RUBY-2832 Fix FLE problems on JRuby

comandeo-mongo · comandeo-mongo · commit fa7f0b32ce40 · 2021-12-27T13:04:39.000+01:00
diff --git a/.evergreen/config.yml b/.evergreen/config.yml
@@ -1289,9 +1289,7 @@ buildvariants:
   - matrix_name: "fle-4.4"
     matrix_spec:
       auth-and-ssl: "noauth-and-nossl"
-      # https://jira.mongodb.org/browse/RUBY-2832
-      # ruby: [ruby-3.0, ruby-2.7, jruby-9.2]
-      ruby: [ruby-3.0, ruby-2.7]
+      ruby: [ruby-3.0, ruby-2.7, jruby-9.2]
       topology: standalone
       mongodb-version: ['4.4']
       os: ubuntu1804
diff --git a/.evergreen/config/standard.yml.erb b/.evergreen/config/standard.yml.erb
@@ -437,9 +437,7 @@ buildvariants:
   - matrix_name: "fle-4.4"
     matrix_spec:
       auth-and-ssl: "noauth-and-nossl"
-      # https://jira.mongodb.org/browse/RUBY-2832
-      # ruby: [ruby-3.0, ruby-2.7, jruby-9.2]
-      ruby: [ruby-3.0, ruby-2.7]
+      ruby: [ruby-3.0, ruby-2.7, jruby-9.2]
       topology: standalone
       mongodb-version: ['4.4']
       os: ubuntu1804
diff --git a/lib/mongo/crypt/binding.rb b/lib/mongo/crypt/binding.rb
@@ -798,7 +798,11 @@ def self.kms_ctx_get_kms_provider(kms_context)
         if len_ptr.nil?
           nil
         else
-          len = len_ptr.read(:uint32)
+          len = if BSON::Environment.jruby?
+            len_ptr.get_uint32
+          else
+            len_ptr.get(:uint32, 0)
+          end
           provider.read_string(len).to_sym
         end
       end
diff --git a/spec/integration/client_side_encryption/custom_endpoint_spec.rb b/spec/integration/client_side_encryption/custom_endpoint_spec.rb
@@ -93,13 +93,28 @@
         }
       end
 
-      it 'throws an exception' do
-        expect do
-          data_key_id
-        end.to raise_error(Mongo::Error::KmsError, /Connection refused/)
+      context 'MRI' do
+        require_mri
+
+        it 'throws an exception' do
+          expect do
+            data_key_id
+          end.to raise_error(Mongo::Error::KmsError, /Connection refused/)
+        end
+      end
+
+      context 'JRuby' do
+        require_jruby
+
+        it 'throws an exception' do
+          expect do
+            data_key_id
+          end.to raise_error(Mongo::Error::KmsError)
+        end
       end
     end
 
+
     context 'with region, key, and endpoint with invalid region' do
       let(:master_key) do
         {
diff --git a/spec/integration/client_side_encryption/kms_tls_options_spec.rb b/spec/integration/client_side_encryption/kms_tls_options_spec.rb
@@ -234,37 +234,83 @@
         end
       end
 
-      context 'with no expired server certificate' do
-        it 'TLS handshake failed' do
-          expect do
-            client_encryption_expired.create_data_key(
-              'aws',
-              {
-                master_key: {
-                  region: "us-east-1",
-                  key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
-                  endpoint: "127.0.0.1:8000",
-                }
-             }
-            )
-          end.to raise_error(Mongo::Error::KmsError, /certificate has expired/)
+      context 'with expired server certificate' do
+        context "MRI" do
+          require_mri
+
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_expired.create_data_key(
+                'aws',
+                {
+                  master_key: {
+                    region: "us-east-1",
+                    key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
+                    endpoint: "127.0.0.1:8000",
+                  }
+              }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /certificate has expired/)
+          end
+        end
+
+        context 'JRuby' do
+          require_jruby
+
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_expired.create_data_key(
+                'aws',
+                {
+                  master_key: {
+                    region: "us-east-1",
+                    key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
+                    endpoint: "127.0.0.1:8000",
+                  }
+              }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+          end
         end
       end
 
       context 'with server certificate with invalid hostname' do
-        it 'TLS handshake failed' do
-          expect do
-            client_encryption_invalid_hostname.create_data_key(
-              'aws',
-              {
-                master_key: {
-                  region: "us-east-1",
-                  key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
-                  endpoint: "127.0.0.1:8001",
-                }
-             }
-            )
-          end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+        context 'MRI' do
+          require_mri
+
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_invalid_hostname.create_data_key(
+                'aws',
+                {
+                  master_key: {
+                    region: "us-east-1",
+                    key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
+                    endpoint: "127.0.0.1:8001",
+                  }
+              }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+          end
+        end
+
+        context 'JRuby' do
+          require_jruby
+
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_invalid_hostname.create_data_key(
+                'aws',
+                {
+                  master_key: {
+                    region: "us-east-1",
+                    key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
+                    endpoint: "127.0.0.1:8001",
+                  }
+              }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /TLS handshake failed due to a hostname mismatch/)
+          end
         end
       end
     end
@@ -296,30 +342,71 @@
         end
       end
 
-      context 'with no expired server certificate' do
-        it 'TLS handshake failed' do
-          expect do
-            client_encryption_expired.create_data_key(
-              kms_provider,
-              {
-                master_key: master_key
-             }
-            )
-          end.to raise_error(Mongo::Error::KmsError, /certificate has expired/)
+      context 'MRI' do
+        require_mri
+
+        context 'with expired server certificate' do
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_expired.create_data_key(
+                kms_provider,
+                {
+                  master_key: master_key
+              }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /certificate has expired/)
+          end
+        end
+      end
+
+      context 'JRuby' do
+        require_jruby
+
+        context 'with expired server certificate' do
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_expired.create_data_key(
+                kms_provider,
+                {
+                  master_key: master_key
+              }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+          end
         end
       end
 
       context 'with server certificate with invalid hostname' do
-        it 'TLS handshake failed' do
-          expect do
-            client_encryption_invalid_hostname.create_data_key(
-              kms_provider,
-              {
-                master_key: master_key
-             }
-            )
-          end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+        context 'MRI' do
+          require_mri
+
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_invalid_hostname.create_data_key(
+                kms_provider,
+                {
+                  master_key: master_key
+               }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+          end
+        end
+
+        context 'JRuby' do
+          require_jruby
+
+          it 'TLS handshake failed' do
+            expect do
+              client_encryption_invalid_hostname.create_data_key(
+                kms_provider,
+                {
+                  master_key: master_key
+               }
+              )
+            end.to raise_error(Mongo::Error::KmsError, /TLS handshake failed due to a hostname mismatch/)
+          end
         end
+
       end
     end
 
diff --git a/spec/integration/client_side_encryption/kms_tls_spec.rb b/spec/integration/client_side_encryption/kms_tls_spec.rb
@@ -44,24 +44,47 @@
               }
            }
           )
-        end.to raise_error(Mongo::Error::KmsError, /certificate verify failed \(certificate has expired\)/)
+        end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
       end
     end
 
     context 'Invalid Hostname in KMS Certificate' do
-      it 'raises an error when creating data key' do
-        expect do
-          client_encryption.create_data_key(
-            'aws',
-            {
-              master_key: {
-                region: "us-east-1",
-                key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
-                endpoint: "127.0.0.1:8001",
-              }
-           }
-          )
-        end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+      context 'MRI' do
+        require_mri
+
+        it 'raises an error when creating data key' do
+          expect do
+            client_encryption.create_data_key(
+              'aws',
+              {
+                master_key: {
+                  region: "us-east-1",
+                  key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
+                  endpoint: "127.0.0.1:8001",
+                }
+            }
+            )
+          end.to raise_error(Mongo::Error::KmsError, /certificate verify failed/)
+        end
+      end
+
+      context 'JRuby' do
+        require_jruby
+
+        it 'raises an error when creating data key' do
+          expect do
+            client_encryption.create_data_key(
+              'aws',
+              {
+                master_key: {
+                  region: "us-east-1",
+                  key: "arn:aws:kms:us-east-1:579766882180:key/89fcc2c4-08b0-4bd9-9f25-e30687b580d0",
+                  endpoint: "127.0.0.1:8001",
+                }
+            }
+            )
+          end.to raise_error(Mongo::Error::KmsError, /hostname mismatch/)
+        end
       end
     end
 
