static mongoc_stream_t *
mongoc_client_default_stream_initiator (const mongoc_uri_t *uri,
const mongoc_host_list_t *host,
void *user_data,
bson_error_t *error)
{
mongoc_stream_t *base_stream = NULL;
#ifdef MONGOC_ENABLE_SSL
mongoc_client_t *client = user_data;
const bson_t *options;
bson_iter_t iter;
const char *mechanism;
#endif
bson_return_val_if_fail (uri, NULL);
bson_return_val_if_fail (host, NULL);
#ifndef MONGOC_ENABLE_SSL
if (mongoc_uri_get_ssl (uri)) {
bson_set_error (error,
MONGOC_ERROR_CLIENT,
MONGOC_ERROR_CLIENT_NO_ACCEPTABLE_PEER,
"SSL is not enabled in this build of mongo-c-driver.");
return NULL;
}
#endif
switch (host->family) {
#if defined(AF_INET6)
case AF_INET6:
#endif
case AF_INET:
base_stream = mongoc_client_connect_tcp (uri, host, error);
break;
case AF_UNIX:
base_stream = mongoc_client_connect_unix (uri, host, error);
break;
default:
bson_set_error (error,
MONGOC_ERROR_STREAM,
MONGOC_ERROR_STREAM_INVALID_TYPE,
"Invalid address family: 0x%02x", host->family);
break;
}
#ifdef MONGOC_ENABLE_SSL
if (base_stream) {
options = mongoc_uri_get_options (uri);
mechanism = mongoc_uri_get_auth_mechanism (uri);
if ((bson_iter_init_find_case (&iter, options, "ssl") &&
bson_iter_as_bool (&iter)) ||
(mechanism && (0 == strcmp (mechanism, "MONGODB-X509")))) {
base_stream = mongoc_stream_tls_new (base_stream, &client->ssl_opts,
true);
if (!base_stream) {
bson_set_error (error,
MONGOC_ERROR_STREAM,
MONGOC_ERROR_STREAM_SOCKET,
"Failed initialize TLS state.");
return NULL;
}
if (!mongoc_stream_tls_do_handshake (base_stream, -1) ||
!mongoc_stream_tls_check_cert (base_stream, host->host)) {
bson_set_error (error,
MONGOC_ERROR_STREAM,
MONGOC_ERROR_STREAM_SOCKET,
"Failed to handshake and validate TLS certificate.");
mongoc_stream_destroy (base_stream);
base_stream = NULL;
return NULL;
}
}
}
#endif
return base_stream ? mongoc_stream_buffered_new (base_stream, 1024) : NULL;
}
mongoc_stream_t *
mongoc_client_default_stream_initiator (const mongoc_uri_t *uri,
const mongoc_host_list_t *host,
void *user_data,
bson_error_t *error)
{
mongoc_stream_t *base_stream = NULL;
#ifdef MONGOC_ENABLE_SSL
mongoc_client_t *client = (mongoc_client_t *)user_data;
const char *mechanism;
int32_t connecttimeoutms;
#endif
BSON_ASSERT (uri);
BSON_ASSERT (host);
#ifndef MONGOC_ENABLE_SSL
if (mongoc_uri_get_ssl (uri)) {
bson_set_error (error,
MONGOC_ERROR_CLIENT,
MONGOC_ERROR_CLIENT_NO_ACCEPTABLE_PEER,
"SSL is not enabled in this build of mongo-c-driver.");
return NULL;
}
#endif
switch (host->family) {
#if defined(AF_INET6)
case AF_INET6:
#endif
case AF_INET:
base_stream = mongoc_client_connect_tcp (uri, host, error);
break;
case AF_UNIX:
base_stream = mongoc_client_connect_unix (uri, host, error);
break;
default:
bson_set_error (error,
MONGOC_ERROR_STREAM,
MONGOC_ERROR_STREAM_INVALID_TYPE,
"Invalid address family: 0x%02x", host->family);
break;
}
#ifdef MONGOC_ENABLE_SSL
if (base_stream) {
mechanism = mongoc_uri_get_auth_mechanism (uri);
if (client->use_ssl ||
(mechanism && (0 == strcmp (mechanism, "MONGODB-X509")))) {
base_stream = mongoc_stream_tls_new (base_stream, &client->ssl_opts,
true);
if (!base_stream) {
bson_set_error (error,
MONGOC_ERROR_STREAM,
MONGOC_ERROR_STREAM_SOCKET,
"Failed initialize TLS state.");
return NULL;
}
connecttimeoutms = mongoc_uri_get_option_as_int32 (
uri, "connecttimeoutms", MONGOC_DEFAULT_CONNECTTIMEOUTMS);
if (!mongoc_stream_tls_do_handshake (base_stream, connecttimeoutms) ||
!mongoc_stream_tls_check_cert (base_stream, host->host)) {
bson_set_error (error,
MONGOC_ERROR_STREAM,
MONGOC_ERROR_STREAM_SOCKET,
"Failed to handshake and validate TLS certificate.");
mongoc_stream_destroy (base_stream);
return NULL;
}
}
}
#endif
return base_stream ? mongoc_stream_buffered_new (base_stream, 1024) : NULL;
}