socks5

Author: baileympearson

.evergreen/config.yml

@@ -1862,31 +1862,11 @@ tasks:
           updates:
             - {key: VERSION, value: latest}
             - {key: TOPOLOGY, value: replica_set}
-            - {key: AUTH, value: noauth}
-      - func: install dependencies
-      - func: bootstrap mongo-orchestration
-      - func: bootstrap kms servers
-      - func: run socks5 tests
-  - name: test-socks5-csfle-proxy-auth
-    tags:
-      - socks5-csfle
-    commands:
-      - command: expansions.update
-        type: setup
-        params:
-          updates:
-            - {key: VERSION, value: latest}
-            - {key: TOPOLOGY, value: replica_set}
-            - {key: TEST_SOCKS5_CSFLE, value: 'true'}
-            - {key: AUTH, value: noauth}
-            - {key: PROXY_AUTH, value: 'true'}
-            - {key: CLIENT_ENCRYPTION, value: 'true'}
-            - {key: TEST_CSFLE, value: 'true'}
       - func: install dependencies
       - func: bootstrap mongo-orchestration
       - func: bootstrap kms servers
       - func: run socks5 tests
-  - name: test-socks5-csfle-no-proxy-auth
+  - name: test-socks5-csfle
     tags:
       - socks5-csfle
     commands:
@@ -1897,9 +1877,6 @@ tasks:
             - {key: VERSION, value: latest}
             - {key: TOPOLOGY, value: replica_set}
             - {key: TEST_SOCKS5_CSFLE, value: 'true'}
-            - {key: AUTH, value: noauth}
-            - {key: CLIENT_ENCRYPTION, value: 'true'}
-            - {key: TEST_CSFLE, value: 'true'}
       - func: install dependencies
       - func: bootstrap mongo-orchestration
       - func: bootstrap kms servers
@@ -1914,7 +1891,6 @@ tasks:
             - {key: SSL, value: ssl}
             - {key: VERSION, value: latest}
             - {key: TOPOLOGY, value: replica_set}
-            - {key: AUTH, value: noauth}
       - func: install dependencies
       - func: bootstrap mongo-orchestration
       - func: run socks5 tests
@@ -4673,8 +4649,7 @@ buildvariants:
       - test-auth-kerberos
       - test-auth-ldap
       - test-socks5
-      - test-socks5-csfle-proxy-auth
-      - test-socks5-csfle-no-proxy-auth
+      - test-socks5-csfle
       - test-socks5-tls
       - test-snappy-compression
       - test-zstd-1.x-compression
@@ -4734,8 +4709,7 @@ buildvariants:
       - test-auth-kerberos
       - test-auth-ldap
       - test-socks5
-      - test-socks5-csfle-proxy-auth
-      - test-socks5-csfle-no-proxy-auth
+      - test-socks5-csfle
       - test-socks5-tls
       - test-snappy-compression
       - test-zstd-1.x-compression
@@ -4795,8 +4769,7 @@ buildvariants:
       - test-auth-kerberos
       - test-auth-ldap
       - test-socks5
-      - test-socks5-csfle-proxy-auth
-      - test-socks5-csfle-no-proxy-auth
+      - test-socks5-csfle
       - test-socks5-tls
       - test-snappy-compression
       - test-zstd-1.x-compression
@@ -4856,8 +4829,7 @@ buildvariants:
       - test-auth-kerberos
       - test-auth-ldap
       - test-socks5
-      - test-socks5-csfle-proxy-auth
-      - test-socks5-csfle-no-proxy-auth
+      - test-socks5-csfle
       - test-socks5-tls
       - test-snappy-compression
       - test-zstd-1.x-compression
@@ -4914,8 +4886,7 @@ buildvariants:
       - test-latest-load-balanced
       - test-auth-kerberos
       - test-auth-ldap
-      - test-socks5-csfle-proxy-auth
-      - test-socks5-csfle-no-proxy-auth
+      - test-socks5-csfle
       - test-socks5-tls
       - test-snappy-compression
       - test-zstd-1.x-compression

.evergreen/generate_evergreen_tasks.js

@@ -175,8 +175,7 @@ TASKS.push(
       commands: [
         updateExpansions({
           VERSION: 'latest',
-          TOPOLOGY: 'replica_set',
-          AUTH: 'noauth',
+          TOPOLOGY: 'replica_set'
         }),
         { func: 'install dependencies' },
         { func: 'bootstrap mongo-orchestration' },
@@ -185,35 +184,13 @@ TASKS.push(
       ]
     },
     {
-      name: 'test-socks5-csfle-proxy-auth',
+      name: 'test-socks5-csfle',
       tags: ['socks5-csfle'],
       commands: [
         updateExpansions({
           VERSION: 'latest',
           TOPOLOGY: 'replica_set',
-          TEST_SOCKS5_CSFLE: 'true',
-          AUTH: 'noauth',
-          PROXY_AUTH: 'true',
-          CLIENT_ENCRYPTION: 'true',
-          TEST_CSFLE: 'true'
-        }),
-        { func: 'install dependencies' },
-        { func: 'bootstrap mongo-orchestration' },
-        { func: 'bootstrap kms servers' },
-        { func: 'run socks5 tests' }
-      ]
-    },
-    {
-      name: 'test-socks5-csfle-no-proxy-auth',
-      tags: ['socks5-csfle'],
-      commands: [
-        updateExpansions({
-          VERSION: 'latest',
-          TOPOLOGY: 'replica_set',
-          TEST_SOCKS5_CSFLE: 'true',
-          AUTH: 'noauth',
-          CLIENT_ENCRYPTION: 'true',
-          TEST_CSFLE: 'true'
+          TEST_SOCKS5_CSFLE: 'true'
         }),
         { func: 'install dependencies' },
         { func: 'bootstrap mongo-orchestration' },
@@ -228,15 +205,14 @@ TASKS.push(
         updateExpansions({
           SSL: 'ssl',
           VERSION: 'latest',
-          TOPOLOGY: 'replica_set',
-          AUTH: 'noauth'
+          TOPOLOGY: 'replica_set'
         }),
         { func: 'install dependencies' },
         { func: 'bootstrap mongo-orchestration' },
         { func: 'run socks5 tests' }
       ]
     }
-  ]
+    ]
 );
 
 TASKS.push({

.evergreen/run-socks5-tests.sh

@@ -2,13 +2,13 @@
 
 source $DRIVERS_TOOLS/.evergreen/init-node-and-npm-env.sh
 
-set -o errexit  # Exit the script with error if any of the commands fail
+set -o errexit # Exit the script with error if any of the commands fail
 set -o xtrace  # For debuggability, no external credentials are used here
 
 function setup_fle() {
-  set -o xtrace   # Write all commands first to stderr
-  set -o errexit  # Exit the script with error if any of the commands fail
-  
+  set -o xtrace  # Write all commands first to stderr
+  set -o errexit # Exit the script with error if any of the commands fail
+
   source .evergreen/setup-fle.sh
 
   export CSFLE_TLS_CA_FILE="${DRIVERS_TOOLS}/.evergreen/x509gen/ca.pem"
@@ -22,11 +22,9 @@ PYTHON_BINARY=$(bash -c ". $DRIVERS_TOOLS/.evergreen/find-python3.sh && ensure_p
 
 # ssl setup
 SSL=${SSL:-nossl}
-PROXY_AUTH=${PROXY_AUTH:-false}
-
 if [ "$SSL" != "nossl" ]; then
-   export SSL_KEY_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/client.pem"
-   export SSL_CA_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/ca.pem"
+  export SSL_KEY_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/client.pem"
+  export SSL_CA_FILE="$DRIVERS_TOOLS/.evergreen/x509gen/ca.pem"
 fi
 
 # Grab a connection string that only refers to *one* of the hosts in MONGODB_URI
@@ -41,33 +39,29 @@ if [ "Windows_NT" = "$OS" ]; then
   SOCKS5_SERVER_SCRIPT=$(cygpath -w "$SOCKS5_SERVER_SCRIPT")
 fi
 
-if [ "$PROXY_AUTH" = "true" ]; then 
-  # Test with Socks5 + proxy authentication required
-  "$PYTHON_BINARY" "$SOCKS5_SERVER_SCRIPT" --port 1080 --auth username:p4ssw0rd --map "127.0.0.1:12345 to $FIRST_HOST" &
-  SOCKS5_PROXY_PID=$!
-  if [[ $TEST_SOCKS5_CSFLE == "true" ]]; then
-    setup_fle
-    # [ "$SSL" != "ssl" ] && [[ "$OSTYPE" == "linux-gnu"* ]] && \
-    env MONGODB_URI='mongodb://127.0.0.1:12345/?proxyHost=127.0.0.1&proxyUsername=username&proxyPassword=p4ssw0rd' npm run check:csfle
-    echo "Running"
-    
-  else
-    env SOCKS5_CONFIG='["127.0.0.1",1080,"username","p4ssw0rd"]' npm run check:socks5
-  fi
-  kill $SOCKS5_PROXY_PID
-
-  exit 0
+if [[ $TEST_SOCKS5_CSFLE == "true" ]]; then
+  setup_fle
 fi
 
+# First, test with Socks5 + authentication required
+"$PYTHON_BINARY" "$SOCKS5_SERVER_SCRIPT" --port 1080 --auth username:p4ssw0rd --map "127.0.0.1:12345 to $FIRST_HOST" &
+SOCKS5_PROXY_PID=$!
+if [[ $TEST_SOCKS5_CSFLE == "true" ]]; then
+  [ "$SSL" != "nossl" ] && [[ "$OSTYPE" == "linux-gnu"* ]] &&
+    env MONGODB_URI='mongodb://127.0.0.1:12345/?proxyHost=127.0.0.1&proxyUsername=username&proxyPassword=p4ssw0rd' \
+      npm run check:csfle
+else
+  env SOCKS5_CONFIG='["127.0.0.1",1080,"username","p4ssw0rd"]' npm run check:socks5
+fi
+kill $SOCKS5_PROXY_PID
 
-# Test with Socks5 + no proxy authentication
+# Second, test with Socks5 + no authentication
 "$PYTHON_BINARY" "$SOCKS5_SERVER_SCRIPT" --port 1081 --map "127.0.0.1:12345 to $FIRST_HOST" &
 SOCKS5_PROXY_PID=$!
 if [[ $TEST_SOCKS5_CSFLE == "true" ]]; then
-  setup_fle
-  [ "$SSL" != "nossl" ] && [[ "$OSTYPE" == "linux-gnu"* ]] && \
+  [ "$SSL" != "nossl" ] && [[ "$OSTYPE" == "linux-gnu"* ]] &&
     env MONGODB_URI='mongodb://127.0.0.1:12345/?proxyHost=127.0.0.1&proxyPort=1081' \
-    npm run check:csfle
+      npm run check:csfle
 else
   env SOCKS5_CONFIG='["127.0.0.1",1081]' npm run check:socks5
 fi

test/csfle-kms-providers.js

@@ -27,19 +27,9 @@ function getCSFLEKMSProviders() {
   return JSON.parse(process.env.CSFLE_KMS_PROVIDERS2 ?? '{}');
 }
 
-const keys = [
-  'FLE_AWS_KEY',
-  'FLE_AWS_SECRET',
-  'FLE_AZURE_TENANTID',
-  'FLE_AZURE_CLIENTID',
-  'FLE_AZURE_CLIENTSECRET',
-  'FLE_GCP_EMAIL',
-  'FLE_GCP_PRIVATEKEY'
-];
-
 module.exports = {
   getCSFLEKMSProviders,
-  kmsCredentialsPresent: keys.every(
-    key => typeof process.env[key] === 'string' && process.env[key].length > 0
-  )
+  kmsCredentialsPresent:
+    typeof process.env.CSFLE_KMS_PROVIDERS2 === 'string' &&
+    process.env.CSFLE_KMS_PROVIDERS2.length > 0
 };

test/tools/runner/filters/client_encryption_filter.ts

@@ -78,7 +78,7 @@ export class ClientSideEncryptionFilter extends Filter {
       }
     }
 
-    if (!kmsCredentialsPresent) return 'Test requires FLE kms credentials.';
+    if (!kmsCredentialsPresent) return 'Test requires FLE kms credentials';
     if (ClientSideEncryptionFilter.version == null)
       return 'Test requires mongodb-client-encryption to be installed.';