/kms-divergence-check.sh` to ensure that there is no
   # divergence in the copied files.
 
-  # TODO: once 1.9.0 is released (containing MONGOCRYPT-605) replace the following with:
-  # git clone -q --depth=1 https://github.com/mongodb/libmongocrypt --branch 1.9.0 || return
+  # TODO: once 1.10.0 is released (containing MONGOCRYPT-605) replace the following with:
+  # git clone -q --depth=1 https://github.com/mongodb/libmongocrypt --branch 1.10.0 || return
   {
     git clone -q https://github.com/mongodb/libmongocrypt || return
     # Check out commit containing MONGOCRYPT-614
@@ -23,7 +23,7 @@ compile_libmongocrypt() {
     "-DBUILD_TESTING=OFF"
     "-DENABLE_ONLINE_TESTS=OFF"
     "-DENABLE_MONGOC=OFF"
-    "-DBUILD_VERSION=1.9.0-pre"
+    "-DBUILD_VERSION=1.10.0-pre"
   )
 
   DEBUG="0" \

@@ -241,7 +241,7 @@ The mock server timeout threshold for future functions can be set with:
 
 This is useful for debugging, so future calls don't timeout when stepping through code.
 
-Tests of Client-Side Field Level Encryption require credentials to external KMS providers.
+Tests of In-Use Encryption require credentials to external KMS providers.
 
 For AWS:
 
@@ -261,20 +261,20 @@ For GCP:
 * `MONGOC_TEST_GCP_EMAIL=<string>`
 * `MONGOC_TEST_GCP_PRIVATEKEY=<string>`
 
-Tests of Client-Side Field Level Encryption also require temporary credentials to external KMS providers.
+Tests of In-Use Encryption also require temporary credentials to external KMS providers.
 
 For AWS:
 
 * `MONGOC_TEST_AWS_TEMP_SECRET_ACCESS_KEY=<string>`
 * `MONGOC_TEST_AWS_TEMP_ACCESS_KEY_ID=<string>`
 * `MONGOC_TEST_AWS_TEMP_SESSION_TOKEN=<string>`
 
-Tests of Client-Side Field Level Encryption spawn an extra process, "mongocryptd", by default. To bypass this spawning,
+Tests of In-Use Encryption spawn an extra process, "mongocryptd", by default. To bypass this spawning,
 start mongocryptd on port 27020 and set the following:
 
 * `MONGOC_TEST_MONGOCRYPTD_BYPASS_SPAWN=on`
 
-KMS TLS tests for Client-Side Field Level Encryption require mock KMS servers to be running in the background.
+KMS TLS tests for In-Use Encryption require mock KMS servers to be running in the background.
 
 The [Setup instructions](https://github.com/mongodb/specifications/tree/master/source/client-side-encryption/tests#setup-3) given in the Client Side Encryption Tests specification provide additional information.
 

@@ -1,3 +1,10 @@
+libmongoc 1.27.0 (Unreleased)
+=============================
+
+Notes:
+
+  * Raise required version of libmongocrypt to 1.10.0 to support In-Use Encryption (corresponds to the CMake option: `ENABLE_CLIENT_SIDE_ENCRYPTION`).
+
 libmongoc 1.26.2
 ================
 

@@ -484,9 +484,9 @@ endif ()
 
 if (NOT MONGOC_ENABLE_SSL)
    if (ENABLE_CLIENT_SIDE_ENCRYPTION STREQUAL ON)
-      message (FATAL_ERROR "SSL disabled, but is required for Client-Side Field Level Encryption support.")
+      message (FATAL_ERROR "SSL disabled, but is required for In-Use Encryption support.")
    elseif (ENABLE_CLIENT_SIDE_ENCRYPTION STREQUAL AUTO)
-      message (STATUS "SSL disabled. Configuring without Client-Side Field Level Encryption support.")
+      message (STATUS "SSL disabled. Configuring without In-Use Encryption support.")
    endif ()
 elseif (NOT ENABLE_CLIENT_SIDE_ENCRYPTION STREQUAL OFF)
    message (STATUS "Searching for libmongocrypt")
@@ -497,10 +497,10 @@ elseif (NOT ENABLE_CLIENT_SIDE_ENCRYPTION STREQUAL OFF)
       find_package (mongocrypt QUIET)
    endif ()
 
-   if (mongocrypt_FOUND AND "${mongocrypt_VERSION}" VERSION_LESS 1.8.0)
+   if (mongocrypt_FOUND AND "${mongocrypt_VERSION}" VERSION_LESS 1.10.0)
       message (STATUS "  libmongocrypt found at ${mongocrypt_DIR}")
       message (STATUS "  libmongocrypt version ${mongocrypt_VERSION} found")
-      message (STATUS "  libmongocrypt version 1.8.0 is required to enable Client-Side Field Level Encryption Support.")
+      message (STATUS "  libmongocrypt version 1.10.0 is required to enable In-Use Encryption Support.")
       set (REQUIRED_MONGOCRYPT_VERSION_FOUND OFF)
    elseif (mongocrypt_FOUND)
       set (REQUIRED_MONGOCRYPT_VERSION_FOUND ON)
@@ -521,7 +521,7 @@ elseif (NOT ENABLE_CLIENT_SIDE_ENCRYPTION STREQUAL OFF)
    elseif (ENABLE_CLIENT_SIDE_ENCRYPTION STREQUAL ON)
       message (FATAL_ERROR "Required library (libmongocrypt) not found.")
    else ()
-      message (STATUS "libmongocrypt not found. Configuring without Client-Side Field Level Encryption support.")
+      message (STATUS "libmongocrypt not found. Configuring without In-Use Encryption support.")
    endif ()
 endif ()
 

@@ -22,7 +22,7 @@ Parameters
 
 Supplying an ``encrypted_fields_map`` provides more security than relying on an ``encryptedFields`` obtained from the server. It protects against a malicious server advertising a false ``encryptedFields``.
 
-The schema map does not apply to collections encrypted with: :doc:`Client-Side Field Level Encryption </queryable-encryption>`. See :symbol:`mongoc_auto_encryption_opts_set_schema_map()` instead.
+The schema map does not apply to collections encrypted with: :doc:`Queryable Encryption </queryable-encryption>`. See :symbol:`mongoc_auto_encryption_opts_set_schema_map()` instead.
 
 .. seealso::