libmongocrypt-helper 1.13.2.0.1001 → 1.14.0.0.1001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/ext/libmongocrypt/libmongocrypt/CHANGELOG.md +8 -0
- data/ext/libmongocrypt/libmongocrypt/CMakeLists.txt +5 -1
- data/ext/libmongocrypt/libmongocrypt/CODEOWNERS +4 -1
- data/ext/libmongocrypt/libmongocrypt/Earthfile +18 -17
- data/ext/libmongocrypt/libmongocrypt/README.md +8 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CHANGELOG.rst +7 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/CONTRIBUTING.md +34 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/asynchronous/state_machine.py +6 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/binding.py +18 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/mongocrypt.py +9 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/options.py +14 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/synchronous/state_machine.py +6 -2
- data/ext/libmongocrypt/libmongocrypt/bindings/python/pymongocrypt/version.py +1 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/sbom.json +8 -8
- data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/libmongocrypt-version.txt +1 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/{release.sh → scripts/release.sh} +9 -3
- data/ext/libmongocrypt/libmongocrypt/bindings/python/{synchro.py → scripts/synchro.py} +16 -9
- data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/synchro.sh +8 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/update-version.sh +27 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/scripts/update_binding.py +78 -0
- data/ext/libmongocrypt/libmongocrypt/bindings/python/test/test_mongocrypt.py +15 -0
- data/ext/libmongocrypt/libmongocrypt/doc/releasing.md +25 -18
- data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version.py +39 -13
- data/ext/libmongocrypt/libmongocrypt/etc/calc_release_version_selftest.sh +1 -1
- data/ext/libmongocrypt/libmongocrypt/etc/cyclonedx.sbom.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/CMakeLists.txt +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/hexlify.c +5 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/hexlify.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_azure_request.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_gcp_request.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_reader_writer.c +4 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_kmip_request.c +1 -2
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_message_private.h +5 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_opt.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.c +2 -8
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_request_str.h +9 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/kms_response_parser.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/sort.c +7 -3
- data/ext/libmongocrypt/libmongocrypt/kms-message/src/sort.h +2 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kmip_reader_writer.c +8 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_assert.h +5 -4
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_azure_online.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_gcp_online.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_request.c +4 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_response.c +3 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_kmip_response_parser.c +4 -0
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_online_util.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_online_util.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/kms-message/test/test_kms_request.c +39 -39
- data/ext/libmongocrypt/libmongocrypt/src/crypto/libcrypto.c +235 -65
- data/ext/libmongocrypt/libmongocrypt/src/crypto/none.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/csfle-markup.cpp +4 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-dec128.test.cpp +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc-private.h +1 -4
- data/ext/libmongocrypt/libmongocrypt/src/mc-efc.c +9 -11
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle-blob-subtype-private.h +1 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder-private.h +10 -8
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-encryption-placeholder.c +167 -176
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload-v2.c +6 -17
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-equality-payload.c +6 -17
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-private-v2.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload-v2.c +25 -26
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-range-payload.c +2 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-text-payload-private.h +122 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-find-text-payload.c +477 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-private-v2.h +1 -3
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload-v2.c +28 -43
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-insert-update-payload.c +6 -17
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev-v2.c +6 -5
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-iev.c +13 -10
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-payload-uev-common.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-rfds.c +7 -6
- data/ext/libmongocrypt/libmongocrypt/src/mc-fle2-tag-and-encrypted-metadata-block.c +4 -3
- data/ext/libmongocrypt/libmongocrypt/src/mc-optional-private.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-parse-utils-private.h +27 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-parse-utils.c +48 -0
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation-private.h +5 -5
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-edge-generation.c +15 -20
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding-private.h +4 -6
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-encoding.c +9 -18
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-generator.template.h +4 -5
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover-private.h +5 -9
- data/ext/libmongocrypt/libmongocrypt/src/mc-range-mincover.c +14 -19
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts-private.h +2 -4
- data/ext/libmongocrypt/libmongocrypt/src/mc-rangeopts.c +109 -119
- data/ext/libmongocrypt/libmongocrypt/src/mc-reader-private.h +2 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-reader.c +4 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker-private.h +0 -3
- data/ext/libmongocrypt/libmongocrypt/src/mc-schema-broker.c +4 -14
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets-private.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-str-encode-string-sets.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode-private.h +8 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-text-search-str-encode.c +78 -2
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens-private.h +34 -16
- data/ext/libmongocrypt/libmongocrypt/src/mc-tokens.c +66 -74
- data/ext/libmongocrypt/libmongocrypt/src/mc-writer-private.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mc-writer.c +4 -2
- data/ext/libmongocrypt/libmongocrypt/src/mlib/error.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.h +12 -1
- data/ext/libmongocrypt/libmongocrypt/src/mlib/int128.test.cpp +5 -0
- data/ext/libmongocrypt/libmongocrypt/src/mlib/path.h +5 -5
- data/ext/libmongocrypt/libmongocrypt/src/mlib/path.test.c +2 -5
- data/ext/libmongocrypt/libmongocrypt/src/mlib/str.h +65 -58
- data/ext/libmongocrypt/libmongocrypt/src/mlib/str.test.c +3 -3
- data/ext/libmongocrypt/libmongocrypt/src/mlib/thread.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mlib/user-check.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo-private.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-cache-collinfo.c +4 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ciphertext-private.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto-private.h +4 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-crypto.c +29 -25
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-datakey.c +3 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-decrypt.c +6 -3
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-encrypt.c +48 -58
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx-rewrap-many-datakey.c +12 -0
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-ctx.c +5 -13
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-dll-private.h +19 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-key-broker.c +9 -9
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking-private.h +3 -4
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-marking.c +285 -89
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts-private.h +0 -2
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-opts.c +0 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-private.h +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt-util.c +4 -1
- data/ext/libmongocrypt/libmongocrypt/src/mongocrypt.c +47 -31
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_dll.c +2 -0
- data/ext/libmongocrypt/libmongocrypt/src/os_posix/os_mutex.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/os_win/os_dll.c +3 -1
- data/ext/libmongocrypt/libmongocrypt/src/os_win/os_mutex.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/case-fold-map.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/diacritic-fold-map.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/src/unicode/fold.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/crypt_shared-stub.cpp +0 -14
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-field-config-map.json +6 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2InsertUpdatePayloadV2-RangeV2.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/date-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-precision-v2/mongocryptd-reply.json +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/decimal128-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-precision-v2/encrypted-payload.json +14 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/double-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int32-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range/int64-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/double-precision/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-find-range-explicit/int32-openinterval/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/date-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-precision-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/decimal128-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-precision-v2/encrypted-payload.json +14 -6
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/double-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/encrypted-payload.json +3 -3
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int32-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/encrypted-field-map.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/encrypted-payload.json +6 -4
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range/int64-v2/mongocryptd-reply.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/double-precision/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/int32/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/fle2-insert-range-explicit/sparsity-2/encrypted-payload-v2.json +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/mc.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/data/tokens/server.json +8 -0
- data/ext/libmongocrypt/libmongocrypt/test/example-state-machine.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-dll.cpp +11 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-gcp-auth.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-efc.c +9 -11
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-encryption-placeholder.c +18 -29
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-equality-payload-v2.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-range-payload-v2.c +2 -18
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-find-text-payload.c +320 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup-v2.c +2 -17
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-payload-iup.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-fle2-rfds.c +8 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-edge-generation.c +6 -10
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-encoding.c +29 -33
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-range-mincover.c +12 -20
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-rangeopts.c +5 -20
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-reader.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-text-search-str-encode.c +147 -18
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-tokens.c +35 -14
- data/ext/libmongocrypt/libmongocrypt/test/test-mc-writer.c +10 -10
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert-match-bson.c +3 -7
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-assert.h +36 -24
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-buffer.c +4 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cache.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ciphertext.c +13 -13
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-cleanup.c +49 -55
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-compact.c +64 -67
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-hooks.c +18 -18
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto-std-hooks.c +4 -0
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-crypto.c +4 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-csfle-lib.c +13 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-decrypt.c +31 -13
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-encrypt.c +35 -52
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-rewrap-many-datakey.c +28 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-ctx-setopt.c +50 -91
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-datakey.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-dll.c +7 -4
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-endpoint.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kek.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-key-cache.c +3 -5
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-kms-ctx.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-local-kms.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-log.c +2 -2
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-marking.c +527 -225
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt-status.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.c +45 -56
- data/ext/libmongocrypt/libmongocrypt/test/test-mongocrypt.h +12 -3
- data/ext/libmongocrypt/libmongocrypt/test/test-named-kms-providers.c +11 -11
- data/ext/libmongocrypt/libmongocrypt/test/test-unicode-fold.c +6 -2
- data/ext/libmongocrypt/libmongocrypt/test/util/HELP.autogen +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/util/csfle.c +1 -1
- data/ext/libmongocrypt/libmongocrypt/test/util/util.c +5 -5
- data/ext/libmongocrypt/libmongocrypt/test/util/util.h +7 -6
- data/lib/libmongocrypt_helper/version.rb +2 -2
- metadata +17 -13
- data/ext/libmongocrypt/libmongocrypt/bindings/python/libmongocrypt-version.txt +0 -1
- data/ext/libmongocrypt/libmongocrypt/bindings/python/strip_header.py +0 -50
- data/ext/libmongocrypt/libmongocrypt/bindings/python/update-sbom.sh +0 -14
- data/ext/libmongocrypt/libmongocrypt/test/data/cleanup/success/encrypted-payload.json +0 -29
- data/ext/libmongocrypt/libmongocrypt/test/data/compact/success/encrypted-payload.json +0 -29
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2EqualityIndexedValueV2.json +0 -8
- data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/FLE2RangeIndexedValueV2.json +0 -8
- /data/ext/libmongocrypt/libmongocrypt/bindings/python/{build-manylinux-wheel.sh → scripts/build-manylinux-wheel.sh} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/{FLE2InsertUpdatePayload-with-edges.json → FLE2InsertUpdatePayload-RangeV1.json} +0 -0
- /data/ext/libmongocrypt/libmongocrypt/test/data/explicit-decrypt/{FLE2InsertUpdatePayload-with-edges-V2.json → FLE2InsertUpdatePayloadV2-RangeV1.json} +0 -0
@@ -0,0 +1,27 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
set -eu
|
4
|
+
|
5
|
+
SCRIPT_DIR=$(dirname ${BASH_SOURCE:-$0})
|
6
|
+
|
7
|
+
if [ -z "${1:-}" ]; then
|
8
|
+
echo "Provide the new version of libmongocrypt!"
|
9
|
+
exit 1
|
10
|
+
fi
|
11
|
+
|
12
|
+
LIBMONGOCRYPT_VERSION=$1
|
13
|
+
|
14
|
+
echo $LIBMONGOCRYPT_VERSION > $SCRIPT_DIR/libmongocrypt-version.txt
|
15
|
+
|
16
|
+
pushd $SCRIPT_DIR/..
|
17
|
+
if [ $(command -v podman) ]; then
|
18
|
+
DOCKER=podman
|
19
|
+
else
|
20
|
+
DOCKER=docker
|
21
|
+
fi
|
22
|
+
|
23
|
+
echo "pkg:github/mongodb/libmongocrypt@$LIBMONGOCRYPT_VERSION" > purls.txt
|
24
|
+
$DOCKER run --platform="linux/amd64" -it --rm -v $(pwd):$(pwd) artifactory.corp.mongodb.com/release-tools-container-registry-public-local/silkbomb:2.0 update --purls=$(pwd)/purls.txt -o $(pwd)/sbom.json
|
25
|
+
rm purls.txt
|
26
|
+
|
27
|
+
popd
|
@@ -0,0 +1,78 @@
|
|
1
|
+
# Copyright 2019-present MongoDB, Inc.
|
2
|
+
#
|
3
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
4
|
+
# you may not use this file except in compliance with the License.
|
5
|
+
# You may obtain a copy of the License at
|
6
|
+
#
|
7
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
8
|
+
#
|
9
|
+
# Unless required by applicable law or agreed to in writing, software
|
10
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
11
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
12
|
+
# See the License for the specific language governing permissions and
|
13
|
+
# limitations under the License.
|
14
|
+
|
15
|
+
"""Update pymongocrypt/bindings.py using mongocrypt.h.
|
16
|
+
"""
|
17
|
+
|
18
|
+
import re
|
19
|
+
from pathlib import Path
|
20
|
+
|
21
|
+
DROP_RE = re.compile(r"^\s*(#|MONGOCRYPT_EXPORT)")
|
22
|
+
HERE = Path(__file__).absolute().parent
|
23
|
+
|
24
|
+
|
25
|
+
# itertools.pairwise backport for Python 3.9 support.
|
26
|
+
def pairwise(iterable):
|
27
|
+
# pairwise('ABCDEFG') → AB BC CD DE EF FG
|
28
|
+
|
29
|
+
iterator = iter(iterable)
|
30
|
+
a = next(iterator, None)
|
31
|
+
|
32
|
+
for b in iterator:
|
33
|
+
yield a, b
|
34
|
+
a = b
|
35
|
+
|
36
|
+
|
37
|
+
def strip_file(content):
|
38
|
+
fold = content.replace("\\\n", " ")
|
39
|
+
all_lines = [*fold.split("\n"), ""]
|
40
|
+
keep_lines = (line for line in all_lines if not DROP_RE.match(line))
|
41
|
+
fin = ""
|
42
|
+
for line, peek in pairwise(keep_lines):
|
43
|
+
if peek == "" and line == "":
|
44
|
+
# Drop adjacent empty lines
|
45
|
+
continue
|
46
|
+
yield line
|
47
|
+
fin = peek
|
48
|
+
yield fin
|
49
|
+
|
50
|
+
|
51
|
+
def update_bindings():
|
52
|
+
header_file = HERE.parent.parent.parent / "src/mongocrypt.h"
|
53
|
+
with header_file.open(encoding="utf-8") as fp:
|
54
|
+
header_lines = strip_file(fp.read())
|
55
|
+
|
56
|
+
target = HERE.parent / "pymongocrypt/binding.py"
|
57
|
+
source_lines = target.read_text().splitlines()
|
58
|
+
new_lines = []
|
59
|
+
skip = False
|
60
|
+
for line in source_lines:
|
61
|
+
if not skip:
|
62
|
+
new_lines.append(line)
|
63
|
+
if line.strip() == "# Start embedding from update_binding.py":
|
64
|
+
skip = True
|
65
|
+
new_lines.append("ffi.cdef(")
|
66
|
+
new_lines.append('"""')
|
67
|
+
new_lines.extend(header_lines)
|
68
|
+
if line.strip() == "# End embedding from update_binding.py":
|
69
|
+
new_lines.append('"""')
|
70
|
+
new_lines.append(")")
|
71
|
+
new_lines.append(line)
|
72
|
+
skip = False
|
73
|
+
with target.open("w") as f:
|
74
|
+
f.write("\n".join(new_lines))
|
75
|
+
|
76
|
+
|
77
|
+
if __name__ == "__main__":
|
78
|
+
update_bindings()
|
@@ -143,6 +143,11 @@ class TestMongoCryptOptions(unittest.TestCase):
|
|
143
143
|
)
|
144
144
|
self.assertEqual(opts.encrypted_fields_map, encrypted_fields_map)
|
145
145
|
self.assertTrue(opts.bypass_query_analysis)
|
146
|
+
for expiration in [0, 1, 1000000]:
|
147
|
+
opts = MongoCryptOptions(
|
148
|
+
valid[0][0], schema_map, key_expiration_ms=expiration
|
149
|
+
)
|
150
|
+
self.assertEqual(opts.key_expiration_ms, expiration)
|
146
151
|
|
147
152
|
def test_mongocrypt_options_validation(self):
|
148
153
|
with self.assertRaisesRegex(
|
@@ -192,6 +197,12 @@ class TestMongoCryptOptions(unittest.TestCase):
|
|
192
197
|
TypeError, "encrypted_fields_map must be bytes or None"
|
193
198
|
):
|
194
199
|
MongoCryptOptions(valid_kms, encrypted_fields_map={})
|
200
|
+
with self.assertRaisesRegex(TypeError, "key_expiration_ms must be int or None"):
|
201
|
+
MongoCryptOptions(valid_kms, key_expiration_ms="123")
|
202
|
+
with self.assertRaisesRegex(
|
203
|
+
ValueError, "key_expiration_ms must be >=0 or None"
|
204
|
+
):
|
205
|
+
MongoCryptOptions(valid_kms, key_expiration_ms=-1)
|
195
206
|
|
196
207
|
|
197
208
|
class TestMongoCrypt(unittest.TestCase):
|
@@ -507,6 +518,8 @@ class TestMongoCryptCallback(unittest.TestCase):
|
|
507
518
|
os.getenv("TEST_CRYPT_SHARED"), "this test requires TEST_CRYPT_SHARED=1"
|
508
519
|
)
|
509
520
|
def test_crypt_shared(self):
|
521
|
+
if sys.platform == "darwin":
|
522
|
+
raise unittest.SkipTest("Skipping due to SERVER-101020")
|
510
523
|
kms_providers = {
|
511
524
|
"aws": {"accessKeyId": "example", "secretAccessKey": "example"},
|
512
525
|
"local": {"key": b"\x00" * 96},
|
@@ -638,6 +651,8 @@ if sys.version_info >= (3, 8, 0): # noqa: UP036
|
|
638
651
|
os.getenv("TEST_CRYPT_SHARED"), "this test requires TEST_CRYPT_SHARED=1"
|
639
652
|
)
|
640
653
|
async def test_crypt_shared(self):
|
654
|
+
if sys.platform == "darwin":
|
655
|
+
raise unittest.SkipTest("Skipping due to SERVER-101020")
|
641
656
|
kms_providers = {
|
642
657
|
"aws": {"accessKeyId": "example", "secretAccessKey": "example"},
|
643
658
|
"local": {"key": b"\x00" * 96},
|
@@ -19,7 +19,7 @@ Go to [Snyk](https://app.snyk.io/) and select the `dev-prod` organization. If ac
|
|
19
19
|
|
20
20
|
##### Update Snyk
|
21
21
|
|
22
|
-
Update the Snyk reference target tracking the to-be-released branch. For a patch release (e.g. x.y.z), check-out the `rx.y` branch and update the `rx.y` reference target. For a
|
22
|
+
Update the Snyk reference target tracking the to-be-released branch. For a patch release (e.g. x.y.z), check-out the `rx.y` branch and update the `rx.y` reference target. For a non-patch release (e.g. x.y.0), check out the `master` branch and update the `master` reference target.
|
23
23
|
|
24
24
|
Run `cmake` to ensure generated source files are present:
|
25
25
|
```bash
|
@@ -61,14 +61,14 @@ Check the contents of the "vulnerabilities" field (if present) in the Augmented
|
|
61
61
|
|
62
62
|
Do the following when releasing:
|
63
63
|
- If this is a feature release (e.g. `x.y.0` or `x.0.0`), follow these steps: [Creating SSDLC static analysis reports](https://docs.google.com/document/d/1rkFL8ymbkc0k8Apky9w5pTPbvKRm68wj17mPJt2_0yo/edit).
|
64
|
-
- Check out the release branch. For a release `x.y.z`, the release branch is `rx.y`. If this is a new
|
64
|
+
- Check out the release branch. For a release `x.y.z`, the release branch is `rx.y`. If this is a new non-patch release (`x.y.0`), create the release branch.
|
65
65
|
- Update CHANGELOG.md with the version being released.
|
66
66
|
- Ensure `etc/purls.txt` is up-to-date.
|
67
67
|
- Update `etc/third_party_vulnerabilities.md` with any updates to new or known vulnerabilities for third party dependencies that must be reported.
|
68
|
-
- If this is a new
|
68
|
+
- If this is a new non-patch release (e.g. `x.y.0`):
|
69
69
|
- Update the Linux distribution package installation instructions in [README.md](../README.md) to refer to the new version `x.y`.
|
70
70
|
- Update the [libmongocrypt-release](https://spruce.mongodb.com/project/libmongocrypt-release/settings/general) Evergreen project (requires auth) to set `Branch Name` to `rx.y`.
|
71
|
-
- Commit the changes on the `rx.y` branch with a message like "
|
71
|
+
- Commit the changes on the `rx.y` branch with a message like "Release x.y.z".
|
72
72
|
- Tag the commit with `git tag -a <tag>`.
|
73
73
|
- Push both the branch ref and tag ref in the same command: `git push origin master 1.8.0-alpha0` or `git push origin r1.8 1.8.4`
|
74
74
|
- Pushing the branch ref and the tag ref in the same command eliminates the possibility of a race condition in Evergreen (for building resources based on the presence of a release tag)
|
@@ -77,20 +77,20 @@ Do the following when releasing:
|
|
77
77
|
- `upload-all`
|
78
78
|
- `windows-upload-release`
|
79
79
|
- All `publish-packages` tasks.
|
80
|
-
- If the `publish-packages` tasks fail with an error like `[curator] 2024/01/02 13:56:17 [p=emergency]: problem submitting repobuilder job: 404 (Not Found)`, this suggests the published path does not yet exist. Barque (the Linux package publishing service) has protection to avoid unintentional publishes. File a DEVPROD ticket ([example](https://jira.mongodb.org/browse/DEVPROD-
|
80
|
+
- If the `publish-packages` tasks fail with an error like `[curator] 2024/01/02 13:56:17 [p=emergency]: problem submitting repobuilder job: 404 (Not Found)`, this suggests the published path does not yet exist. Barque (the Linux package publishing service) has protection to avoid unintentional publishes. File a DEVPROD ticket ([example](https://jira.mongodb.org/browse/DEVPROD-15320)) and assign to the team called Release Infrastructure to request the path be created. Then re-run the failing `publish-packages` task. Ask in the slack channel `#ask-devprod-release-tools` for further help with `Barque` or `curator`.
|
81
81
|
- Create the release from the GitHub releases page from the new tag.
|
82
|
-
- Attach the tarball and signature file from the Files tab of the `windows-upload-release` task. [Example](https://github.com/mongodb/libmongocrypt/releases/tag/1.
|
82
|
+
- Attach the tarball and signature file from the Files tab of the `windows-upload-release` task. [Example](https://github.com/mongodb/libmongocrypt/releases/tag/1.13.0).
|
83
83
|
- Attach the Augmented SBOM file to the release as `cyclonedx.augmented.sbom.json`.
|
84
84
|
Download the Augmented SBOM from a recent execution of the `sbom` task in an Evergreen patch or commit build.
|
85
85
|
- Attach `etc/third_party_vulnerabilities.md` to the release.
|
86
86
|
- Attach `etc/ssdlc_compliance_report.md` to the release.
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
87
|
+
- Check out the release branch (`rx.y`). Generate a new unique SBOM serial number for the next upcoming patch release (e.g. for `1.13.1` following the release of `1.13.0`):
|
88
|
+
```bash
|
89
|
+
./.evergreen/earthly.sh +sbom-generate-new-serial-number
|
90
|
+
```
|
91
|
+
Commit resulting `etc/cyclonedx.sbom.json` and push to `rx.y`.
|
92
|
+
- If this is a new non-patch release (e.g. `x.y.0`):
|
93
|
+
- File a DOCSP ticket to update the installation instructions on [Install libmongocrypt](https://www.mongodb.com/docs/manual/core/csfle/reference/libmongocrypt/). ([Example](https://jira.mongodb.org/browse/DOCSP-47954))
|
94
94
|
- Create a new Snyk reference target. The following instructions use the example branch `rx.y`:
|
95
95
|
|
96
96
|
Run `cmake` to ensure generated source files are present:
|
@@ -118,20 +118,27 @@ Do the following when releasing:
|
|
118
118
|
- Navigate to the [Webhook Settings](https://github.com/mongodb/libmongocrypt/settings/hooks).
|
119
119
|
- Click `Edit` on the hook for `https://githook.mongodb.com/`.
|
120
120
|
- Add the new release branch to the `Payload URL`. Remove unmaintained release branches.
|
121
|
-
- Make a PR to
|
121
|
+
- Make a PR to to the `master` branch:
|
122
|
+
- Apply changes from the "Release x.y.z" commit.
|
123
|
+
- If this was a non-patch release (e.g. `x.y.0`), generate a new unique SBOM serial number for the next upcoming non-patch release (e.g. for `1.14.0` following the release of `1.13.0`):
|
124
|
+
```bash
|
125
|
+
./.evergreen/earthly.sh +sbom-generate-new-serial-number
|
126
|
+
```
|
127
|
+
Commit resulting `etc/cyclonedx.sbom.json`.
|
122
128
|
- Update the release on the [Jira releases page](https://jira.mongodb.org/projects/MONGOCRYPT/versions).
|
123
129
|
- Record the release on [C/C++ Release Info](https://docs.google.com/spreadsheets/d/1yHfGmDnbA5-Qt8FX4tKWC5xk9AhzYZx1SKF4AD36ecY/edit?usp=sharing). This is done to meet SSDLC reporting requirements.
|
124
130
|
- Add a link to the Evergreen waterfall for the tagged commit to [libmongocrypt Security Testing Summary](https://docs.google.com/document/d/1dc7uvBzu3okAIsA8LSW5sVQGkYIvwpBVdg5v4wb4c4s/edit#heading=h.5t79jwe4p0ss).
|
125
131
|
|
126
132
|
## Homebrew steps ##
|
127
|
-
Submit a PR to update the Homebrew package https://github.com/mongodb/homebrew-brew/blob/master/Formula/libmongocrypt.rb. ([Example](https://github.com/mongodb/homebrew-brew/pull/
|
133
|
+
Submit a PR to update the Homebrew package https://github.com/mongodb/homebrew-brew/blob/master/Formula/libmongocrypt.rb. ([Example](https://github.com/mongodb/homebrew-brew/pull/234)). If not on macOS, request a team member to do this step.
|
134
|
+
Request review by posting in #ask-devprod-build.
|
128
135
|
|
129
136
|
## Debian steps ##
|
130
137
|
If you are not a Debian maintainer on the team, request a team member to do the steps in this section.
|
131
138
|
|
132
139
|
Refer to the [Debian](https://github.com/mongodb/mongo-c-driver/blob/master/docs/dev/debian.rst) steps.
|
133
140
|
|
134
|
-
For a
|
141
|
+
For a non-patch release (e.g. x.y.0), submit a merge request to the [extrepo-data](https://salsa.debian.org/extrepo-team/extrepo-data) project in Debian to update the PPA. The change would look something like this:
|
135
142
|
|
136
143
|
```
|
137
144
|
diff --git a/repos/debian/libmongocrypt.yaml b/repos/debian/libmongocrypt.yaml
|
@@ -142,8 +149,8 @@ index 609dc0b..f7530a9 100644
|
|
142
149
|
source:
|
143
150
|
Types: deb
|
144
151
|
URIs: https://libmongocrypt.s3.amazonaws.com/apt/debian
|
145
|
-
- Suites: <SUITE>/libmongocrypt/1.
|
146
|
-
+ Suites: <SUITE>/libmongocrypt/1.
|
152
|
+
- Suites: <SUITE>/libmongocrypt/1.12
|
153
|
+
+ Suites: <SUITE>/libmongocrypt/1.13
|
147
154
|
Components: main
|
148
155
|
Architectures: amd64 arm64
|
149
156
|
suites:
|
@@ -38,19 +38,45 @@ import datetime
|
|
38
38
|
import re
|
39
39
|
import subprocess
|
40
40
|
import sys
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
41
|
+
|
42
|
+
class Version:
|
43
|
+
def __init__(self, s):
|
44
|
+
pat = r'(\d+)\.(\d+)\.(\d+)(\-\S+)?'
|
45
|
+
match = re.match(pat, s)
|
46
|
+
assert match, "Unrecognized version string %s" % s
|
47
|
+
self.major, self.minor, self.micro = (
|
48
|
+
map(int, (match.group(1), match.group(2), match.group(3))))
|
49
|
+
|
50
|
+
if match.group(4):
|
51
|
+
self.prerelease = match.group(4)[1:]
|
52
|
+
else:
|
53
|
+
self.prerelease = ''
|
54
|
+
|
55
|
+
def __lt__(self, other):
|
56
|
+
if self.major != other.major:
|
57
|
+
return self.major < other.major
|
58
|
+
if self.minor != other.minor:
|
59
|
+
return self.minor < other.minor
|
60
|
+
if self.micro != other.micro:
|
61
|
+
return self.micro < other.micro
|
62
|
+
if self.prerelease != other.prerelease:
|
63
|
+
if self.prerelease != '' and other.prerelease == '':
|
64
|
+
# Consider a prerelease less than non-prerelease.
|
65
|
+
return True
|
66
|
+
# For simplicity, compare prerelease versions lexicographically.
|
67
|
+
return self.prerelease < other.prerelease
|
68
|
+
|
69
|
+
# Versions are equal.
|
70
|
+
return False
|
71
|
+
|
72
|
+
def __eq__(self, other):
|
73
|
+
self_tuple = self.major, self.minor, self.micro, self.prerelease
|
74
|
+
other_tuple = other.major, other.minor, other.micro, other.prerelease
|
75
|
+
return self_tuple == other_tuple
|
76
|
+
|
77
|
+
|
78
|
+
def parse_version(ver):
|
79
|
+
return Version(ver)
|
54
80
|
|
55
81
|
DEBUG = len(sys.argv) > 1 and '-d' in sys.argv
|
56
82
|
if DEBUG:
|
@@ -66,7 +66,7 @@ echo "Test next minor version ... begin"
|
|
66
66
|
# failed, then it is probably because a new major/minor release was made.
|
67
67
|
# Update the expected output to represent the correct next version.
|
68
68
|
# XXX NOTE XXX NOTE XXX
|
69
|
-
assert_eq "$got" "1.
|
69
|
+
assert_eq "$got" "1.14.0-$DATE+git$CURRENT_SHORTREF"
|
70
70
|
}
|
71
71
|
echo "Test next minor version ... end"
|
72
72
|
|
@@ -57,7 +57,7 @@
|
|
57
57
|
}
|
58
58
|
],
|
59
59
|
"metadata": {
|
60
|
-
"timestamp": "2025-04-
|
60
|
+
"timestamp": "2025-04-08T15:21:23.237097+00:00",
|
61
61
|
"tools": [
|
62
62
|
{
|
63
63
|
"externalReferences": [
|
@@ -100,7 +100,7 @@
|
|
100
100
|
}
|
101
101
|
]
|
102
102
|
},
|
103
|
-
"serialNumber": "urn:uuid:
|
103
|
+
"serialNumber": "urn:uuid:9e8a6b86-64aa-4438-bd54-80fd66afce96",
|
104
104
|
"version": 1,
|
105
105
|
"$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json",
|
106
106
|
"bomFormat": "CycloneDX",
|
@@ -279,7 +279,8 @@ kmip_reader_has_data (kmip_reader_t *reader)
|
|
279
279
|
#define CHECK_REMAINING_BUFFER_AND_RET(read_size) \
|
280
280
|
if ((reader->pos + (read_size)) > reader->len) { \
|
281
281
|
return false; \
|
282
|
-
}
|
282
|
+
} else \
|
283
|
+
((void)0)
|
283
284
|
|
284
285
|
bool
|
285
286
|
kmip_reader_read_u8 (kmip_reader_t *reader, uint8_t *value)
|
@@ -346,7 +347,8 @@ kmip_reader_read_bytes (kmip_reader_t *reader, uint8_t **ptr, size_t length)
|
|
346
347
|
#define CHECK_AND_RET(x) \
|
347
348
|
if (!(x)) { \
|
348
349
|
return false; \
|
349
|
-
}
|
350
|
+
} else \
|
351
|
+
((void)0)
|
350
352
|
|
351
353
|
bool
|
352
354
|
kmip_reader_read_tag (kmip_reader_t *reader, kmip_tag_type_t *tag)
|
@@ -83,7 +83,7 @@ kms_kmip_request_register_secretdata_new (void *reserved,
|
|
83
83
|
|
84
84
|
if (len != KMS_KMIP_REQUEST_SECRETDATA_LENGTH) {
|
85
85
|
KMS_ERROR (req,
|
86
|
-
"expected SecretData length of %d, got %"
|
86
|
+
"expected SecretData length of %d, got %zu",
|
87
87
|
KMS_KMIP_REQUEST_SECRETDATA_LENGTH,
|
88
88
|
len);
|
89
89
|
return req;
|
@@ -463,4 +463,3 @@ kms_kmip_request_decrypt_new (void *reserved, const char* unique_identifer, cons
|
|
463
463
|
*/
|
464
464
|
return kmip_encrypt_decrypt(unique_identifer, ciphertext, len, iv_data, iv_len, false);
|
465
465
|
}
|
466
|
-
|
@@ -124,6 +124,9 @@ struct _kms_response_parser_t {
|
|
124
124
|
} \
|
125
125
|
} while (0)
|
126
126
|
|
127
|
+
#ifdef __GNUC__
|
128
|
+
__attribute__((format(__printf__, 3, 4)))
|
129
|
+
#endif
|
127
130
|
void
|
128
131
|
kms_set_error (char *error, size_t size, const char *fmt, ...);
|
129
132
|
|
@@ -137,6 +140,7 @@ kms_set_error (char *error, size_t size, const char *fmt, ...);
|
|
137
140
|
if (!(stmt)) { \
|
138
141
|
fprintf (stderr, "%s failed\n", #stmt); \
|
139
142
|
abort (); \
|
140
|
-
}
|
143
|
+
} else \
|
144
|
+
((void)0)
|
141
145
|
|
142
146
|
#endif /* KMS_MESSAGE_PRIVATE_H */
|
@@ -27,8 +27,8 @@
|
|
27
27
|
#include <stdlib.h>
|
28
28
|
#include <limits.h> /* CHAR_BIT */
|
29
29
|
|
30
|
-
bool rfc_3986_tab[256] = {0};
|
31
|
-
bool kms_initialized = false;
|
30
|
+
static bool rfc_3986_tab[256] = {0};
|
31
|
+
static bool kms_initialized = false;
|
32
32
|
|
33
33
|
static void
|
34
34
|
tables_init (void)
|
@@ -126,12 +126,6 @@ kms_request_str_detach (kms_request_str_t *str)
|
|
126
126
|
return r;
|
127
127
|
}
|
128
128
|
|
129
|
-
const char *
|
130
|
-
kms_request_str_get (kms_request_str_t *str)
|
131
|
-
{
|
132
|
-
return str->str;
|
133
|
-
}
|
134
|
-
|
135
129
|
bool
|
136
130
|
kms_request_str_reserve (kms_request_str_t *str, size_t size)
|
137
131
|
{
|
@@ -64,10 +64,19 @@ kms_request_str_append_newline (kms_request_str_t *str);
|
|
64
64
|
KMS_MSG_EXPORT (void)
|
65
65
|
kms_request_str_append_lowercase (kms_request_str_t *str,
|
66
66
|
kms_request_str_t *appended);
|
67
|
+
|
68
|
+
#ifdef __GNUC__
|
69
|
+
__attribute__((format(__printf__, 2, 3)))
|
70
|
+
#endif
|
67
71
|
KMS_MSG_EXPORT (void)
|
68
72
|
kms_request_str_appendf (kms_request_str_t *str, const char *format, ...);
|
73
|
+
|
74
|
+
#ifdef __GNUC__
|
75
|
+
__attribute__((format(__printf__, 2, 3)))
|
76
|
+
#endif
|
69
77
|
KMS_MSG_EXPORT (void)
|
70
78
|
kms_request_strdupf (kms_request_str_t *str, const char *format, ...);
|
79
|
+
|
71
80
|
KMS_MSG_EXPORT (void)
|
72
81
|
kms_request_str_append_escaped (kms_request_str_t *str,
|
73
82
|
kms_request_str_t *appended,
|
@@ -37,6 +37,10 @@
|
|
37
37
|
* https://github.com/freebsd/freebsd/blob/e7c6cef9514d3bb1f14a30a5ee871231523e43db/lib/libc/stdlib/merge.c
|
38
38
|
*/
|
39
39
|
|
40
|
+
#include "sort.h"
|
41
|
+
|
42
|
+
//
|
43
|
+
|
40
44
|
#include <stddef.h>
|
41
45
|
|
42
46
|
/*
|
@@ -44,10 +48,9 @@
|
|
44
48
|
* last 4 elements.
|
45
49
|
*/
|
46
50
|
|
47
|
-
typedef int (*cmp_t) (const void *, const void *);
|
48
51
|
#define CMP(x, y) cmp (x, y)
|
49
52
|
#define swap(a, b) \
|
50
|
-
{
|
53
|
+
if (1) { \
|
51
54
|
s = b; \
|
52
55
|
i = size; \
|
53
56
|
do { \
|
@@ -56,7 +59,8 @@ typedef int (*cmp_t) (const void *, const void *);
|
|
56
59
|
*s++ = tmp; \
|
57
60
|
} while (--i); \
|
58
61
|
a -= size; \
|
59
|
-
}
|
62
|
+
} else \
|
63
|
+
((void)0)
|
60
64
|
|
61
65
|
void
|
62
66
|
insertionsort (unsigned char *a, size_t n, size_t size, cmp_t cmp)
|
@@ -6,7 +6,7 @@
|
|
6
6
|
* You may obtain a copy of the License at
|
7
7
|
*
|
8
8
|
* http://www.apache.org/licenses/LICENSE-2.0
|
9
|
-
|
9
|
+
|
10
10
|
* Unless required by applicable law or agreed to in writing, software
|
11
11
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
12
12
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
@@ -54,6 +54,7 @@ kms_kmip_writer_test_evaluate (kmip_writer_t *writer,
|
|
54
54
|
free (expected_hex);
|
55
55
|
}
|
56
56
|
|
57
|
+
void kms_kmip_writer_test (void); // -Wmissing-prototypes: for testing only.
|
57
58
|
void
|
58
59
|
kms_kmip_writer_test (void)
|
59
60
|
{
|
@@ -140,6 +141,7 @@ kms_kmip_writer_test (void)
|
|
140
141
|
kmip_writer_destroy (writer);
|
141
142
|
}
|
142
143
|
|
144
|
+
void kms_kmip_reader_test (void); // -Wmissing-prototypes: for testing only.
|
143
145
|
void
|
144
146
|
kms_kmip_reader_test (void)
|
145
147
|
{
|
@@ -312,6 +314,7 @@ kms_kmip_reader_test (void)
|
|
312
314
|
free (data);
|
313
315
|
}
|
314
316
|
|
317
|
+
void kms_kmip_reader_negative_int_test (void); // -Wmissing-prototypes: for testing only.
|
315
318
|
void
|
316
319
|
kms_kmip_reader_negative_int_test (void)
|
317
320
|
{
|
@@ -356,6 +359,7 @@ kms_kmip_reader_negative_int_test (void)
|
|
356
359
|
free (data);
|
357
360
|
}
|
358
361
|
|
362
|
+
void kms_kmip_reader_find_test (void); // -Wmissing-prototypes: for testing only.
|
359
363
|
void
|
360
364
|
kms_kmip_reader_find_test (void)
|
361
365
|
{
|
@@ -404,6 +408,7 @@ kms_kmip_reader_find_test (void)
|
|
404
408
|
free (data);
|
405
409
|
}
|
406
410
|
|
411
|
+
void kms_kmip_reader_find_and_recurse_test (void); // -Wmissing-prototypes: for testing only.
|
407
412
|
void
|
408
413
|
kms_kmip_reader_find_and_recurse_test (void)
|
409
414
|
{
|
@@ -438,6 +443,7 @@ kms_kmip_reader_find_and_recurse_test (void)
|
|
438
443
|
free (data);
|
439
444
|
}
|
440
445
|
|
446
|
+
void kms_kmip_reader_find_and_read_enum_test (void); // -Wmissing-prototypes: for testing only.
|
441
447
|
void
|
442
448
|
kms_kmip_reader_find_and_read_enum_test (void)
|
443
449
|
{
|
@@ -470,6 +476,7 @@ kms_kmip_reader_find_and_read_enum_test (void)
|
|
470
476
|
free (data);
|
471
477
|
}
|
472
478
|
|
479
|
+
void kms_kmip_reader_find_and_read_bytes_test (void); // -Wmissing-prototypes: for testing only.
|
473
480
|
void
|
474
481
|
kms_kmip_reader_find_and_read_bytes_test (void)
|
475
482
|
{
|
@@ -44,7 +44,7 @@
|
|
44
44
|
#define TEST_ERROR(...) \
|
45
45
|
do { \
|
46
46
|
TEST_STDERR_PRINTF ( \
|
47
|
-
"test error %s:%d %s(): ", __FILE__, __LINE__,
|
47
|
+
"test error %s:%d %s(): ", __FILE__, __LINE__, __func__); \
|
48
48
|
TEST_STDERR_PRINTF (__VA_ARGS__); \
|
49
49
|
TEST_STDERR_PRINTF ("\n"); \
|
50
50
|
abort (); \
|
@@ -53,7 +53,8 @@
|
|
53
53
|
#define ASSERT(stmt) \
|
54
54
|
if (!(stmt)) { \
|
55
55
|
TEST_ERROR ("statement failed %s", #stmt); \
|
56
|
-
}
|
56
|
+
} else \
|
57
|
+
((void)0)
|
57
58
|
|
58
59
|
#define ASSERT_CMPSTR_WITH_LEN(_expect, _expect_len, _actual, _actual_len) \
|
59
60
|
do { \
|
@@ -98,7 +99,7 @@
|
|
98
99
|
TEST_ERROR ( \
|
99
100
|
"comparison failed: %d %s %d", _a_int, #_operator, _b_int); \
|
100
101
|
} \
|
101
|
-
} while (0)
|
102
|
+
} while (0)
|
102
103
|
|
103
104
|
#define ASSERT_CMPBYTES( \
|
104
105
|
expected_bytes, expected_len, actual_bytes, actual_len) \
|
@@ -161,4 +162,4 @@
|
|
161
162
|
ASSERT_CONTAINS (_error_str, expect_substring); \
|
162
163
|
} while (0)
|
163
164
|
|
164
|
-
#endif /* TEST_KMS_ASSERT_H */
|
165
|
+
#endif /* TEST_KMS_ASSERT_H */
|