CDRIVER-3428 enable TLS for any TLS options

kevinAlbs · kevinAlbs · commit 941137491748 · 2019-12-16T11:45:07.000-05:00
tlsInsecure and tlsCertificateKeyFilePassword were missing.
diff --git a/src/libmongoc/doc/mongoc_uri_get_ssl.rst b/src/libmongoc/doc/mongoc_uri_get_ssl.rst
@@ -34,5 +34,5 @@ Fetches a boolean indicating if TLS was specified for use in the URI.
 Returns
 -------
 
-Returns a boolean, true indicating that TLS should be used.
+Returns a boolean, true indicating that TLS should be used. This returns true if *any* :ref:`TLS option <tls_options>` is specified.
 
diff --git a/src/libmongoc/doc/mongoc_uri_get_tls.rst b/src/libmongoc/doc/mongoc_uri_get_tls.rst
@@ -24,5 +24,5 @@ Fetches a boolean indicating if TLS was specified for use in the URI.
 Returns
 -------
 
-Returns a boolean, true indicating that TLS should be used.
+Returns a boolean, true indicating that TLS should be used. This returns true if *any* :ref:`TLS option <tls_options>` is specified.
 
diff --git a/src/libmongoc/doc/mongoc_uri_t.rst b/src/libmongoc/doc/mongoc_uri_t.rst
@@ -125,6 +125,9 @@ MONGOC_URI_CANONICALIZEHOSTNAME            canonicalizehostname              Use
 MONGOC_URI_GSSAPISERVICENAME               gssapiservicename                 Use alternative service name. The default is ``mongodb``.
 ========================================== ================================= =========================================================================================================================================================================================================================
 
+
+.. _tls_options:
+
 TLS Options
 -----------
 
diff --git a/src/libmongoc/src/mongoc/mongoc-uri.c b/src/libmongoc/src/mongoc/mongoc-uri.c
@@ -2242,7 +2242,10 @@ mongoc_uri_get_tls (const mongoc_uri_t *uri) /* IN */
    if (bson_has_field (&uri->options, MONGOC_URI_TLSCERTIFICATEKEYFILE) ||
        bson_has_field (&uri->options, MONGOC_URI_TLSCAFILE) ||
        bson_has_field (&uri->options, MONGOC_URI_TLSALLOWINVALIDCERTIFICATES) ||
-       bson_has_field (&uri->options, MONGOC_URI_TLSALLOWINVALIDHOSTNAMES)) {
+       bson_has_field (&uri->options, MONGOC_URI_TLSALLOWINVALIDHOSTNAMES) ||
+       bson_has_field (&uri->options, MONGOC_URI_TLSINSECURE) ||
+       bson_has_field (&uri->options,
+                       MONGOC_URI_TLSCERTIFICATEKEYFILEPASSWORD)) {
       return true;
    }
 
diff --git a/src/libmongoc/tests/test-mongoc-uri.c b/src/libmongoc/tests/test-mongoc-uri.c
@@ -2452,6 +2452,42 @@ test_mongoc_uri_duplicates (void)
    mongoc_uri_destroy (uri);
 }
 
+static void
+test_one_tls_option_enables_tls ()
+{
+   const char *opts[] = {MONGOC_URI_TLS "=true",
+                         MONGOC_URI_TLSCERTIFICATEKEYFILE "=file.pem",
+                         MONGOC_URI_TLSCERTIFICATEKEYFILEPASSWORD "=file.pem",
+                         MONGOC_URI_TLSCAFILE "=file.pem",
+                         MONGOC_URI_TLSALLOWINVALIDCERTIFICATES "=true",
+                         MONGOC_URI_TLSALLOWINVALIDHOSTNAMES "=true",
+                         MONGOC_URI_TLSINSECURE "=true",
+                         MONGOC_URI_SSL "=true",
+                         MONGOC_URI_SSLCLIENTCERTIFICATEKEYFILE "=file.pem",
+                         MONGOC_URI_SSLCLIENTCERTIFICATEKEYPASSWORD "=file.pem",
+                         MONGOC_URI_SSLCERTIFICATEAUTHORITYFILE "=file.pem",
+                         MONGOC_URI_SSLALLOWINVALIDCERTIFICATES "=true",
+                         MONGOC_URI_SSLALLOWINVALIDHOSTNAMES "=true"};
+   int i;
+
+   for (i = 0; i < sizeof (opts) / sizeof (opts[0]); i++) {
+      mongoc_uri_t *uri;
+      bson_error_t error;
+      char *uri_string;
+
+      uri_string =
+         bson_strdup_printf ("mongodb://localhost:27017/?%s", opts[i]);
+      uri = mongoc_uri_new_with_error (uri_string, &error);
+      bson_free (uri_string);
+      ASSERT_OR_PRINT (uri, error);
+      if (!mongoc_uri_get_tls (uri)) {
+         test_error (
+            "unexpected tls not enabled when following option set: %s\n",
+            opts[i]);
+      }
+      mongoc_uri_destroy (uri);
+   }
+}
 
 void
 test_uri_install (TestSuite *suite)
@@ -2482,4 +2518,7 @@ test_uri_install (TestSuite *suite)
    TestSuite_Add (suite, "/Uri/dns_options", test_mongoc_uri_dns_options);
    TestSuite_Add (suite, "/Uri/utf8", test_mongoc_uri_utf8);
    TestSuite_Add (suite, "/Uri/duplicates", test_mongoc_uri_duplicates);
+   TestSuite_Add (suite,
+                  "/Uri/one_tls_option_enables_tls",
+                  test_one_tls_option_enables_tls);
 }
