static ha_node_t *
ha_node_new (const char *name,
const char *repl_set,
const char *dbpath,
bson_bool_t is_arbiter,
bson_bool_t is_config,
bson_bool_t is_router,
bson_uint16_t port)
{
ha_node_t *node;
node = bson_malloc0(sizeof *node);
node->name = bson_strdup(name);
node->repl_set = bson_strdup(repl_set);
node->dbpath = bson_strdup(dbpath);
node->is_arbiter = is_arbiter;
node->is_config = is_config;
node->is_router = is_router;
node->port = port;
return node;
}
void
mongoc_write_concern_set_wtag (mongoc_write_concern_t *write_concern,
const char *wtag)
{
BSON_ASSERT (write_concern);
if (!_mongoc_write_concern_warn_frozen (write_concern)) {
bson_free (write_concern->wtag);
write_concern->wtag = bson_strdup (wtag);
write_concern->w = MONGOC_WRITE_CONCERN_W_TAG;
write_concern->is_default = false;
}
}
mongoc_bulk_operation_t *
_mongoc_bulk_operation_new (mongoc_client_t *client, /* IN */
const char *database, /* IN */
const char *collection, /* IN */
mongoc_bulk_write_flags_t flags, /* IN */
const mongoc_write_concern_t *write_concern) /* IN */
{
mongoc_bulk_operation_t *bulk;
BSON_ASSERT (client);
BSON_ASSERT (collection);
bulk = mongoc_bulk_operation_new (flags.ordered);
bulk->client = client;
bulk->database = bson_strdup (database);
bulk->collection = bson_strdup (collection);
bulk->write_concern = mongoc_write_concern_copy (write_concern);
bulk->executed = false;
bulk->flags = flags;
bulk->operation_id = ++client->cluster.operation_id;
return bulk;
}
mongoc_bulk_operation_t *
_mongoc_bulk_operation_new (mongoc_client_t *client, /* IN */
const char *database, /* IN */
const char *collection, /* IN */
uint32_t hint, /* IN */
bool ordered, /* IN */
const mongoc_write_concern_t *write_concern) /* IN */
{
mongoc_bulk_operation_t *bulk;
BSON_ASSERT (client);
BSON_ASSERT (collection);
bulk = mongoc_bulk_operation_new (ordered);
bulk->client = client;
bulk->database = bson_strdup (database);
bulk->collection = bson_strdup (collection);
bulk->hint = hint;
bulk->write_concern = mongoc_write_concern_copy (write_concern);
bulk->executed = false;
return bulk;
}
/**
* mongoc_read_concern_set_level:
* @read_concern: A mongoc_read_concern_t.
* @level: The read concern level
*
* Sets the read concern level. Any string is supported for future compatability
* but MongoDB 3.2 only accepts "local" and "majority", aka:
* - MONGOC_READ_CONCERN_LEVEL_LOCAL
* - MONGOC_READ_CONCERN_LEVEL_MAJORITY
*
* If the @read_concern has already been frozen, calling this function will not
* alter the read concern level.
*
* See the MongoDB docs for more information on readConcernLevel
*/
bool
mongoc_read_concern_set_level (mongoc_read_concern_t *read_concern,
const char *level)
{
BSON_ASSERT (read_concern);
if (read_concern->frozen) {
return false;
}
bson_free (read_concern->level);
read_concern->level = bson_strdup (level);
return true;
}
mongoc_uri_t *
mongoc_uri_new (const char *uri_string)
{
mongoc_uri_t *uri;
#ifdef MONGOC_EXPERIMENTAL_FEATURES
int32_t max_staleness_ms;
#endif
uri = (mongoc_uri_t *)bson_malloc0(sizeof *uri);
bson_init(&uri->options);
bson_init(&uri->credentials);
/* Initialize read_prefs since tag parsing may add to it */
uri->read_prefs = mongoc_read_prefs_new(MONGOC_READ_PRIMARY);
/* Initialize empty read_concern */
uri->read_concern = mongoc_read_concern_new ();
if (!uri_string) {
uri_string = "mongodb://127.0.0.1/";
}
if (!mongoc_uri_parse(uri, uri_string)) {
mongoc_uri_destroy(uri);
return NULL;
}
uri->str = bson_strdup(uri_string);
_mongoc_uri_assign_read_prefs_mode(uri);
#ifdef MONGOC_EXPERIMENTAL_FEATURES
max_staleness_ms = mongoc_uri_get_option_as_int32 (uri, "maxstalenessms", 0);
mongoc_read_prefs_set_max_staleness_ms (uri->read_prefs, max_staleness_ms);
#endif
if (!mongoc_read_prefs_is_valid(uri->read_prefs)) {
mongoc_uri_destroy(uri);
return NULL;
}
_mongoc_uri_build_write_concern (uri);
if (!mongoc_write_concern_is_valid (uri->write_concern)) {
mongoc_uri_destroy(uri);
return NULL;
}
return uri;
}
mongoc_matcher_op_t *
_mongoc_matcher_op_exists_new (const char *path, /* IN */
bool exists) /* IN */
{
mongoc_matcher_op_t *op;
BSON_ASSERT (path);
op = bson_malloc0 (sizeof *op);
op->exists.base.opcode = MONGOC_MATCHER_OPCODE_EXISTS;
op->exists.path = bson_strdup (path);
op->exists.exists = exists;
return op;
}
mongoc_matcher_op_t *
_mongoc_matcher_op_not_new (const char *path, /* IN */
mongoc_matcher_op_t *child) /* IN */
{
mongoc_matcher_op_t *op;
BSON_ASSERT (path);
BSON_ASSERT (child);
op = bson_malloc0 (sizeof *op);
op->not.base.opcode = MONGOC_MATCHER_OPCODE_NOT;
op->not.path = bson_strdup (path);
op->not.child = child;
return op;
}
char *
_mongoc_sasl_prep (const char *in_utf8, int in_utf8_len, bson_error_t *err)
{
#ifdef MONGOC_ENABLE_ICU
return _mongoc_sasl_prep_impl ("password", in_utf8, in_utf8_len, err);
#else
if (_mongoc_sasl_prep_required (in_utf8)) {
bson_set_error (err,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: ICU required to SASLPrep password");
return NULL;
}
return bson_strdup (in_utf8);
#endif
}
mongoc_matcher_op_t *
_mongoc_matcher_op_type_new (const char *path, /* IN */
bson_type_t type) /* IN */
{
mongoc_matcher_op_t *op;
BSON_ASSERT (path);
BSON_ASSERT (type);
op = bson_malloc0 (sizeof *op);
op->type.base.opcode = MONGOC_MATCHER_OPCODE_TYPE;
op->type.path = bson_strdup (path);
op->type.type = type;
return op;
}
mongoc_write_concern_t *
mongoc_write_concern_copy (const mongoc_write_concern_t *write_concern)
{
mongoc_write_concern_t *ret = NULL;
if (write_concern) {
ret = mongoc_write_concern_new();
ret->fsync_ = write_concern->fsync_;
ret->journal = write_concern->journal;
ret->w = write_concern->w;
ret->wtimeout = write_concern->wtimeout;
ret->frozen = false;
ret->wtag = bson_strdup (write_concern->wtag);
}
return ret;
}
static bool
mongoc_uri_parse_database (mongoc_uri_t *uri,
const char *str,
const char **end)
{
const char *end_database;
if ((uri->database = scan_to_unichar(str, '?', &end_database))) {
*end = end_database;
} else if (*str) {
uri->database = bson_strdup(str);
*end = str + strlen(str);
}
mongoc_uri_do_unescape(&uri->database);
return true;
}
mongoc_matcher_op_t *
_mongoc_matcher_op_compare_new (mongoc_matcher_opcode_t opcode, /* IN */
const char *path, /* IN */
const bson_iter_t *iter) /* IN */
{
mongoc_matcher_op_t *op;
BSON_ASSERT ((opcode >= MONGOC_MATCHER_OPCODE_EQ) &&
(opcode <= MONGOC_MATCHER_OPCODE_NIN));
BSON_ASSERT (path);
BSON_ASSERT (iter);
op = bson_malloc0 (sizeof *op);
op->compare.base.opcode = opcode;
op->compare.path = bson_strdup (path);
memcpy (&op->compare.iter, iter, sizeof *iter);
return op;
}
char *
_mongoc_hex_md5 (const char *input)
{
uint8_t digest[16];
bson_md5_t md5;
char digest_str[33];
int i;
bson_md5_init(&md5);
bson_md5_append(&md5, (const uint8_t *)input, (uint32_t)strlen(input));
bson_md5_finish(&md5, digest);
for (i = 0; i < sizeof digest; i++) {
bson_snprintf(&digest_str[i*2], 3, "%02x", digest[i]);
}
digest_str[sizeof digest_str - 1] = '\0';
return bson_strdup(digest_str);
}
mongoc_uri_t *
mongoc_uri_new (const char *uri_string)
{
mongoc_uri_t *uri;
uri = (mongoc_uri_t *)bson_malloc0(sizeof *uri);
bson_init(&uri->options);
bson_init(&uri->credentials);
/* Initialize read_prefs since tag parsing may add to it */
uri->read_prefs = mongoc_read_prefs_new(MONGOC_READ_PRIMARY);
/* Initialize empty read_concern */
uri->read_concern = mongoc_read_concern_new ();
if (!uri_string) {
uri_string = "mongodb://127.0.0.1/";
}
if (!mongoc_uri_parse(uri, uri_string)) {
mongoc_uri_destroy(uri);
return NULL;
}
uri->str = bson_strdup(uri_string);
_mongoc_uri_assign_read_prefs_mode(uri);
if (!mongoc_read_prefs_is_valid(uri->read_prefs)) {
mongoc_uri_destroy(uri);
return NULL;
}
_mongoc_uri_build_write_concern (uri);
if (!mongoc_write_concern_is_valid (uri->write_concern)) {
mongoc_uri_destroy(uri);
return NULL;
}
return uri;
}
bool
mongoc_uri_set_password (mongoc_uri_t *uri, const char *password)
{
size_t len;
BSON_ASSERT (password);
len = strlen(password);
if (!bson_utf8_validate (password, len, false)) {
return false;
}
if (uri->password) {
bson_free (uri->password);
}
uri->password = bson_strdup (password);
return true;
}
bool
mongoc_uri_set_database (mongoc_uri_t *uri, const char *database)
{
size_t len;
BSON_ASSERT (database);
len = strlen(database);
if (!bson_utf8_validate (database, len, false)) {
return false;
}
if (uri->database) {
bson_free (uri->database);
}
uri->database = bson_strdup(database);
return true;
}
static mongoc_scram_cache_t *
_mongoc_scram_cache_copy (const mongoc_scram_cache_t *cache)
{
mongoc_scram_cache_t *ret = NULL;
if (cache) {
ret = (mongoc_scram_cache_t *) bson_malloc0 (sizeof (*ret));
ret->hashed_password = bson_strdup (cache->hashed_password);
memcpy (
ret->decoded_salt, cache->decoded_salt, sizeof (ret->decoded_salt));
ret->iterations = cache->iterations;
memcpy (ret->client_key, cache->client_key, sizeof (ret->client_key));
memcpy (ret->server_key, cache->server_key, sizeof (ret->server_key));
memcpy (ret->salted_password,
cache->salted_password,
sizeof (ret->salted_password));
}
return ret;
}
bool
mongoc_uri_set_username (mongoc_uri_t *uri, const char *username)
{
size_t len;
BSON_ASSERT (username);
len = strlen(username);
if (!bson_utf8_validate (username, len, false)) {
return false;
}
if (uri->username) {
bson_free (uri->username);
}
uri->username = bson_strdup (username);
return true;
}
bool
_mongoc_host_list_from_string (mongoc_host_list_t *host_list,
const char *host_and_port)
{
uint16_t port;
const char *end_host;
char *hostname = NULL;
bson_return_val_if_fail(host_list, false);
bson_return_val_if_fail(host_and_port, false);
memset(host_list, 0, sizeof *host_list);
if ((hostname = scan_to_unichar(host_and_port, ':', &end_host))) {
end_host++;
if (!isdigit(*end_host)) {
bson_free(hostname);
return false;
}
#ifdef _MSC_VER
sscanf_s (end_host, "%hu", &port);
#else
sscanf (end_host, "%hu", &port);
#endif
} else {
hostname = bson_strdup(host_and_port);
port = MONGOC_DEFAULT_PORT;
}
bson_strncpy (host_list->host_and_port, host_and_port,
sizeof host_list->host_and_port - 1);
bson_strncpy (host_list->host, hostname, sizeof host_list->host - 1);
host_list->port = port;
host_list->family = AF_INET;
bson_free(hostname);
return true;
}
bool
_mongoc_cyrus_set_mechanism (mongoc_cyrus_t *sasl,
const char *mechanism,
bson_error_t *error)
{
bson_string_t *str = bson_string_new ("");
const char **mechs = sasl_global_listmech ();
int i = 0;
bool ok = false;
BSON_ASSERT (sasl);
for (i = 0; mechs[i]; i++) {
if (!strcmp (mechs[i], mechanism)) {
ok = true;
break;
}
bson_string_append (str, mechs[i]);
if (mechs[i + 1]) {
bson_string_append (str, ",");
}
}
if (ok) {
bson_free (sasl->credentials.mechanism);
sasl->credentials.mechanism = mechanism ? bson_strdup (mechanism) : NULL;
} else {
bson_set_error (error,
MONGOC_ERROR_SASL,
SASL_NOMECH,
"SASL Failure: Unsupported mechanism by client: %s. "
"Available mechanisms: %s",
mechanism,
str->str);
}
bson_string_free (str, true);
return ok;
}
bson_bool_t
_mongoc_host_list_from_string (mongoc_host_list_t *host_list,
const char *host_and_port)
{
bson_uint16_t port;
const char *end_host;
char *hostname = NULL;
bson_return_val_if_fail(host_list, FALSE);
bson_return_val_if_fail(host_and_port, FALSE);
memset(host_list, 0, sizeof *host_list);
if ((hostname = scan_to_unichar(host_and_port, ':', &end_host))) {
end_host++;
if (!isdigit(*end_host)) {
bson_free(hostname);
return FALSE;
}
sscanf(end_host, "%hu", &port);
} else {
hostname = bson_strdup(host_and_port);
port = MONGOC_DEFAULT_PORT;
}
strncpy(host_list->host_and_port, host_and_port,
sizeof host_list->host_and_port - 1);
host_list->host_and_port[sizeof host_list->host_and_port-1] = '\0';
strncpy(host_list->host, hostname, sizeof host_list->host - 1);
host_list->host[sizeof host_list->host-1] = '\0';
host_list->port = port;
host_list->family = AF_INET;
bson_free(hostname);
return TRUE;
}
/* Updates the cache with scram's last-used pre-secrets and secrets */
static void
_mongoc_scram_update_cache (mongoc_scram_t *scram)
{
mongoc_scram_cache_t *cache;
BSON_ASSERT (scram);
if (scram->cache) {
_mongoc_scram_cache_destroy (scram->cache);
}
cache = (mongoc_scram_cache_t *) bson_malloc0 (sizeof (*cache));
cache->hashed_password = bson_strdup (scram->hashed_password);
memcpy (
cache->decoded_salt, scram->decoded_salt, sizeof (cache->decoded_salt));
cache->iterations = scram->iterations;
memcpy (cache->client_key, scram->client_key, sizeof (cache->client_key));
memcpy (cache->server_key, scram->server_key, sizeof (cache->server_key));
memcpy (cache->salted_password,
scram->salted_password,
sizeof (cache->salted_password));
scram->cache = cache;
}
mongoc_uri_t *
mongoc_uri_new (const char *uri_string)
{
mongoc_uri_t *uri;
uri = bson_malloc0(sizeof *uri);
bson_init(&uri->options);
bson_init(&uri->read_prefs);
if (!uri_string) {
uri_string = "mongodb://127.0.0.1/";
}
if (!mongoc_uri_parse(uri, uri_string)) {
mongoc_uri_destroy(uri);
return NULL;
}
uri->str = bson_strdup(uri_string);
_mongoc_uri_build_write_concern (uri);
return uri;
}
/* Parse server-first-message of the form:
* r=client-nonce|server-nonce,s=user-salt,i=iteration-count
*
* Generate client-final-message of the form:
* c=channel-binding(base64),r=client-nonce|server-nonce,p=client-proof
*/
static bool
_mongoc_scram_step2 (mongoc_scram_t *scram,
const uint8_t *inbuf,
uint32_t inbuflen,
uint8_t *outbuf,
uint32_t outbufmax,
uint32_t *outbuflen,
bson_error_t *error)
{
uint8_t *val_r = NULL;
uint32_t val_r_len;
uint8_t *val_s = NULL;
uint32_t val_s_len;
uint8_t *val_i = NULL;
uint32_t val_i_len;
uint8_t **current_val;
uint32_t *current_val_len;
const uint8_t *ptr;
const uint8_t *next_comma;
char *tmp;
char *hashed_password;
uint8_t decoded_salt[MONGOC_SCRAM_B64_HASH_SIZE] = {0};
int32_t decoded_salt_len;
bool rval = true;
int iterations;
BSON_ASSERT (scram);
BSON_ASSERT (outbuf);
BSON_ASSERT (outbufmax);
BSON_ASSERT (outbuflen);
/* all our passwords go through md5 thanks to MONGODB-CR */
tmp = bson_strdup_printf ("%s:mongo:%s", scram->user, scram->pass);
hashed_password = _mongoc_hex_md5 (tmp);
bson_zero_free (tmp, strlen (tmp));
/* we need all of the incoming message for the final client proof */
if (!_mongoc_scram_buf_write ((char *) inbuf,
inbuflen,
scram->auth_message,
scram->auth_messagemax,
&scram->auth_messagelen)) {
goto BUFFER_AUTH;
}
if (!_mongoc_scram_buf_write (",",
-1,
scram->auth_message,
scram->auth_messagemax,
&scram->auth_messagelen)) {
goto BUFFER_AUTH;
}
for (ptr = inbuf; ptr < inbuf + inbuflen;) {
switch (*ptr) {
case 'r':
current_val = &val_r;
current_val_len = &val_r_len;
break;
case 's':
current_val = &val_s;
current_val_len = &val_s_len;
break;
case 'i':
current_val = &val_i;
current_val_len = &val_i_len;
break;
default:
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: unknown key (%c) in sasl step 2",
*ptr);
goto FAIL;
break;
}
ptr++;
if (*ptr != '=') {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: invalid parse state in sasl step 2");
goto FAIL;
}
ptr++;
next_comma =
(const uint8_t *) memchr (ptr, ',', (inbuf + inbuflen) - ptr);
if (next_comma) {
*current_val_len = (uint32_t) (next_comma - ptr);
} else {
*current_val_len = (uint32_t) ((inbuf + inbuflen) - ptr);
}
*current_val = (uint8_t *) bson_malloc (*current_val_len + 1);
memcpy (*current_val, ptr, *current_val_len);
(*current_val)[*current_val_len] = '\0';
if (next_comma) {
ptr = next_comma + 1;
} else {
break;
}
}
if (!val_r) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: no r param in sasl step 2");
goto FAIL;
}
if (!val_s) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: no s param in sasl step 2");
goto FAIL;
}
if (!val_i) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: no i param in sasl step 2");
goto FAIL;
}
/* verify our nonce */
if (val_r_len < scram->encoded_nonce_len ||
mongoc_memcmp (val_r, scram->encoded_nonce, scram->encoded_nonce_len)) {
bson_set_error (
error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: client nonce not repeated in sasl step 2");
}
*outbuflen = 0;
if (!_mongoc_scram_buf_write (
"c=biws,r=", -1, outbuf, outbufmax, outbuflen)) {
goto BUFFER;
}
if (!_mongoc_scram_buf_write (
(char *) val_r, val_r_len, outbuf, outbufmax, outbuflen)) {
goto BUFFER;
}
if (!_mongoc_scram_buf_write ((char *) outbuf,
*outbuflen,
scram->auth_message,
scram->auth_messagemax,
&scram->auth_messagelen)) {
goto BUFFER_AUTH;
}
if (!_mongoc_scram_buf_write (",p=", -1, outbuf, outbufmax, outbuflen)) {
goto BUFFER;
}
decoded_salt_len =
bson_b64_pton ((char *) val_s, decoded_salt, sizeof (decoded_salt));
if (-1 == decoded_salt_len) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: unable to decode salt in sasl step2");
goto FAIL;
}
if (16 != decoded_salt_len) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: invalid salt length of %d in sasl step2",
decoded_salt_len);
goto FAIL;
}
iterations = (int) bson_ascii_strtoll ((char *) val_i, &tmp, 10);
/* tmp holds the location of the failed to parse character. So if it's
* null, we got to the end of the string and didn't have a parse error */
if (*tmp) {
bson_set_error (
error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: unable to parse iterations in sasl step2");
goto FAIL;
}
if (iterations < 0) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: iterations is negative in sasl step2");
goto FAIL;
}
/* Save the presecrets for caching */
scram->hashed_password = bson_strdup (hashed_password);
scram->iterations = iterations;
memcpy (scram->decoded_salt, decoded_salt, sizeof (scram->decoded_salt));
if (scram->cache &&
_mongoc_scram_cache_has_presecrets (scram->cache, scram)) {
_mongoc_scram_cache_apply_secrets (scram->cache, scram);
}
if (!*scram->salted_password) {
_mongoc_scram_salt_password (scram,
hashed_password,
(uint32_t) strlen (hashed_password),
decoded_salt,
decoded_salt_len,
(uint32_t) iterations);
}
_mongoc_scram_generate_client_proof (scram, outbuf, outbufmax, outbuflen);
goto CLEANUP;
BUFFER_AUTH:
bson_set_error (
error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: could not buffer auth message in sasl step2");
goto FAIL;
BUFFER:
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: could not buffer sasl step2");
goto FAIL;
FAIL:
rval = false;
CLEANUP:
bson_free (val_r);
bson_free (val_s);
bson_free (val_i);
if (hashed_password) {
bson_zero_free (hashed_password, strlen (hashed_password));
}
return rval;
}
int
main (int argc,
char *argv[])
{
mongoc_database_t *database = NULL;
mongoc_client_t *client = NULL;
mongoc_collection_t *collection = NULL;
char *host_and_port;
int res = 0;
char* other_host_and_port = NULL;
if (argc < 2 || argc > 3) {
fprintf (stderr, "usage: %s MONGOD-1-CONNECTION-STRING "
"[MONGOD-2-HOST-NAME:MONGOD-2-PORT]\n",
argv[0]);
fprintf (stderr,
"MONGOD-1-CONNECTION-STRING can be "
"of the following forms:\n");
fprintf (stderr, "localhost\t\t\t\tlocal machine\n");
fprintf (stderr, "localhost:27018\t\t\t\tlocal machine on port 27018\n");
fprintf (stderr,
"mongodb://*****:*****@localhost:27017\t"
"local machine on port 27017, and authenticate with username "
"user and password pass\n");
return 1;
}
mongoc_init ();
if (strncmp (argv[1], "mongodb://", 10) == 0) {
host_and_port = bson_strdup (argv [1]);
} else {
host_and_port = bson_strdup_printf ("mongodb://%s", argv[1]);
}
other_host_and_port = argc > 2 ? argv[2] : NULL;
client = mongoc_client_new (host_and_port);
if (!client) {
fprintf(stderr, "Invalid hostname or port: %s\n", host_and_port);
res = 2;
goto cleanup;
}
database = mongoc_client_get_database (client, "test");
collection = mongoc_database_get_collection (database, COLLECTION_NAME);
printf ("Inserting data\n");
if (!insert_data (collection)) {
res = 3;
goto cleanup;
}
printf ("explain\n");
if (!explain (collection)) {
res = 4;
goto cleanup;
}
if (other_host_and_port) {
printf ("copydb\n");
if (!copydb (client, other_host_and_port)) {
res = 5;
goto cleanup;
}
printf ("clone collection\n");
if (!clone_collection (database, other_host_and_port)) {
res = 6;
goto cleanup;
}
}
cleanup:
if (collection) {
mongoc_collection_destroy (collection);
}
if (database) {
mongoc_database_destroy (database);
}
if (client) {
mongoc_client_destroy (client);
}
bson_free (host_and_port);
mongoc_cleanup ();
return res;
}
/* Parse server-first-message of the form:
* r=client-nonce|server-nonce,s=user-salt,i=iteration-count
*
* Generate client-final-message of the form:
* c=channel-binding(base64),r=client-nonce|server-nonce,p=client-proof
*/
static bool
_mongoc_scram_step2 (mongoc_scram_t *scram,
const uint8_t *inbuf,
uint32_t inbuflen,
uint8_t *outbuf,
uint32_t outbufmax,
uint32_t *outbuflen,
bson_error_t *error)
{
uint8_t *val_r = NULL;
uint32_t val_r_len;
uint8_t *val_s = NULL;
uint32_t val_s_len;
uint8_t *val_i = NULL;
uint32_t val_i_len;
uint8_t **current_val;
uint32_t *current_val_len;
const uint8_t *ptr;
const uint8_t *next_comma;
char *tmp;
char *hashed_password;
uint8_t decoded_salt[MONGOC_SCRAM_B64_HASH_MAX_SIZE] = {0};
int32_t decoded_salt_len;
/* the decoded salt leaves four trailing bytes to add the int32 0x00000001 */
const int32_t expected_salt_length = _scram_hash_size (scram) - 4;
bool rval = true;
int iterations;
BSON_ASSERT (scram);
BSON_ASSERT (outbuf);
BSON_ASSERT (outbufmax);
BSON_ASSERT (outbuflen);
if (scram->crypto.algorithm == MONGOC_CRYPTO_ALGORITHM_SHA_1) {
/* Auth spec for SCRAM-SHA-1: "The password variable MUST be the mongodb
* hashed variant. The mongo hashed variant is computed as hash = HEX(
* MD5( UTF8( username + ':mongo:' + plain_text_password )))" */
tmp = bson_strdup_printf ("%s:mongo:%s", scram->user, scram->pass);
hashed_password = _mongoc_hex_md5 (tmp);
bson_zero_free (tmp, strlen (tmp));
} else if (scram->crypto.algorithm == MONGOC_CRYPTO_ALGORITHM_SHA_256) {
/* Auth spec for SCRAM-SHA-256: "Passwords MUST be prepared with SASLprep,
* per RFC 5802. Passwords are used directly for key derivation; they
* MUST NOT be digested as they are in SCRAM-SHA-1." */
hashed_password =
_mongoc_sasl_prep (scram->pass, (int) strlen (scram->pass), error);
if (!hashed_password) {
goto FAIL;
}
} else {
BSON_ASSERT (false);
}
/* we need all of the incoming message for the final client proof */
if (!_mongoc_scram_buf_write ((char *) inbuf,
inbuflen,
scram->auth_message,
scram->auth_messagemax,
&scram->auth_messagelen)) {
goto BUFFER_AUTH;
}
if (!_mongoc_scram_buf_write (",",
-1,
scram->auth_message,
scram->auth_messagemax,
&scram->auth_messagelen)) {
goto BUFFER_AUTH;
}
for (ptr = inbuf; ptr < inbuf + inbuflen;) {
switch (*ptr) {
case 'r':
current_val = &val_r;
current_val_len = &val_r_len;
break;
case 's':
current_val = &val_s;
current_val_len = &val_s_len;
break;
case 'i':
current_val = &val_i;
current_val_len = &val_i_len;
break;
default:
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: unknown key (%c) in sasl step 2",
*ptr);
goto FAIL;
}
ptr++;
if (*ptr != '=') {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: invalid parse state in sasl step 2");
goto FAIL;
}
ptr++;
next_comma =
(const uint8_t *) memchr (ptr, ',', (inbuf + inbuflen) - ptr);
if (next_comma) {
*current_val_len = (uint32_t) (next_comma - ptr);
} else {
*current_val_len = (uint32_t) ((inbuf + inbuflen) - ptr);
}
*current_val = (uint8_t *) bson_malloc (*current_val_len + 1);
memcpy (*current_val, ptr, *current_val_len);
(*current_val)[*current_val_len] = '\0';
if (next_comma) {
ptr = next_comma + 1;
} else {
break;
}
}
if (!val_r) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: no r param in sasl step 2");
goto FAIL;
}
if (!val_s) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: no s param in sasl step 2");
goto FAIL;
}
if (!val_i) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: no i param in sasl step 2");
goto FAIL;
}
/* verify our nonce */
if (val_r_len < scram->encoded_nonce_len ||
mongoc_memcmp (val_r, scram->encoded_nonce, scram->encoded_nonce_len)) {
bson_set_error (
error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: client nonce not repeated in sasl step 2");
}
*outbuflen = 0;
if (!_mongoc_scram_buf_write (
"c=biws,r=", -1, outbuf, outbufmax, outbuflen)) {
goto BUFFER;
}
if (!_mongoc_scram_buf_write (
(char *) val_r, val_r_len, outbuf, outbufmax, outbuflen)) {
goto BUFFER;
}
if (!_mongoc_scram_buf_write ((char *) outbuf,
*outbuflen,
scram->auth_message,
scram->auth_messagemax,
&scram->auth_messagelen)) {
goto BUFFER_AUTH;
}
if (!_mongoc_scram_buf_write (",p=", -1, outbuf, outbufmax, outbuflen)) {
goto BUFFER;
}
decoded_salt_len =
bson_b64_pton ((char *) val_s, decoded_salt, sizeof (decoded_salt));
if (-1 == decoded_salt_len) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: unable to decode salt in sasl step2");
goto FAIL;
}
if (expected_salt_length != decoded_salt_len) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: invalid salt length of %d in sasl step2",
decoded_salt_len);
goto FAIL;
}
iterations = (int) bson_ascii_strtoll ((char *) val_i, &tmp, 10);
/* tmp holds the location of the failed to parse character. So if it's
* null, we got to the end of the string and didn't have a parse error */
if (*tmp) {
bson_set_error (
error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: unable to parse iterations in sasl step2");
goto FAIL;
}
if (iterations < 0) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: iterations is negative in sasl step2");
goto FAIL;
}
/* drivers MUST enforce a minimum iteration count of 4096 and MUST error if
* the authentication conversation specifies a lower count. This mitigates
* downgrade attacks by a man-in-the-middle attacker. */
if (iterations < 4096) {
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: iterations must be at least 4096");
goto FAIL;
}
/* Save the presecrets for caching */
scram->hashed_password = bson_strdup (hashed_password);
scram->iterations = iterations;
memcpy (scram->decoded_salt, decoded_salt, sizeof (scram->decoded_salt));
if (scram->cache &&
_mongoc_scram_cache_has_presecrets (scram->cache, scram)) {
_mongoc_scram_cache_apply_secrets (scram->cache, scram);
}
if (!*scram->salted_password) {
_mongoc_scram_salt_password (scram,
hashed_password,
(uint32_t) strlen (hashed_password),
decoded_salt,
decoded_salt_len,
(uint32_t) iterations);
}
_mongoc_scram_generate_client_proof (scram, outbuf, outbufmax, outbuflen);
goto CLEANUP;
BUFFER_AUTH:
bson_set_error (
error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: could not buffer auth message in sasl step2");
goto FAIL;
BUFFER:
bson_set_error (error,
MONGOC_ERROR_SCRAM,
MONGOC_ERROR_SCRAM_PROTOCOL_ERROR,
"SCRAM Failure: could not buffer sasl step2");
goto FAIL;
FAIL:
rval = false;
CLEANUP:
bson_free (val_r);
bson_free (val_s);
bson_free (val_i);
if (hashed_password) {
bson_zero_free (hashed_password, strlen (hashed_password));
}
return rval;
}
/**
* _mongoc_gridfs_file_new:
*
* Create a new empty gridfs file
*/
mongoc_gridfs_file_t *
_mongoc_gridfs_file_new (mongoc_gridfs_t *gridfs, mongoc_gridfs_file_opt_t *opt)
{
mongoc_gridfs_file_t *file;
mongoc_gridfs_file_opt_t default_opt = {0};
ENTRY;
BSON_ASSERT (gridfs);
if (!opt) {
opt = &default_opt;
}
file = (mongoc_gridfs_file_t *) bson_malloc0 (sizeof *file);
file->gridfs = gridfs;
file->is_dirty = 1;
if (opt->chunk_size) {
file->chunk_size = opt->chunk_size;
} else {
/*
* The default chunk size is now 255kb. This used to be 256k but has been
* reduced to allow for them to fit within power of two sizes in mongod.
*
* See CDRIVER-322.
*/
file->chunk_size = (1 << 18) - 1024;
}
file->files_id.value_type = BSON_TYPE_OID;
bson_oid_init (&file->files_id.value.v_oid, NULL);
file->upload_date = ((int64_t) time (NULL)) * 1000;
if (opt->md5) {
file->md5 = bson_strdup (opt->md5);
}
if (opt->filename) {
file->filename = bson_strdup (opt->filename);
}
if (opt->content_type) {
file->content_type = bson_strdup (opt->content_type);
}
if (opt->aliases) {
bson_copy_to (opt->aliases, &(file->aliases));
}
if (opt->metadata) {
bson_copy_to (opt->metadata, &(file->metadata));
}
file->pos = 0;
file->n = 0;
RETURN (file);
}
void
ha_sharded_cluster_start (ha_sharded_cluster_t *cluster)
{
bson_string_t *configopt;
struct stat st;
ha_node_t *iter;
char *cmd;
int i;
bson_return_if_fail(cluster);
if (!stat(cluster->name, &st)) {
if (S_ISDIR(st.st_mode)) {
/* Ayyyeeeeeee */
cmd = bson_strdup_printf("rm -rf \"%s\"", cluster->name);
fprintf(stderr, "%s\n", cmd);
system(cmd);
bson_free(cmd);
}
}
if (!!mkdir(cluster->name, 0750)) {
fprintf(stderr, "Failed to create directory \"%s\"\n",
cluster->name);
abort();
}
for (i = 0; i < 12; i++) {
if (cluster->replicas[i]) {
ha_replica_set_start(cluster->replicas[i]);
}
}
configopt = bson_string_new (NULL);
for (iter = cluster->configs; iter; iter = iter->next) {
ha_node_setup(iter);
ha_node_restart(iter);
bson_string_append_printf (configopt, "127.0.0.1:%hu%s",
iter->port,
iter->next ? "," : "");
}
sleep (5);
for (iter = cluster->routers; iter; iter = iter->next) {
bson_free (iter->configopt);
iter->configopt = bson_strdup (configopt->str);
ha_node_setup (iter);
ha_node_restart (iter);
}
ha_sharded_cluster_wait_for_healthy (cluster);
for (i = 0; i < 12; i++) {
if (cluster->replicas[i]) {
ha_config_add_shard (cluster->routers, cluster->replicas[i]);
}
}
bson_string_free (configopt, TRUE);
}
static bool
mongoc_uri_parse_option (mongoc_uri_t *uri,
const char *str)
{
int32_t v_int;
const char *end_key;
char *key = NULL;
char *value = NULL;
bool ret = false;
if (!(key = scan_to_unichar(str, '=', "", &end_key))) {
goto CLEANUP;
}
value = bson_strdup(end_key + 1);
mongoc_uri_do_unescape(&value);
if (!value) {
/* do_unescape detected invalid UTF-8 and freed value */
goto CLEANUP;
}
if (mongoc_uri_option_is_int32(key)) {
v_int = (int) strtol (value, NULL, 10);
BSON_APPEND_INT32 (&uri->options, key, v_int);
} else if (!strcasecmp(key, "w")) {
if (*value == '-' || isdigit(*value)) {
v_int = (int) strtol (value, NULL, 10);
BSON_APPEND_INT32 (&uri->options, "w", v_int);
} else if (0 == strcasecmp (value, "majority")) {
BSON_APPEND_UTF8 (&uri->options, "w", "majority");
} else if (*value) {
BSON_APPEND_UTF8 (&uri->options, "w", value);
}
} else if (mongoc_uri_option_is_bool(key)) {
bson_append_bool (&uri->options, key, -1,
(0 == strcasecmp (value, "true")) ||
(0 == strcasecmp (value, "t")) ||
(0 == strcmp (value, "1")));
} else if (!strcasecmp(key, "readpreferencetags")) {
mongoc_uri_parse_tags(uri, value);
} else if (!strcasecmp(key, "authmechanism") ||
!strcasecmp(key, "authsource")) {
bson_append_utf8(&uri->credentials, key, -1, value, -1);
} else if (!strcasecmp(key, "readconcernlevel")) {
mongoc_read_concern_set_level (uri->read_concern, value);
} else if (!strcasecmp(key, "authmechanismproperties")) {
if (!mongoc_uri_parse_auth_mechanism_properties(uri, value)) {
goto CLEANUP;
}
#ifdef MONGOC_EXPERIMENTAL_FEATURES
} else if (!strcasecmp (key, "appname")) {
if (!mongoc_uri_set_appname (uri, value)) {
MONGOC_WARNING ("Cannot set appname: %s is invalid", value);
goto CLEANUP;
}
#endif
} else {
bson_append_utf8(&uri->options, key, -1, value, -1);
}
ret = true;
CLEANUP:
bson_free(key);
bson_free(value);
return ret;
}
