bool TRI_ExcludeCollectionReplication(char const* name, bool includeSystem) {
if (name == nullptr) {
// name invalid
return true;
}
if (*name != '_') {
// all regular collections are included
return false;
}
if (!includeSystem) {
// do not include any system collections
return true;
}
if (TRI_IsPrefixString(name, "_statistics") ||
TRI_EqualString(name, "_apps") ||
TRI_EqualString(name, "_configuration") ||
TRI_EqualString(name, "_cluster_kickstarter_plans") ||
TRI_EqualString(name, "_foxxlog") || TRI_EqualString(name, "_jobs") ||
TRI_EqualString(name, "_queues") || TRI_EqualString(name, "_sessions")) {
// these system collections will always be excluded
return true;
}
return false;
}
bool TRI_ExcludeCollectionReplication (const char* name) {
if (name == nullptr) {
// name invalid
return true;
}
if (*name != '_') {
// all regular collections are included
return false;
}
if (TRI_EqualString(name, TRI_COL_NAME_REPLICATION) ||
TRI_EqualString(name, TRI_COL_NAME_TRANSACTION) ||
TRI_EqualString(name, TRI_COL_NAME_USERS) ||
TRI_IsPrefixString(name, TRI_COL_NAME_STATISTICS) ||
TRI_EqualString(name, "_aal") ||
TRI_EqualString(name, "_configuration") ||
TRI_EqualString(name, "_cluster_kickstarter_plans") ||
TRI_EqualString(name, "_fishbowl") ||
TRI_EqualString(name, "_modules") ||
TRI_EqualString(name, "_routing")) {
// these system collections will be excluded
return true;
}
return false;
}
bool TRI_CheckAuthenticationAuthInfo (char const* username,
char const* password) {
TRI_vocbase_auth_t* auth;
bool res;
char* hex;
char* sha256;
size_t hexLen;
size_t len;
size_t sha256Len;
assert(DefaultAuthInfo);
// look up username
TRI_ReadLockReadWriteLock(&DefaultAuthInfo->_authInfoLock);
auth = TRI_LookupByKeyAssociativePointer(&DefaultAuthInfo->_authInfo, username);
if (auth == NULL || ! auth->_active) {
TRI_ReadUnlockReadWriteLock(&DefaultAuthInfo->_authInfoLock);
return false;
}
// convert password
res = false;
if (TRI_IsPrefixString(auth->_password, "$1$")) {
if (strlen(auth->_password) < 12 || auth->_password[11] != '$') {
LOG_WARNING("found corrupted password for user '%s'", username);
}
else {
char* salted;
len = 8 + strlen(password);
salted = TRI_Allocate(TRI_CORE_MEM_ZONE, len + 1, false);
memcpy(salted, auth->_password + 3, 8);
memcpy(salted + 8, password, len - 8);
salted[len] = '\0';
sha256 = TRI_SHA256String(salted, len, &sha256Len);
TRI_FreeString(TRI_CORE_MEM_ZONE, salted);
hex = TRI_EncodeHexString(sha256, sha256Len, &hexLen);
TRI_FreeString(TRI_CORE_MEM_ZONE, sha256);
LOG_DEBUG("found active user '%s', expecting password '%s', got '%s'",
username,
auth->_password + 12,
hex);
res = TRI_EqualString(auth->_password + 12, hex);
TRI_FreeString(TRI_CORE_MEM_ZONE, hex);
}
}
else {
len = strlen(password);
sha256 = TRI_SHA256String(password, len, &sha256Len);
hex = TRI_EncodeHexString(sha256, sha256Len, &hexLen);
TRI_FreeString(TRI_CORE_MEM_ZONE, sha256);
LOG_DEBUG("found active user '%s', expecting password '%s', got '%s'",
username,
auth->_password + 12,
hex);
res = TRI_EqualString(auth->_password, hex);
TRI_FreeString(TRI_CORE_MEM_ZONE, hex);
}
TRI_ReadUnlockReadWriteLock(&DefaultAuthInfo->_authInfoLock);
return res;
}
