RUBY-3187 Allow disable ocsp endpoint verify for KMS (#2678)

comandeo-mongo · comandeo-mongo · commit 19c8feb235d3 · 2022-12-09T09:25:06.000+01:00
diff --git a/lib/mongo/crypt/kms.rb b/lib/mongo/crypt/kms.rb
@@ -89,7 +89,6 @@ def validate_tls_options(options)
             %i(
               ssl_verify_certificate
               ssl_verify_hostname
-              ssl_verify_ocsp_endpoint
             ).each do |opt|
               if provider_opts[opt] == false
                 raise ArgumentError.new(
diff --git a/spec/mongo/crypt/kms_spec.rb b/spec/mongo/crypt/kms_spec.rb
@@ -33,7 +33,6 @@
         %i(
           ssl_verify_certificate
           ssl_verify_hostname
-          ssl_verify_ocsp_endpoint
         ).each do |insecure_opt|
           expect {
             Mongo::Crypt::KMS::Validations.validate_tls_options(
@@ -46,14 +45,18 @@
       end
 
       it 'allows valid options' do
-        options = {
-          aws: {
-            ssl: true,
-            ssl_cert_string: 'Content is not validated',
-
-          }
-        }
+        expect do
+          Mongo::Crypt::KMS::Validations.validate_tls_options(
+            {
+              aws: {
+                ssl: true,
+                ssl_cert_string: 'Content is not validated',
+                ssl_verify_ocsp_endpoint: false
+              }
+            }
+          )
+        end.not_to raise_error
       end
     end
   end
-end
+end
