static SEC_CHAR * _mongoc_sspi_base64_encode (const SEC_CHAR *value, DWORD vlen) { SEC_CHAR *out = NULL; DWORD len; /* Get the correct size for the out buffer. */ if (CryptBinaryToStringA ((BYTE *) value, vlen, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, NULL, &len)) { out = (SEC_CHAR *) malloc (sizeof (SEC_CHAR) * len); if (out) { /* Encode to the out buffer. */ if (CryptBinaryToStringA ((BYTE *) value, vlen, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, out, &len)) { return out; } else { free (out); } } } MONGOC_ERROR ("%s", "CryptBinaryToString failed."); return NULL; }
static void * _multi_upload_thread (void *p) { multi_upload_thread_context_t *ctx; mongoc_gridfs_file_opt_t opt = { 0 }; mongoc_gridfs_file_t *file; bson_error_t error; ctx = (multi_upload_thread_context_t *) p; opt.filename = ctx->filename; /* upload chunks */ file = mongoc_gridfs_create_file_from_stream (ctx->gridfs, ctx->stream, &opt); /* create fs.files document */ if (!mongoc_gridfs_file_save (file)) { if (mongoc_gridfs_file_error (file, &error)) { MONGOC_ERROR ("file_readv: %s\n", error.message); } else { MONGOC_ERROR ("file_readv: unknown error\n"); } abort (); } mongoc_gridfs_file_destroy (file); return (void *) 1; }
static void _upload_big_file (gridfs_test_t *gridfs_test, bson_oid_t *oid /* OUT */) { mongoc_gridfs_file_t *file; mongoc_iovec_t iov; bson_error_t error; const bson_value_t *value; file = mongoc_gridfs_create_file (gridfs_test->gridfs, NULL); iov.iov_base = (void *) gridfs_test->data; iov.iov_len = gridfs_test->data_sz; if (iov.iov_len != mongoc_gridfs_file_writev (file, &iov, 1, 0)) { if (mongoc_gridfs_file_error (file, &error)) { MONGOC_ERROR ("file_writev: %s\n", error.message); } else { MONGOC_ERROR ("file_writev: unknown error\n"); } abort (); } mongoc_gridfs_file_save (file); value = mongoc_gridfs_file_get_id (file); assert (value->value_type == BSON_TYPE_OID); bson_oid_copy (&value->value.v_oid, oid); mongoc_gridfs_file_destroy (file); }
static void * _multi_download_thread (void *p) { multi_download_thread_context_t *ctx; FILE *fp; mongoc_gridfs_file_t *file; bson_error_t error; char buf[BUF_SZ]; mongoc_iovec_t iov; ssize_t sz; ctx = (multi_download_thread_context_t *) p; fp = fopen (ctx->path, "w+"); if (!fp) { perror ("fopen"); abort (); } file = mongoc_gridfs_find_one_by_filename (ctx->gridfs, ctx->filename, &error); if (!file) { MONGOC_ERROR ("find_one_by_filename: %s\n", error.message); abort (); } iov.iov_base = buf; iov.iov_len = BUF_SZ; for (;;) { /* a 255k chunk at a time */ sz = mongoc_gridfs_file_readv (file, &iov, 1, /* iov count */ 1, /* min bytes */ 0 /* timeout */); if (!sz) { break; } assert (sz > 0); fwrite (iov.iov_base, sizeof (char), (size_t) sz, fp); } if (mongoc_gridfs_file_error (file, &error)) { MONGOC_ERROR ("gridfs_file_readv: %s\n", error.message); abort (); } mongoc_gridfs_file_destroy (file); fclose (fp); return (void *) 1; }
char * mongoc_ssl_extract_subject (const char *filename, const char *passphrase) { char *retval; if (!filename) { MONGOC_ERROR ("No filename provided to extract subject from"); return NULL; } #ifdef _WIN32 if (_access (filename, 0) != 0) { #else if (access (filename, R_OK) != 0) { #endif MONGOC_ERROR ("Can't extract subject from unreadable file: '%s'", filename); return NULL; } #if defined(MONGOC_ENABLE_SSL_OPENSSL) retval = _mongoc_openssl_extract_subject (filename, passphrase); #elif defined(MONGOC_ENABLE_SSL_LIBRESSL) MONGOC_WARNING ( "libtls doesn't support automatically extracting subject from " "certificate to use with authentication"); retval = NULL; #elif defined(MONGOC_ENABLE_SSL_SECURE_TRANSPORT) retval = _mongoc_secure_transport_extract_subject (filename, passphrase); #elif defined(MONGOC_ENABLE_SSL_SECURE_CHANNEL) retval = _mongoc_secure_channel_extract_subject (filename, passphrase); #endif if (!retval) { MONGOC_ERROR ("Can't extract subject from file '%s'", filename); } return retval; } void _mongoc_ssl_opts_copy_to (const mongoc_ssl_opt_t *src, mongoc_ssl_opt_t *dst) { BSON_ASSERT (src); BSON_ASSERT (dst); dst->pem_file = bson_strdup (src->pem_file); dst->pem_pwd = bson_strdup (src->pem_pwd); dst->ca_file = bson_strdup (src->ca_file); dst->ca_dir = bson_strdup (src->ca_dir); dst->crl_file = bson_strdup (src->crl_file); dst->weak_cert_validation = src->weak_cert_validation; dst->allow_invalid_hostname = src->allow_invalid_hostname; }
static void multi_upload_before (perf_test_t *test) { multi_upload_test_t *upload_test; mongoc_client_t *client; mongoc_gridfs_t *gridfs; bson_error_t error; mongoc_database_t *db; multi_upload_thread_context_t *ctx; int i; perf_test_before (test); upload_test = (multi_upload_test_t *) test; client = mongoc_client_pool_pop (upload_test->pool); db = mongoc_client_get_database (client, "perftest"); if (!mongoc_database_drop (db, &error)) { MONGOC_ERROR ("database_drop: %s\n", error.message); abort (); } gridfs = mongoc_client_get_gridfs (client, "perftest", NULL, &error); if (!gridfs) { MONGOC_ERROR ("get_gridfs: %s\n", error.message); abort (); } write_one_byte_file (gridfs); mongoc_gridfs_destroy (gridfs); mongoc_client_pool_push (upload_test->pool, client); for (i = 0; i < upload_test->cnt; i++) { ctx = &upload_test->contexts[i]; ctx->client = mongoc_client_pool_pop (upload_test->pool); ctx->gridfs = mongoc_client_get_gridfs (ctx->client, "perftest", NULL, &error); if (!ctx->gridfs) { MONGOC_ERROR ("get_gridfs: %s\n", error.message); abort (); } ctx->stream = mongoc_stream_file_new_for_path (ctx->path, O_RDONLY, 0); if (!ctx->stream) { perror ("stream_new_for_path"); abort (); } } mongoc_database_destroy (db); }
void mock_server_replies_to_find (request_t *request, mongoc_query_flags_t flags, int64_t cursor_id, int32_t number_returned, const char *ns, const char *reply_json, bool is_command) { char *find_reply; char db[MONGOC_NAMESPACE_MAX]; _mongoc_get_db_name (ns, db); /* minimal validation, we're not testing query / find cmd here */ if (request->is_command && !is_command) { MONGOC_ERROR ("expected query, got command"); abort (); } if (!request->is_command && is_command) { MONGOC_ERROR ("expected command, got query"); abort (); } if (!request_matches_flags (request, flags)) { abort (); } if (is_command) { find_reply = bson_strdup_printf ( "{'ok': 1," " 'cursor': {" " 'id': {'$numberLong': '%" PRId64 "'}," " 'ns': '%s'," " 'firstBatch': [%s]}}", cursor_id, ns, reply_json); mock_server_replies_simple (request, find_reply); bson_free (find_reply); } else { mock_server_replies (request, MONGOC_REPLY_NONE, cursor_id, 0, number_returned, reply_json); } }
static SEC_CHAR * _mongoc_sspi_base64_decode (const SEC_CHAR *value, DWORD *rlen) { SEC_CHAR *out = NULL; /* Get the correct size for the out buffer. */ if (CryptStringToBinaryA ( value, 0, CRYPT_STRING_BASE64, NULL, rlen, NULL, NULL)) { out = (SEC_CHAR *) malloc (sizeof (SEC_CHAR) * *rlen); if (out) { /* Decode to the out buffer. */ if (CryptStringToBinaryA (value, 0, CRYPT_STRING_BASE64, (BYTE *) out, rlen, NULL, NULL)) { return out; } else { free (out); } } } MONGOC_ERROR ("%s", "CryptStringToBinary failed."); return NULL; }
static void multi_download_task (perf_test_t *test) { multi_download_test_t *download_test; multi_download_thread_context_t *ctx; int i; void *r; download_test = (multi_download_test_t *) test; for (i = 0; i < download_test->cnt; i++) { ctx = &download_test->contexts[i]; pthread_create (&ctx->thread, NULL, _multi_download_thread, (void *) ctx); } for (i = 0; i < download_test->cnt; i++) { if (pthread_join (download_test->contexts[i].thread, &r)) { perror ("pthread_join"); abort (); } if ((intptr_t) r != 1) { MONGOC_ERROR ("download_thread returned %p\n", r); abort (); } } }
static void test_mongoc_client_authenticate (void) { mongoc_collection_t *collection; mongoc_database_t *database; mongoc_client_t *client; mongoc_cursor_t *cursor; const bson_t *doc; bson_error_t error; char *username; char *uri; bool r; bson_t q; username = gen_test_user (); uri = gen_good_uri (username); /* * Add a user to the test database. */ client = mongoc_client_new(gTestUri); database = mongoc_client_get_database(client, "test"); mongoc_database_remove_user (database, username, &error); r = mongoc_database_add_user(database, username, "testpass", NULL, NULL, &error); ASSERT_CMPINT(r, ==, 1); mongoc_database_destroy(database); mongoc_client_destroy(client); /* * Try authenticating with that user. */ bson_init(&q); client = mongoc_client_new(uri); collection = mongoc_client_get_collection(client, "test", "test"); cursor = mongoc_collection_find(collection, MONGOC_QUERY_NONE, 0, 1, 0, &q, NULL, NULL); r = mongoc_cursor_next(cursor, &doc); if (!r) { r = mongoc_cursor_error(cursor, &error); if (r) { MONGOC_ERROR("Authentication failure: \"%s\"", error.message); } assert(!r); } mongoc_cursor_destroy(cursor); /* * Remove all test users. */ database = mongoc_client_get_database (client, "test"); r = mongoc_database_remove_all_users (database, &error); assert (r); mongoc_database_destroy (database); mongoc_collection_destroy(collection); mongoc_client_destroy(client); bson_free (username); bson_free (uri); }
/* * Set some values in our global metadata struct. These values will be sent * to the server as part of the initial connection handshake (isMaster). * If this function is called more than once, or after we've connected to a * mongod, then it will do nothing and return false. It will return true if it * successfully sets the values. * * All arguments are optional. */ bool mongoc_handshake_data_append (const char *driver_name, const char *driver_version, const char *platform) { int max_size = 0; if (gMongocMetadata.frozen) { MONGOC_ERROR ("Cannot set metadata more than once"); return false; } _append_and_truncate (&gMongocMetadata.driver_name, driver_name, METADATA_DRIVER_NAME_MAX); _append_and_truncate (&gMongocMetadata.driver_version, driver_version, METADATA_DRIVER_VERSION_MAX); max_size = METADATA_MAX_SIZE - - _mongoc_strlen_or_zero (gMongocMetadata.os_type) - _mongoc_strlen_or_zero (gMongocMetadata.os_name) - _mongoc_strlen_or_zero (gMongocMetadata.os_version) - _mongoc_strlen_or_zero (gMongocMetadata.os_architecture) - _mongoc_strlen_or_zero (gMongocMetadata.driver_name) - _mongoc_strlen_or_zero (gMongocMetadata.driver_version); _append_and_truncate (&gMongocMetadata.platform, platform, max_size); _mongoc_metadata_freeze (); return true; }
/** * mongoc_write_concern_append: * @write_concern: (in): A mongoc_write_concern_t. * @command: (out): A pointer to a bson document. * * Appends a write_concern document to a command, to send to * a server. * * Returns true on success, false on failure. * */ bool mongoc_write_concern_append (mongoc_write_concern_t *write_concern, bson_t *command) { if (!mongoc_write_concern_is_valid (write_concern)) { MONGOC_ERROR ("Invalid writeConcern passed into " "mongoc_write_concern_append."); return false; } if (!bson_append_document (command, "writeConcern", 12, _mongoc_write_concern_get_bson (write_concern))) { MONGOC_ERROR ("Could not append writeConcern to command."); return false; } return true; }
static void multi_download_before (perf_test_t *test) { multi_download_test_t *download_test; bson_error_t error; multi_download_thread_context_t *ctx; int i; perf_test_before (test); prep_tmp_dir (test->data_path); download_test = (multi_download_test_t *) test; for (i = 0; i < download_test->cnt; i++) { ctx = &download_test->contexts[i]; ctx->client = mongoc_client_pool_pop (download_test->pool); ctx->gridfs = mongoc_client_get_gridfs (ctx->client, "perftest", NULL, &error); if (!ctx->gridfs) { MONGOC_ERROR ("get_gridfs: %s\n", error.message); abort (); } } }
bool mongoc_compress (int32_t compressor_id, int32_t compression_level, char *uncompressed, size_t uncompressed_len, char *compressed, size_t *compressed_len) { TRACE ("Compressing with '%s' (%d)", mongoc_compressor_id_to_name (compressor_id), compressor_id); switch (compressor_id) { case MONGOC_COMPRESSOR_SNAPPY_ID: #ifdef MONGOC_ENABLE_COMPRESSION_SNAPPY /* No compression_level option for snappy */ return snappy_compress ( uncompressed, uncompressed_len, compressed, compressed_len) == SNAPPY_OK; break; #else MONGOC_ERROR ("Client attempting to use compress with snappy, but snappy " "compression is not compiled in"); return false; #endif case MONGOC_COMPRESSOR_ZLIB_ID: #ifdef MONGOC_ENABLE_COMPRESSION_ZLIB return compress2 ((unsigned char *) compressed, (unsigned long *) compressed_len, (unsigned char *) uncompressed, uncompressed_len, compression_level) == Z_OK; break; #else MONGOC_ERROR ("Client attempting to use compress with zlib, but zlib " "compression is not compiled in"); return false; #endif case MONGOC_COMPRESSOR_NOOP_ID: memcpy (compressed, uncompressed, uncompressed_len); *compressed_len = uncompressed_len; return true; default: return false; } }
static void test_clone (void) { mongoc_cursor_t *clone; mongoc_cursor_t *cursor; mongoc_client_t *client; const bson_t *doc; bson_error_t error; mongoc_uri_t *uri; bson_bool_t r; bson_t q = BSON_INITIALIZER; char *uristr; uristr = bson_strdup_printf("mongodb://%s/", HOST); uri = mongoc_uri_new(uristr); bson_free(uristr); client = mongoc_client_new_from_uri(uri); BSON_ASSERT(client); cursor = _mongoc_cursor_new(client, "test.test", MONGOC_QUERY_NONE, 0, 1, 1, FALSE, &q, NULL, NULL); BSON_ASSERT(cursor); r = mongoc_cursor_next(cursor, &doc); if (!r && mongoc_cursor_error(cursor, &error)) { MONGOC_ERROR("%s", error.message); abort(); } clone = mongoc_cursor_clone(cursor); BSON_ASSERT(cursor); r = mongoc_cursor_next(clone, &doc); if (!r && mongoc_cursor_error(clone, &error)) { MONGOC_ERROR("%s", error.message); abort(); } mongoc_cursor_destroy(cursor); mongoc_cursor_destroy(clone); mongoc_client_destroy(client); mongoc_uri_destroy(uri); }
/** * Deprecated. Was never supposed to be part of the public API. * See mongoc_stream_tls_handshake. */ bool mongoc_stream_tls_check_cert (mongoc_stream_t *stream, const char *host) { mongoc_stream_tls_t *stream_tls = (mongoc_stream_tls_t *)mongoc_stream_get_tls_stream (stream); BSON_ASSERT (stream_tls); MONGOC_ERROR ("This function doesn't do anything. Please call mongoc_stream_tls_handshake()"); return false; }
mongoc_client_pool_t * mongoc_client_pool_new (const mongoc_uri_t *uri) { mongoc_topology_t *topology; mongoc_client_pool_t *pool; const bson_t *b; bson_iter_t iter; ENTRY; BSON_ASSERT (uri); #ifndef MONGOC_ENABLE_SSL if (mongoc_uri_get_ssl (uri)) { MONGOC_ERROR ("Can't create SSL client pool," " SSL not enabled in this build."); return NULL; } #endif pool = (mongoc_client_pool_t *)bson_malloc0(sizeof *pool); mongoc_mutex_init(&pool->mutex); _mongoc_queue_init(&pool->queue); pool->uri = mongoc_uri_copy(uri); pool->min_pool_size = 0; pool->max_pool_size = 100; pool->size = 0; pool->topology_scanner_started = false; topology = mongoc_topology_new(uri, false); pool->topology = topology; mongoc_client_metadata_init (&pool->topology->scanner->ismaster_metadata); pool->error_api_version = MONGOC_ERROR_API_VERSION_LEGACY; b = mongoc_uri_get_options(pool->uri); if (bson_iter_init_find_case(&iter, b, "minpoolsize")) { if (BSON_ITER_HOLDS_INT32(&iter)) { pool->min_pool_size = BSON_MAX(0, bson_iter_int32(&iter)); } } if (bson_iter_init_find_case(&iter, b, "maxpoolsize")) { if (BSON_ITER_HOLDS_INT32(&iter)) { pool->max_pool_size = BSON_MAX(1, bson_iter_int32(&iter)); } } mongoc_counter_client_pools_active_inc(); RETURN(pool); }
/** * Deprecated. Was never supposed to be part of the public API. * See mongoc_stream_tls_handshake. */ bool mongoc_stream_tls_do_handshake (mongoc_stream_t *stream, int32_t timeout_msec) { mongoc_stream_tls_t *stream_tls = (mongoc_stream_tls_t *)mongoc_stream_get_tls_stream (stream); BSON_ASSERT (stream_tls); MONGOC_ERROR ("This function doesn't do anything. Please call mongoc_stream_tls_handshake()"); return false; }
void _mongoc_sspi_set_gsserror (DWORD errCode, const SEC_CHAR *msg) { SEC_CHAR *err; DWORD status; DWORD flags = FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS; status = FormatMessageA (flags, NULL, errCode, MAKELANGID (LANG_NEUTRAL, SUBLANG_DEFAULT), (LPTSTR) &err, 0, NULL); if (status) { MONGOC_ERROR ("SSPI: %s: %s", msg, err); LocalFree (err); } else { MONGOC_ERROR ("SSPI: %s", msg); } }
static void download_task (perf_test_t *test) { download_test_t *gridfs_test; bson_t query = BSON_INITIALIZER; mongoc_gridfs_file_t *file; mongoc_iovec_t iov; bson_error_t error; ssize_t read_sz; gridfs_test = (download_test_t *) test; bson_append_oid (&query, "_id", 3, &gridfs_test->file_id); file = mongoc_gridfs_find_one (gridfs_test->base.gridfs, &query, &error); if (!file) { MONGOC_ERROR ("gridfs_find_one: %s\n", error.message); abort (); } /* overwrite the buffer we used for _upload_big_file */ iov.iov_base = (void *) gridfs_test->base.data; iov.iov_len = gridfs_test->base.data_sz; read_sz = mongoc_gridfs_file_readv (file, &iov, 1, gridfs_test->base.data_sz, 0); if (read_sz != gridfs_test->base.data_sz) { if (mongoc_gridfs_file_error (file, &error)) { MONGOC_ERROR ("file_readv: %s\n", error.message); } else { MONGOC_ERROR ("file_readv: unknown error\n"); } abort (); } mongoc_gridfs_file_destroy (file); bson_destroy (&query); }
bool mongoc_client_pool_set_error_api (mongoc_client_pool_t *pool, int32_t version) { if (version != MONGOC_ERROR_API_VERSION_LEGACY && version != MONGOC_ERROR_API_VERSION_2) { MONGOC_ERROR ("Unsupported Error API Version: %" PRId32, version); return false; } pool->error_api_version = version; return true; }
int _mongoc_rand_bytes (uint8_t *buf, int num) { static BCRYPT_ALG_HANDLE algorithm = 0; NTSTATUS status = 0; if (!algorithm) { status = BCryptOpenAlgorithmProvider ( &algorithm, BCRYPT_RNG_ALGORITHM, NULL, 0); if (!NT_SUCCESS (status)) { MONGOC_ERROR ("BCryptOpenAlgorithmProvider(): %d", status); return 0; } } status = BCryptGenRandom (algorithm, buf, num, 0); if (NT_SUCCESS (status)) { return 1; } MONGOC_ERROR ("BCryptGenRandom(): %d", status); return 0; }
static void start_scanner_if_needed (mongoc_client_pool_t *pool) { bool r; if (!pool->topology_scanner_started) { r = mongoc_topology_start_background_scanner (pool->topology); if (r) { pool->topology_scanner_started = true; } else { MONGOC_ERROR ("Background scanner did not start!"); } } }
static void _drop_database (gridfs_test_t *gridfs_test) { mongoc_database_t *db; bson_error_t error; db = mongoc_client_get_database (gridfs_test->client, "perftest"); if (!mongoc_database_drop (db, &error)) { MONGOC_ERROR ("database_drop: %s\n", error.message); abort (); } mongoc_database_destroy (db); }
static void _init_gridfs (gridfs_test_t *gridfs_test) { bson_error_t error; /* ensures indexes */ gridfs_test->gridfs = mongoc_client_get_gridfs (gridfs_test->client, "perftest", NULL, &error); if (!gridfs_test->gridfs) { MONGOC_ERROR ("get_gridfs: %s\n", error.message); abort (); } }
bool _mongoc_openssl_import_cert_store (LPWSTR store_name, DWORD dwFlags, X509_STORE *openssl_store) { PCCERT_CONTEXT cert = NULL; HCERTSTORE cert_store; cert_store = CertOpenStore ( CERT_STORE_PROV_SYSTEM, /* provider */ X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, /* certificate encoding */ 0, /* unused */ dwFlags, /* dwFlags */ store_name); /* system store name. "My" or "Root" */ if (cert_store == NULL) { LPTSTR msg = NULL; FormatMessage (FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_ARGUMENT_ARRAY, NULL, GetLastError (), LANG_NEUTRAL, (LPTSTR) &msg, 0, NULL); MONGOC_ERROR ("Can't open CA store: 0x%.8X: '%s'", (unsigned int) GetLastError (), msg); LocalFree (msg); return false; } while ((cert = CertEnumCertificatesInStore (cert_store, cert)) != NULL) { X509 *x509Obj = d2i_X509 (NULL, (const unsigned char **) &cert->pbCertEncoded, cert->cbCertEncoded); if (x509Obj == NULL) { MONGOC_WARNING ( "Error parsing X509 object from Windows certificate store"); continue; } X509_STORE_add_cert (openssl_store, x509Obj); X509_free (x509Obj); } CertCloseStore (cert_store, 0); return true; }
void mongoc_crypto_cng_init (void) { NTSTATUS status = STATUS_UNSUCCESSFUL; _sha1_hash_algo = 0; status = BCryptOpenAlgorithmProvider ( &_sha1_hash_algo, BCRYPT_SHA1_ALGORITHM, NULL, 0); if (!NT_SUCCESS (status)) { MONGOC_ERROR ("BCryptOpenAlgorithmProvider(SHA1): %x", status); } _sha1_hmac_algo = 0; status = BCryptOpenAlgorithmProvider (&_sha1_hmac_algo, BCRYPT_SHA1_ALGORITHM, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG); if (!NT_SUCCESS (status)) { MONGOC_ERROR ("BCryptOpenAlgorithmProvider(SHA1 HMAC): %x", status); } _sha256_hash_algo = 0; status = BCryptOpenAlgorithmProvider ( &_sha256_hash_algo, BCRYPT_SHA256_ALGORITHM, NULL, 0); if (!NT_SUCCESS (status)) { MONGOC_ERROR ("BCryptOpenAlgorithmProvider(SHA256): %x", status); } _sha256_hmac_algo = 0; status = BCryptOpenAlgorithmProvider (&_sha256_hmac_algo, BCRYPT_SHA256_ALGORITHM, NULL, BCRYPT_ALG_HANDLE_HMAC_FLAG); if (!NT_SUCCESS (status)) { MONGOC_ERROR ("BCryptOpenAlgorithmProvider(SHA256 HMAC): %x", status); } }
bool mongoc_secure_transport_setup_ca ( mongoc_stream_tls_secure_transport_t *secure_transport, mongoc_ssl_opt_t *opt) { if (opt->ca_file) { CFArrayRef items; SecExternalItemType type = kSecItemTypeCertificate; bool success = _mongoc_secure_transport_import_pem ( opt->ca_file, NULL, &items, &type); if (!success) { MONGOC_ERROR ("Can't find certificate in \"%s\"", opt->ca_file); return false; } if (type == kSecItemTypeAggregate) { CFMutableArrayRef anchors = CFArrayCreateMutable ( kCFAllocatorDefault, 0, &kCFTypeArrayCallBacks); for (CFIndex i = 0; i < CFArrayGetCount (items); ++i) { CFTypeID item_id = CFGetTypeID (CFArrayGetValueAtIndex (items, i)); if (item_id == SecCertificateGetTypeID ()) { CFArrayAppendValue (anchors, CFArrayGetValueAtIndex (items, i)); } } secure_transport->anchors = anchors; CFRelease (items); } else if (type == kSecItemTypeCertificate) { secure_transport->anchors = items; } else { CFRelease (items); } /* This should be SSLSetCertificateAuthorities But the /TLS/ tests fail * when it is */ success = !SSLSetTrustedRoots ( secure_transport->ssl_ctx_ref, secure_transport->anchors, true); TRACE ("Setting certificate authority %s (%s)", success ? "succeeded" : "failed", opt->ca_file); return true; } TRACE ("%s", "No CA provided, using defaults"); return false; }
mongoc_client_t * _mongoc_client_new_from_uri (const mongoc_uri_t *uri, mongoc_topology_t *topology) { mongoc_client_t *client; const mongoc_read_prefs_t *read_prefs; const mongoc_read_concern_t *read_concern; const mongoc_write_concern_t *write_concern; BSON_ASSERT (uri); #ifndef MONGOC_ENABLE_SSL if (mongoc_uri_get_ssl (uri)) { MONGOC_ERROR ("Can't create SSL client, SSL not enabled in this build."); return NULL; } #endif client = (mongoc_client_t *)bson_malloc0(sizeof *client); client->uri = mongoc_uri_copy (uri); client->request_id = rand (); client->initiator = mongoc_client_default_stream_initiator; client->initiator_data = client; client->topology = topology; write_concern = mongoc_uri_get_write_concern (client->uri); client->write_concern = mongoc_write_concern_copy (write_concern); read_concern = mongoc_uri_get_read_concern (client->uri); client->read_concern = mongoc_read_concern_copy (read_concern); read_prefs = mongoc_uri_get_read_prefs_t (client->uri); client->read_prefs = mongoc_read_prefs_copy (read_prefs); mongoc_cluster_init (&client->cluster, client->uri, client); #ifdef MONGOC_ENABLE_SSL client->use_ssl = false; if (mongoc_uri_get_ssl (client->uri)) { /* sets use_ssl = true */ mongoc_client_set_ssl_opts (client, mongoc_ssl_opt_get_default ()); } #endif mongoc_counter_clients_active_inc (); return client; }
/** * mongoc_read_concern_append: * @read_concern: (in): A mongoc_read_concern_t. * @opts: (out): A pointer to a bson document. * * Appends a read_concern document to command options to send to * a server. * * Returns true on success, false on failure. * */ bool mongoc_read_concern_append (mongoc_read_concern_t *read_concern, bson_t *command) { BSON_ASSERT (read_concern); if (!read_concern->level) { return true; } if (!bson_append_document (command, "readConcern", 11, _mongoc_read_concern_get_bson (read_concern))) { MONGOC_ERROR ("Could not append readConcern to command."); return false; } return true; }