-
Type: Bug
-
Resolution: Unresolved
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Client Side Encryption
Issue
Inside the AutoEncryptor constructor we have this line:
Object.assign(clientOptions, autoSelectSocketOptions(this._client.options));
I noticed that it was using the poor performant spread and freeze options getter, after switching it to use client.s.options, there were "s" is undefined errors. This is because the AutoEncrypter is made inside the parseOptions function so the client hasn't defined s let alone finished parsing options. As a result the client.options getter was hiding a bug where it would always return an empty object because the getter spreads the undefined this[kOptions]
User Experience
- The client settings for autoSelectFamily and autoSelectFamilyAttemptTimeout should be set on the clientOptions for the _mongocryptdClient
Dependencies
- None
Risks/Unknowns
- What could go wrong while implementing this change? (e.g., performance, inadvertent behavioral changes in adjacent functionality, existing tech debt, etc)
- Existing tech debt is the client.options getter itself, its a footgun I think we may continue to hit if we don't change it. If feasible we should store the options directly on an own property of the mongo client declared as readonly. Type-wise that would not change the API.
- Is there an opportunity for better cross-driver alignment or testing in this area?
- No
- Is there an opportunity to improve existing documentation on this subject?
- No
Acceptance Criteria
Implementation Requirements
- Pass some form of the partially parsed options into autoEncrypter so it can respect those settings, or move AutoEncryption creation time to after the MongoClient ctor is complete.
- TBD:
- We should prevent internal usage of client.options because of how it can hide this bug and the performance cost of spreading and re-freezing options on every access. Consider linting or changing the options api to not have the performance cost
Testing Requirements
- Correct the existing unit tests to create AutoEncrypter at the same stage it is done in the driver. OR reimplement as integration tests.
Documentation Requirements
- None
Follow Up Requirements
- None
- related to
-
NODE-5754 Implement fallback to IPv4/IPv6 vice-versa
- Closed