libcouchbase 1.3.0 → 1.3.2

data/ext/libcouchbase/src/bucketconfig/confmon.cc

@@ -247,9 +247,11 @@ void Confmon::do_next_provider()
     state &= ~CONFMON_S_ITERGRACE;
     for (ProviderList::const_iterator ii = active_providers.begin();
             ii != active_providers.end(); ++ii) {
-        ConfigInfo *info;
         Provider* cached_provider = *ii;
-        info = cached_provider->get_cached();
+        if (!cached_provider) {
+            continue;
+        }
+        ConfigInfo *info = cached_provider->get_cached();
         if (!info) {
             continue;
         }

data/ext/libcouchbase/src/cntl.cc

@@ -165,6 +165,9 @@ HANDLER(retry_backoff_handler) {
 HANDLER(http_poolsz_handler) {
     RETURN_GET_SET(lcb_SIZE, instance->http_sockpool->get_options().maxidle)
 }
+HANDLER(http_pooltmo_handler) {
+    RETURN_GET_SET(uint32_t, instance->http_sockpool->get_options().tmoidle)
+}
 HANDLER(http_refresh_config_handler) {
     RETURN_GET_SET(int, LCBT_SETTING(instance, refresh_on_hterr))
 }
@@ -186,6 +189,9 @@ HANDLER(vbguess_handler) {
 HANDLER(vb_noremap_handler) {
     RETURN_GET_SET(int, LCBT_SETTING(instance, vb_noremap))
 }
+HANDLER(wait_for_config_handler) {
+    RETURN_GET_SET(int, LCBT_SETTING(instance, wait_for_config))
+}
 HANDLER(fetch_mutation_tokens_handler) {
     RETURN_GET_SET(int, LCBT_SETTING(instance, fetch_mutation_tokens))
 }
@@ -508,6 +514,7 @@ HANDLER(client_string_handler) {
     if (mode == LCB_CNTL_SET) {
         const char *val = reinterpret_cast<const char*>(arg);
         free(LCBT_SETTING(instance, client_string));
+        LCBT_SETTING(instance, client_string) = NULL;
         if (val) {
             LCBT_SETTING(instance, client_string) = strdup(val);
         }
@@ -641,98 +648,116 @@ HANDLER(comp_min_ratio_handler) {
     RETURN_GET_SET(float, LCBT_SETTING(instance, compress_min_ratio))
 }
 
+HANDLER(network_handler) {
+    if (mode == LCB_CNTL_SET) {
+        const char *val = reinterpret_cast<const char*>(arg);
+        free(LCBT_SETTING(instance, network));
+        LCBT_SETTING(instance, network) = NULL;
+        if (val) {
+            LCBT_SETTING(instance, network) = strdup(val);
+        }
+    } else {
+        *(const char **)arg = LCBT_SETTING(instance, network);
+    }
+    (void)cmd;
+    return LCB_SUCCESS;
+}
+
 static ctl_handler handlers[] = {
-    timeout_common, /* LCB_CNTL_OP_TIMEOUT */
-    timeout_common, /* LCB_CNTL_VIEW_TIMEOUT */
-    noop_handler, /* LCB_CNTL_RBUFSIZE */
-    noop_handler, /* LCB_CNTL_WBUFSIZE */
-    get_htype,      /* LCB_CNTL_HANDLETYPE */
-    get_vbconfig,   /* LCB_CNTL_VBCONFIG */
-    get_iops,       /* LCB_CNTL_IOPS */
-    get_kvb,        /* LCB_CNTL_VBMAP */
-    conninfo,       /* LCB_CNTL_MEMDNODE_INFO */
-    conninfo,       /* LCB_CNTL_CONFIGNODE_INFO */
-    syncmode,       /* LCB_CNTL_SYNCMODE */
-    ippolicy,       /* LCB_CNTL_IP6POLICY */
-    confthresh      /* LCB_CNTL_CONFERRTHRESH */,
-    timeout_common, /* LCB_CNTL_DURABILITY_INTERVAL */
-    timeout_common, /* LCB_CNTL_DURABILITY_TIMEOUT */
-    timeout_common, /* LCB_CNTL_HTTP_TIMEOUT */
-    lcb_iops_cntl_handler, /* LCB_CNTL_IOPS_DEFAULT_TYPES */
-    lcb_iops_cntl_handler, /* LCB_CNTL_IOPS_DLOPEN_DEBUG */
-    timeout_common,  /* LCB_CNTL_CONFIGURATION_TIMEOUT */
-    noop_handler,   /* LCB_CNTL_SKIP_CONFIGURATION_ERRORS_ON_CONNECT */
-    randomize_bootstrap_hosts_handler /* LCB_CNTL_RANDOMIZE_BOOTSTRAP_HOSTS */,
-    config_cache_loaded_handler /* LCB_CNTL_CONFIG_CACHE_LOADED */,
-    force_sasl_mech_handler, /* LCB_CNTL_FORCE_SASL_MECH */
-    max_redirects, /* LCB_CNTL_MAX_REDIRECTS */
-    logprocs_handler /* LCB_CNTL_LOGGER */,
-    timeout_common, /* LCB_CNTL_CONFDELAY_THRESH */
-    config_transport, /* LCB_CNTL_CONFIG_TRANSPORT */
-    timeout_common, /* LCB_CNTL_CONFIG_NODE_TIMEOUT */
-    timeout_common, /* LCB_CNTL_HTCONFIG_IDLE_TIMEOUT */
-    config_nodes, /* LCB_CNTL_CONFIG_HTTP_NODES */
-    config_nodes, /* LCB_CNTL_CONFIG_CCCP_NODES */
-    get_changeset, /* LCB_CNTL_CHANGESET */
-    init_providers, /* LCB_CNTL_CONFIG_ALL_NODES */
-    config_cache_handler, /* LCB_CNTL_CONFIGCACHE */
-    ssl_mode_handler, /* LCB_CNTL_SSL_MODE */
-    ssl_certpath_handler, /* LCB_CNTL_SSL_CERT */
-    retrymode_handler, /* LCB_CNTL_RETRYMODE */
-    htconfig_urltype_handler, /* LCB_CNTL_HTCONFIG_URLTYPE */
-    compmode_handler, /* LCB_CNTL_COMPRESSION_OPTS */
-    allocfactory_handler, /* LCB_CNTL_RDBALLOCFACTORY */
-    syncdtor_handler, /* LCB_CNTL_SYNCDESTROY */
-    console_log_handler, /* LCB_CNTL_CONLOGGER_LEVEL */
-    detailed_errcode_handler, /* LCB_CNTL_DETAILED_ERRCODES */
-    reinit_spec_handler, /* LCB_CNTL_REINIT_CONNSTR */
-    timeout_common, /* LCB_CNTL_RETRY_INTERVAL */
-    retry_backoff_handler, /* LCB_CNTL_RETRY_BACKOFF */
-    http_poolsz_handler, /* LCB_CNTL_HTTP_POOLSIZE */
-    http_refresh_config_handler, /* LCB_CNTL_HTTP_REFRESH_CONFIG_ON_ERROR */
-    bucketname_handler, /* LCB_CNTL_BUCKETNAME */
-    schedflush_handler, /* LCB_CNTL_SCHED_IMPLICIT_FLUSH */
-    vbguess_handler, /* LCB_CNTL_VBGUESS_PERSIST */
-    unsafe_optimize, /* LCB_CNTL_UNSAFE_OPTIMIZE */
-    fetch_mutation_tokens_handler, /* LCB_CNTL_FETCH_MUTATION_TOKENS */
-    dur_mutation_tokens_handler, /* LCB_CNTL_DURABILITY_MUTATION_TOKENS */
-    config_cache_handler, /* LCB_CNTL_CONFIGCACHE_READONLY */
-    nmv_imm_retry_handler, /* LCB_CNTL_RETRY_NMV_IMM */
-    mutation_tokens_supported_handler, /* LCB_CNTL_MUTATION_TOKENS_SUPPORTED */
-    tcp_nodelay_handler, /* LCB_CNTL_TCP_NODELAY */
-    readj_ts_wait_handler, /* LCB_CNTL_RESET_TIMEOUT_ON_WAIT */
-    console_fp_handler, /* LCB_CNTL_CONLOGGER_FP */
-    kv_hg_handler, /* LCB_CNTL_KVTIMINGS */
-    timeout_common, /* LCB_CNTL_N1QL_TIMEOUT */
-    n1ql_cache_clear_handler, /* LCB_CNTL_N1QL_CLEARCACHE */
-    client_string_handler, /* LCB_CNTL_CLIENT_STRING */
-    bucket_auth_handler, /* LCB_CNTL_BUCKET_CRED */
-    timeout_common, /* LCB_CNTL_RETRY_NMV_DELAY */
-    read_chunk_size_handler, /*LCB_CNTL_READ_CHUNKSIZE */
-    enable_errmap_handler, /* LCB_CNTL_ENABLE_ERRMAP */
-    select_bucket_handler, /* LCB_CNTL_SELECT_BUCKET */
-    tcp_keepalive_handler, /* LCB_CNTL_TCP_KEEPALIVE */
-    config_poll_interval_handler, /* LCB_CNTL_CONFIG_POLL_INTERVAL */
-    send_hello_handler, /* LCB_CNTL_SEND_HELLO */
-    buckettype_handler, /* LCB_CNTL_BUCKETTYPE */
-    metrics_handler, /* LCB_CNTL_METRICS */
-    collections_handler, /* LCB_CNTL_USE_COLLECTIONS */
-    ssl_keypath_handler, /* LCB_CNTL_SSL_KEY */
-    log_redaction_handler, /* LCB_CNTL_LOG_REDACTION */
-    ssl_truststorepath_handler, /* LCB_CNTL_SSL_TRUSTSTORE */
-    enable_tracing_handler, /* LCB_CNTL_ENABLE_TRACING */
-    timeout_common, /* LCB_CNTL_TRACING_ORPHANED_QUEUE_FLUSH_INTERVAL */
-    tracing_orphaned_queue_size_handler, /* LCB_CNTL_TRACING_ORPHANED_QUEUE_SIZE */
-    timeout_common, /* LCB_CNTL_TRACING_THRESHOLD_QUEUE_FLUSH_INTERVAL */
+    timeout_common,                       /* LCB_CNTL_OP_TIMEOUT */
+    timeout_common,                       /* LCB_CNTL_VIEW_TIMEOUT */
+    noop_handler,                         /* LCB_CNTL_RBUFSIZE */
+    noop_handler,                         /* LCB_CNTL_WBUFSIZE */
+    get_htype,                            /* LCB_CNTL_HANDLETYPE */
+    get_vbconfig,                         /* LCB_CNTL_VBCONFIG */
+    get_iops,                             /* LCB_CNTL_IOPS */
+    get_kvb,                              /* LCB_CNTL_VBMAP */
+    conninfo,                             /* LCB_CNTL_MEMDNODE_INFO */
+    conninfo,                             /* LCB_CNTL_CONFIGNODE_INFO */
+    syncmode,                             /* LCB_CNTL_SYNCMODE */
+    ippolicy,                             /* LCB_CNTL_IP6POLICY */
+    confthresh,                           /* LCB_CNTL_CONFERRTHRESH */
+    timeout_common,                       /* LCB_CNTL_DURABILITY_INTERVAL */
+    timeout_common,                       /* LCB_CNTL_DURABILITY_TIMEOUT */
+    timeout_common,                       /* LCB_CNTL_HTTP_TIMEOUT */
+    lcb_iops_cntl_handler,                /* LCB_CNTL_IOPS_DEFAULT_TYPES */
+    lcb_iops_cntl_handler,                /* LCB_CNTL_IOPS_DLOPEN_DEBUG */
+    timeout_common,                       /* LCB_CNTL_CONFIGURATION_TIMEOUT */
+    noop_handler,                         /* LCB_CNTL_SKIP_CONFIGURATION_ERRORS_ON_CONNECT */
+    randomize_bootstrap_hosts_handler,    /* LCB_CNTL_RANDOMIZE_BOOTSTRAP_HOSTS */
+    config_cache_loaded_handler,          /* LCB_CNTL_CONFIG_CACHE_LOADED */
+    force_sasl_mech_handler,              /* LCB_CNTL_FORCE_SASL_MECH */
+    max_redirects,                        /* LCB_CNTL_MAX_REDIRECTS */
+    logprocs_handler,                     /* LCB_CNTL_LOGGER */
+    timeout_common,                       /* LCB_CNTL_CONFDELAY_THRESH */
+    config_transport,                     /* LCB_CNTL_CONFIG_TRANSPORT */
+    timeout_common,                       /* LCB_CNTL_CONFIG_NODE_TIMEOUT */
+    timeout_common,                       /* LCB_CNTL_HTCONFIG_IDLE_TIMEOUT */
+    config_nodes,                         /* LCB_CNTL_CONFIG_HTTP_NODES */
+    config_nodes,                         /* LCB_CNTL_CONFIG_CCCP_NODES */
+    get_changeset,                        /* LCB_CNTL_CHANGESET */
+    init_providers,                       /* LCB_CNTL_CONFIG_ALL_NODES */
+    config_cache_handler,                 /* LCB_CNTL_CONFIGCACHE */
+    ssl_mode_handler,                     /* LCB_CNTL_SSL_MODE */
+    ssl_certpath_handler,                 /* LCB_CNTL_SSL_CERT */
+    retrymode_handler,                    /* LCB_CNTL_RETRYMODE */
+    htconfig_urltype_handler,             /* LCB_CNTL_HTCONFIG_URLTYPE */
+    compmode_handler,                     /* LCB_CNTL_COMPRESSION_OPTS */
+    allocfactory_handler,                 /* LCB_CNTL_RDBALLOCFACTORY */
+    syncdtor_handler,                     /* LCB_CNTL_SYNCDESTROY */
+    console_log_handler,                  /* LCB_CNTL_CONLOGGER_LEVEL */
+    detailed_errcode_handler,             /* LCB_CNTL_DETAILED_ERRCODES */
+    reinit_spec_handler,                  /* LCB_CNTL_REINIT_CONNSTR */
+    timeout_common,                       /* LCB_CNTL_RETRY_INTERVAL */
+    retry_backoff_handler,                /* LCB_CNTL_RETRY_BACKOFF */
+    http_poolsz_handler,                  /* LCB_CNTL_HTTP_POOLSIZE */
+    http_refresh_config_handler,          /* LCB_CNTL_HTTP_REFRESH_CONFIG_ON_ERROR */
+    bucketname_handler,                   /* LCB_CNTL_BUCKETNAME */
+    schedflush_handler,                   /* LCB_CNTL_SCHED_IMPLICIT_FLUSH */
+    vbguess_handler,                      /* LCB_CNTL_VBGUESS_PERSIST */
+    unsafe_optimize,                      /* LCB_CNTL_UNSAFE_OPTIMIZE */
+    fetch_mutation_tokens_handler,        /* LCB_CNTL_FETCH_MUTATION_TOKENS */
+    dur_mutation_tokens_handler,          /* LCB_CNTL_DURABILITY_MUTATION_TOKENS */
+    config_cache_handler,                 /* LCB_CNTL_CONFIGCACHE_READONLY */
+    nmv_imm_retry_handler,                /* LCB_CNTL_RETRY_NMV_IMM */
+    mutation_tokens_supported_handler,    /* LCB_CNTL_MUTATION_TOKENS_SUPPORTED */
+    tcp_nodelay_handler,                  /* LCB_CNTL_TCP_NODELAY */
+    readj_ts_wait_handler,                /* LCB_CNTL_RESET_TIMEOUT_ON_WAIT */
+    console_fp_handler,                   /* LCB_CNTL_CONLOGGER_FP */
+    kv_hg_handler,                        /* LCB_CNTL_KVTIMINGS */
+    timeout_common,                       /* LCB_CNTL_N1QL_TIMEOUT */
+    n1ql_cache_clear_handler,             /* LCB_CNTL_N1QL_CLEARCACHE */
+    client_string_handler,                /* LCB_CNTL_CLIENT_STRING */
+    bucket_auth_handler,                  /* LCB_CNTL_BUCKET_CRED */
+    timeout_common,                       /* LCB_CNTL_RETRY_NMV_DELAY */
+    read_chunk_size_handler,              /* LCB_CNTL_READ_CHUNKSIZE */
+    enable_errmap_handler,                /* LCB_CNTL_ENABLE_ERRMAP */
+    select_bucket_handler,                /* LCB_CNTL_SELECT_BUCKET */
+    tcp_keepalive_handler,                /* LCB_CNTL_TCP_KEEPALIVE */
+    config_poll_interval_handler,         /* LCB_CNTL_CONFIG_POLL_INTERVAL */
+    send_hello_handler,                   /* LCB_CNTL_SEND_HELLO */
+    buckettype_handler,                   /* LCB_CNTL_BUCKETTYPE */
+    metrics_handler,                      /* LCB_CNTL_METRICS */
+    collections_handler,                  /* LCB_CNTL_USE_COLLECTIONS */
+    ssl_keypath_handler,                  /* LCB_CNTL_SSL_KEY */
+    log_redaction_handler,                /* LCB_CNTL_LOG_REDACTION */
+    ssl_truststorepath_handler,           /* LCB_CNTL_SSL_TRUSTSTORE */
+    enable_tracing_handler,               /* LCB_CNTL_ENABLE_TRACING */
+    timeout_common,                       /* LCB_CNTL_TRACING_ORPHANED_QUEUE_FLUSH_INTERVAL */
+    tracing_orphaned_queue_size_handler,  /* LCB_CNTL_TRACING_ORPHANED_QUEUE_SIZE */
+    timeout_common,                       /* LCB_CNTL_TRACING_THRESHOLD_QUEUE_FLUSH_INTERVAL */
     tracing_threshold_queue_size_handler, /* LCB_CNTL_TRACING_THRESHOLD_QUEUE_SIZE */
-    timeout_common, /* LCB_CNTL_TRACING_THRESHOLD_KV */
-    timeout_common, /* LCB_CNTL_TRACING_THRESHOLD_N1QL */
-    timeout_common, /* LCB_CNTL_TRACING_THRESHOLD_VIEW */
-    timeout_common, /* LCB_CNTL_TRACING_THRESHOLD_FTS */
-    timeout_common, /* LCB_CNTL_TRACING_THRESHOLD_ANALYTICS */
-    comp_min_size_handler, /* LCB_CNTL_COMPRESSION_MIN_SIZE */
-    comp_min_ratio_handler, /* LCB_CNTL_COMPRESSION_MIN_RATIO */
-    vb_noremap_handler, /* LCB_CNTL_VB_NOREMAP */
+    timeout_common,                       /* LCB_CNTL_TRACING_THRESHOLD_KV */
+    timeout_common,                       /* LCB_CNTL_TRACING_THRESHOLD_N1QL */
+    timeout_common,                       /* LCB_CNTL_TRACING_THRESHOLD_VIEW */
+    timeout_common,                       /* LCB_CNTL_TRACING_THRESHOLD_FTS */
+    timeout_common,                       /* LCB_CNTL_TRACING_THRESHOLD_ANALYTICS */
+    comp_min_size_handler,                /* LCB_CNTL_COMPRESSION_MIN_SIZE */
+    comp_min_ratio_handler,               /* LCB_CNTL_COMPRESSION_MIN_RATIO */
+    vb_noremap_handler,                   /* LCB_CNTL_VB_NOREMAP */
+    network_handler,                      /* LCB_CNTL_NETWORK */
+    wait_for_config_handler,              /* LCB_CNTL_WAIT_FOR_CONFIG */
+    http_pooltmo_handler                  /* LCB_CNTL_HTTP_POOL_TIMEOUT */
 };
 
 /* Union used for conversion to/from string functions */
@@ -791,7 +816,10 @@ static lcb_error_t convert_int(const char *arg, u_STRCONVERT *u) {
 }
 
 static lcb_error_t convert_u32(const char *arg, u_STRCONVERT *u) {
-    return convert_timevalue(arg, u);
+    unsigned int tmp;
+    int rv = sscanf(arg, "%u", &tmp);
+    u->u32 = tmp;
+    return rv == 1 ? LCB_SUCCESS : LCB_ECTL_BADARG;
 }
 static lcb_error_t convert_float(const char *arg, u_STRCONVERT *u) {
     double d;
@@ -860,66 +888,68 @@ static lcb_error_t convert_ipv6(const char *arg, u_STRCONVERT *u)
 }
 
 static cntl_OPCODESTRS stropcode_map[] = {
-        {"operation_timeout", LCB_CNTL_OP_TIMEOUT, convert_timevalue},
-        {"timeout", LCB_CNTL_OP_TIMEOUT, convert_timevalue},
-        {"views_timeout", LCB_CNTL_VIEW_TIMEOUT, convert_timevalue},
-        {"n1ql_timeout", LCB_CNTL_N1QL_TIMEOUT, convert_timevalue},
-        {"durability_timeout", LCB_CNTL_DURABILITY_TIMEOUT, convert_timevalue},
-        {"durability_interval", LCB_CNTL_DURABILITY_INTERVAL, convert_timevalue},
-        {"http_timeout", LCB_CNTL_HTTP_TIMEOUT, convert_timevalue},
-        {"randomize_nodes", LCB_CNTL_RANDOMIZE_BOOTSTRAP_HOSTS, convert_intbool},
-        {"sasl_mech_force", LCB_CNTL_FORCE_SASL_MECH, convert_passthru},
-        {"error_thresh_count", LCB_CNTL_CONFERRTHRESH, convert_SIZE},
-        {"error_thresh_delay", LCB_CNTL_CONFDELAY_THRESH, convert_timevalue},
-        {"config_total_timeout", LCB_CNTL_CONFIGURATION_TIMEOUT, convert_timevalue},
-        {"config_node_timeout", LCB_CNTL_CONFIG_NODE_TIMEOUT, convert_timevalue},
-        {"compression", LCB_CNTL_COMPRESSION_OPTS, convert_compression},
-        {"console_log_level", LCB_CNTL_CONLOGGER_LEVEL, convert_u32},
-        {"config_cache", LCB_CNTL_CONFIGCACHE, convert_passthru },
-        {"config_cache_ro", LCB_CNTL_CONFIGCACHE_RO, convert_passthru },
-        {"detailed_errcodes", LCB_CNTL_DETAILED_ERRCODES, convert_intbool},
-        {"retry_policy", LCB_CNTL_RETRYMODE, convert_retrymode},
-        {"http_urlmode", LCB_CNTL_HTCONFIG_URLTYPE, convert_int },
-        {"sync_dtor", LCB_CNTL_SYNCDESTROY, convert_intbool },
-        {"_reinit_connstr", LCB_CNTL_REINIT_CONNSTR },
-        {"retry_backoff", LCB_CNTL_RETRY_BACKOFF, convert_float },
-        {"retry_interval", LCB_CNTL_RETRY_INTERVAL, convert_timevalue},
-        {"http_poolsize", LCB_CNTL_HTTP_POOLSIZE, convert_SIZE },
-        {"vbguess_persist", LCB_CNTL_VBGUESS_PERSIST, convert_intbool },
-        {"unsafe_optimize", LCB_CNTL_UNSAFE_OPTIMIZE, convert_intbool },
-        {"fetch_mutation_tokens", LCB_CNTL_FETCH_MUTATION_TOKENS, convert_intbool },
-        {"dur_mutation_tokens", LCB_CNTL_DURABILITY_MUTATION_TOKENS, convert_intbool },
-        {"retry_nmv_imm", LCB_CNTL_RETRY_NMV_IMM, convert_intbool },
-        {"tcp_nodelay", LCB_CNTL_TCP_NODELAY, convert_intbool },
-        {"readj_ts_wait", LCB_CNTL_RESET_TIMEOUT_ON_WAIT, convert_intbool },
-        {"console_log_file", LCB_CNTL_CONLOGGER_FP, NULL },
-        {"client_string", LCB_CNTL_CLIENT_STRING, convert_passthru},
-        {"retry_nmv_delay", LCB_CNTL_RETRY_NMV_INTERVAL, convert_timevalue},
-        {"bucket_cred", LCB_CNTL_BUCKET_CRED, NULL},
-        {"read_chunk_size", LCB_CNTL_READ_CHUNKSIZE, convert_u32},
-        {"enable_errmap", LCB_CNTL_ENABLE_ERRMAP, convert_intbool},
-        {"select_bucket", LCB_CNTL_SELECT_BUCKET, convert_intbool},
-        {"tcp_keepalive", LCB_CNTL_TCP_KEEPALIVE, convert_intbool},
-        {"config_poll_interval", LCB_CNTL_CONFIG_POLL_INTERVAL, convert_timevalue},
-        {"send_hello", LCB_CNTL_SEND_HELLO, convert_intbool},
-        {"ipv6", LCB_CNTL_IP6POLICY, convert_ipv6},
-        {"metrics", LCB_CNTL_METRICS, convert_intbool },
-        {"log_redaction", LCB_CNTL_LOG_REDACTION, convert_intbool},
-        {"enable_tracing", LCB_CNTL_ENABLE_TRACING, convert_intbool},
-        {"tracing_orphaned_queue_flush_interval", LCB_CNTL_TRACING_ORPHANED_QUEUE_FLUSH_INTERVAL, convert_timevalue},
-        {"tracing_orphaned_queue_size", LCB_CNTL_TRACING_ORPHANED_QUEUE_SIZE, convert_u32},
-        {"tracing_threshold_queue_flush_interval", LCB_CNTL_TRACING_THRESHOLD_QUEUE_FLUSH_INTERVAL, convert_timevalue},
-        {"tracing_threshold_queue_size", LCB_CNTL_TRACING_THRESHOLD_QUEUE_SIZE, convert_u32},
-        {"tracing_threshold_kv", LCB_CNTL_TRACING_THRESHOLD_KV, convert_timevalue},
-        {"tracing_threshold_n1ql", LCB_CNTL_TRACING_THRESHOLD_N1QL, convert_timevalue},
-        {"tracing_threshold_view", LCB_CNTL_TRACING_THRESHOLD_VIEW, convert_timevalue},
-        {"tracing_threshold_fts", LCB_CNTL_TRACING_THRESHOLD_FTS, convert_timevalue},
-        {"tracing_threshold_analytics", LCB_CNTL_TRACING_THRESHOLD_ANALYTICS, convert_timevalue},
-        {"compression_min_size", LCB_CNTL_COMPRESSION_MIN_SIZE, convert_u32},
-        {"compression_min_ratio", LCB_CNTL_COMPRESSION_MIN_RATIO, convert_float},
-        {"vb_noremap", LCB_CNTL_VB_NOREMAP, convert_intbool },
-        {NULL, -1}
-};
+    {"operation_timeout", LCB_CNTL_OP_TIMEOUT, convert_timevalue},
+    {"timeout", LCB_CNTL_OP_TIMEOUT, convert_timevalue},
+    {"views_timeout", LCB_CNTL_VIEW_TIMEOUT, convert_timevalue},
+    {"n1ql_timeout", LCB_CNTL_N1QL_TIMEOUT, convert_timevalue},
+    {"durability_timeout", LCB_CNTL_DURABILITY_TIMEOUT, convert_timevalue},
+    {"durability_interval", LCB_CNTL_DURABILITY_INTERVAL, convert_timevalue},
+    {"http_timeout", LCB_CNTL_HTTP_TIMEOUT, convert_timevalue},
+    {"randomize_nodes", LCB_CNTL_RANDOMIZE_BOOTSTRAP_HOSTS, convert_intbool},
+    {"sasl_mech_force", LCB_CNTL_FORCE_SASL_MECH, convert_passthru},
+    {"error_thresh_count", LCB_CNTL_CONFERRTHRESH, convert_SIZE},
+    {"error_thresh_delay", LCB_CNTL_CONFDELAY_THRESH, convert_timevalue},
+    {"config_total_timeout", LCB_CNTL_CONFIGURATION_TIMEOUT, convert_timevalue},
+    {"config_node_timeout", LCB_CNTL_CONFIG_NODE_TIMEOUT, convert_timevalue},
+    {"compression", LCB_CNTL_COMPRESSION_OPTS, convert_compression},
+    {"console_log_level", LCB_CNTL_CONLOGGER_LEVEL, convert_u32},
+    {"config_cache", LCB_CNTL_CONFIGCACHE, convert_passthru},
+    {"config_cache_ro", LCB_CNTL_CONFIGCACHE_RO, convert_passthru},
+    {"detailed_errcodes", LCB_CNTL_DETAILED_ERRCODES, convert_intbool},
+    {"retry_policy", LCB_CNTL_RETRYMODE, convert_retrymode},
+    {"http_urlmode", LCB_CNTL_HTCONFIG_URLTYPE, convert_int},
+    {"sync_dtor", LCB_CNTL_SYNCDESTROY, convert_intbool},
+    {"_reinit_connstr", LCB_CNTL_REINIT_CONNSTR},
+    {"retry_backoff", LCB_CNTL_RETRY_BACKOFF, convert_float},
+    {"retry_interval", LCB_CNTL_RETRY_INTERVAL, convert_timevalue},
+    {"http_poolsize", LCB_CNTL_HTTP_POOLSIZE, convert_SIZE},
+    {"vbguess_persist", LCB_CNTL_VBGUESS_PERSIST, convert_intbool},
+    {"unsafe_optimize", LCB_CNTL_UNSAFE_OPTIMIZE, convert_intbool},
+    {"fetch_mutation_tokens", LCB_CNTL_FETCH_MUTATION_TOKENS, convert_intbool},
+    {"dur_mutation_tokens", LCB_CNTL_DURABILITY_MUTATION_TOKENS, convert_intbool},
+    {"retry_nmv_imm", LCB_CNTL_RETRY_NMV_IMM, convert_intbool},
+    {"tcp_nodelay", LCB_CNTL_TCP_NODELAY, convert_intbool},
+    {"readj_ts_wait", LCB_CNTL_RESET_TIMEOUT_ON_WAIT, convert_intbool},
+    {"console_log_file", LCB_CNTL_CONLOGGER_FP, NULL},
+    {"client_string", LCB_CNTL_CLIENT_STRING, convert_passthru},
+    {"retry_nmv_delay", LCB_CNTL_RETRY_NMV_INTERVAL, convert_timevalue},
+    {"bucket_cred", LCB_CNTL_BUCKET_CRED, NULL},
+    {"read_chunk_size", LCB_CNTL_READ_CHUNKSIZE, convert_u32},
+    {"enable_errmap", LCB_CNTL_ENABLE_ERRMAP, convert_intbool},
+    {"select_bucket", LCB_CNTL_SELECT_BUCKET, convert_intbool},
+    {"tcp_keepalive", LCB_CNTL_TCP_KEEPALIVE, convert_intbool},
+    {"config_poll_interval", LCB_CNTL_CONFIG_POLL_INTERVAL, convert_timevalue},
+    {"send_hello", LCB_CNTL_SEND_HELLO, convert_intbool},
+    {"ipv6", LCB_CNTL_IP6POLICY, convert_ipv6},
+    {"metrics", LCB_CNTL_METRICS, convert_intbool},
+    {"log_redaction", LCB_CNTL_LOG_REDACTION, convert_intbool},
+    {"enable_tracing", LCB_CNTL_ENABLE_TRACING, convert_intbool},
+    {"tracing_orphaned_queue_flush_interval", LCB_CNTL_TRACING_ORPHANED_QUEUE_FLUSH_INTERVAL, convert_timevalue},
+    {"tracing_orphaned_queue_size", LCB_CNTL_TRACING_ORPHANED_QUEUE_SIZE, convert_u32},
+    {"tracing_threshold_queue_flush_interval", LCB_CNTL_TRACING_THRESHOLD_QUEUE_FLUSH_INTERVAL, convert_timevalue},
+    {"tracing_threshold_queue_size", LCB_CNTL_TRACING_THRESHOLD_QUEUE_SIZE, convert_u32},
+    {"tracing_threshold_kv", LCB_CNTL_TRACING_THRESHOLD_KV, convert_timevalue},
+    {"tracing_threshold_n1ql", LCB_CNTL_TRACING_THRESHOLD_N1QL, convert_timevalue},
+    {"tracing_threshold_view", LCB_CNTL_TRACING_THRESHOLD_VIEW, convert_timevalue},
+    {"tracing_threshold_fts", LCB_CNTL_TRACING_THRESHOLD_FTS, convert_timevalue},
+    {"tracing_threshold_analytics", LCB_CNTL_TRACING_THRESHOLD_ANALYTICS, convert_timevalue},
+    {"compression_min_size", LCB_CNTL_COMPRESSION_MIN_SIZE, convert_u32},
+    {"compression_min_ratio", LCB_CNTL_COMPRESSION_MIN_RATIO, convert_float},
+    {"vb_noremap", LCB_CNTL_VB_NOREMAP, convert_intbool},
+    {"network", LCB_CNTL_NETWORK, convert_passthru},
+    {"wait_for_config", LCB_CNTL_WAIT_FOR_CONFIG, convert_intbool},
+    {"http_pool_timeout", LCB_CNTL_HTTP_POOL_TIMEOUT, convert_timevalue},
+    {NULL, -1}};
 
 #define CNTL_NUM_HANDLERS (sizeof(handlers) / sizeof(handlers[0]))
 

data/ext/libcouchbase/src/config_static.h

@@ -47,7 +47,7 @@
 #define __STDC_FORMAT_MACROS 1
 #endif
 #include <inttypes.h>
-#elif defined(_MSC_VER)
+#elif defined(_WIN32)
 #ifndef PRIx64
 #define PRIx64 "I64x"
 #endif

data/ext/libcouchbase/src/connspec.cc

@@ -496,7 +496,11 @@ Connspec::load(const lcb_create_st& cropts)
         m_password = cr2->passwd;
     }
 
-    if (cropts.version == 3) {
+    if (cropts.version == 4) {
+        m_logger = cropts.v.v4.logger;
+    }
+
+    if (cropts.version == 3 || cropts.version == 4) {
         return parse(cropts.v.v3.connstr, &errmsg);
     }
 

data/ext/libcouchbase/src/connspec.h

@@ -61,7 +61,7 @@ struct Spechost {
 class LCB_CLASS_EXPORT Connspec {
 public:
     typedef std::vector<std::pair<std::string,std::string> > Options;
-    Connspec() : m_sslopts(0), m_implicit_port(0), m_loglevel(0), m_logredact(false), m_flags(0), m_ipv6(LCB_IPV6_DISABLED) {}
+    Connspec() : m_sslopts(0), m_implicit_port(0), m_loglevel(0), m_logredact(false), m_transports(), m_flags(0), m_ipv6(LCB_IPV6_DISABLED), m_logger(NULL) {}
 
     lcb_error_t parse(const char *connstr, const char **errmsg = NULL);
     lcb_error_t load(const lcb_create_st&);
@@ -97,6 +97,7 @@ public:
     const std::string& keypath() const { return m_keypath; }
     unsigned sslopts() const { return m_sslopts; }
     const Options& options() const { return m_ctlopts; }
+    lcb_logprocs * logger() const { return m_logger; }
     unsigned loglevel() const { return m_loglevel; }
     bool logredact() const { return m_logredact; }
     const std::string& connstr() const { return m_connstr; }
@@ -126,6 +127,7 @@ private:
     std::set<int> m_transports;
     unsigned m_flags; /**< Internal flags */
     lcb_ipv6_t m_ipv6;
+    lcb_logprocs *m_logger;
 };
 
 #define LCB_SPECSCHEME_RAW "couchbase+explicit://"

data/ext/libcouchbase/src/crypto.cc

@@ -17,6 +17,8 @@
 
 #include "internal.h"
 
+#define LOGARGS(instance, lvl) instance->settings, "crypto", LCB_LOG_##lvl, __FILE__, __LINE__
+
 void lcbcrypto_ref(lcbcrypto_PROVIDER *provider)
 {
     provider->_refcnt++;
@@ -32,6 +34,10 @@ void lcbcrypto_unref(lcbcrypto_PROVIDER *provider)
 
 void lcbcrypto_register(lcb_t instance, const char *name, lcbcrypto_PROVIDER *provider)
 {
+    if (provider->version != 1) {
+        lcb_log(LOGARGS(instance, ERROR), "Unsupported version for \"%s\" crypto provider, ignoring", name);
+        return;
+    }
     std::map< std::string, lcbcrypto_PROVIDER * >::iterator old = instance->crypto->find(name);
     if (old != instance->crypto->end()) {
         lcbcrypto_unref(old->second);
@@ -54,38 +60,36 @@ static bool lcbcrypto_is_valid(lcbcrypto_PROVIDER *provider)
     if (!(provider && provider->_refcnt > 0)) {
         return false;
     }
-    if (provider->version != 0) {
+    if (provider->version != 1) {
         return false;
     }
-    if (provider->v.v0.sign && provider->v.v0.verify_signature == NULL) {
+    if (provider->v.v1.sign && provider->v.v1.verify_signature == NULL) {
         return false;
     }
-    return provider->v.v0.load_key && provider->v.v0.encrypt && provider->v.v0.decrypt;
+    return provider->v.v1.encrypt && provider->v.v1.decrypt && provider->v.v1.get_key_id;
 }
 
-#define PROVIDER_LOAD_KEY(provider, type, keyid, key, nkey)                                                            \
-    (provider)->v.v0.load_key((provider), (type), (keyid), (key), (nkey))
-
-#define PROVIDER_NEED_SIGN(provider) (provider)->v.v0.sign != NULL
+#define PROVIDER_NEED_SIGN(provider) (provider)->v.v1.sign != NULL
 #define PROVIDER_SIGN(provider, parts, nparts, sig, nsig)                                                              \
-    (provider)->v.v0.sign((provider), (parts), (nparts), (sig), (nsig));
+    (provider)->v.v1.sign((provider), (parts), (nparts), (sig), (nsig));
 #define PROVIDER_VERIFY_SIGNATURE(provider, parts, nparts, sig, nsig)                                                  \
-    (provider)->v.v0.verify_signature((provider), (parts), (nparts), (sig), (nsig));
+    (provider)->v.v1.verify_signature((provider), (parts), (nparts), (sig), (nsig));
 
-#define PROVIDER_NEED_IV(provider) (provider)->v.v0.generate_iv != NULL
-#define PROVIDER_GENERATE_IV(provider, iv, niv) (provider)->v.v0.generate_iv((provider), (iv), (niv))
+#define PROVIDER_NEED_IV(provider) (provider)->v.v1.generate_iv != NULL
+#define PROVIDER_GENERATE_IV(provider, iv, niv) (provider)->v.v1.generate_iv((provider), (iv), (niv))
 
-#define PROVIDER_ENCRYPT(provider, ptext, nptext, key, nkey, iv, niv, ctext, nctext)                                   \
-    (provider)->v.v0.encrypt((provider), (ptext), (nptext), (key), (nkey), (iv), (niv), (ctext), (nctext));
-#define PROVIDER_DECRYPT(provider, ctext, nctext, key, nkey, iv, niv, ptext, nptext)                                   \
-    (provider)->v.v0.decrypt((provider), (ctext), (nctext), (key), (nkey), (iv), (niv), (ptext), (nptext));
+#define PROVIDER_ENCRYPT(provider, ptext, nptext, iv, niv, ctext, nctext)                                              \
+    (provider)->v.v1.encrypt((provider), (ptext), (nptext), (iv), (niv), (ctext), (nctext));
+#define PROVIDER_DECRYPT(provider, ctext, nctext, iv, niv, ptext, nptext)                                              \
+    (provider)->v.v1.decrypt((provider), (ctext), (nctext), (iv), (niv), (ptext), (nptext));
+
+#define PROVIDER_GET_KEY_ID(provider) (provider)->v.v1.get_key_id((provider));
 
 #define PROVIDER_RELEASE_BYTES(provider, bytes)                                                                        \
-    if ((bytes) && (provider)->v.v0.release_bytes) {                                                                   \
-        (provider)->v.v0.release_bytes((provider), (bytes));                                                           \
+    if ((bytes) && (provider)->v.v1.release_bytes) {                                                                   \
+        (provider)->v.v1.release_bytes((provider), (bytes));                                                           \
     }
 
-
 static lcbcrypto_PROVIDER *lcb_get_provider(const lcb_st *instance, const std::string &alg)
 {
     const lcb_st::lcb_ProviderMap::iterator provider_iterator = (*instance->crypto).find(alg);
@@ -102,26 +106,23 @@ lcb_error_t lcbcrypto_encrypt_fields(lcb_t instance, lcbcrypto_CMDENCRYPT *cmd)
         return LCB_EINVAL;
     }
     bool changed = false;
-    std::string prefix = (cmd->prefix == NULL) ? "__crypt_" : cmd->prefix;
+    std::string prefix = (cmd->prefix == NULL) ? LCBCRYPTO_DEFAULT_FIELD_PREFIX : cmd->prefix;
     for (size_t ii = 0; ii < cmd->nfields; ii++) {
         lcbcrypto_FIELDSPEC *field = cmd->fields + ii;
         lcb_error_t rc;
-        uint8_t *key = NULL;
-        size_t nkey = 0;
 
-        lcbcrypto_PROVIDER *provider = lcb_get_provider(instance, field->alg);
-        if (!lcbcrypto_is_valid(provider)) {
-            continue;
+        if (field->name == NULL) {
+            lcb_log(LOGARGS(instance, WARN), "field name cannot be NULL");
+            return LCB_EINVAL;
         }
 
-        rc = PROVIDER_LOAD_KEY(provider, LCBCRYPTO_KEY_ENCRYPT, field->kid, &key, &nkey);
-        if (rc != LCB_SUCCESS) {
-            PROVIDER_RELEASE_BYTES(provider, key);
-            continue;
+        lcbcrypto_PROVIDER *provider = lcb_get_provider(instance, field->alg);
+        if (!lcbcrypto_is_valid(provider)) {
+            lcb_log(LOGARGS(instance, WARN), "Invalid crypto provider");
+            return LCB_EINVAL;
         }
 
         if (jdoc.isMember(field->name)) {
-            std::string contents = Json::FastWriter().write(jdoc[field->name]);
             Json::Value encrypted;
             int ret;
 
@@ -131,26 +132,31 @@ lcb_error_t lcbcrypto_encrypt_fields(lcb_t instance, lcbcrypto_CMDENCRYPT *cmd)
             lcb_SIZE nbiv = 0;
             if (PROVIDER_NEED_IV(provider)) {
                 rc = PROVIDER_GENERATE_IV(provider, &iv, &niv);
-                if (rc != 0) {
+                if (rc != LCB_SUCCESS) {
                     PROVIDER_RELEASE_BYTES(provider, iv);
-                    continue;
+                    lcb_log(LOGARGS(instance, WARN), "Unable to generate IV");
+                    return rc;
                 }
                 ret = lcb_base64_encode2(reinterpret_cast< char * >(iv), niv, &biv, &nbiv);
                 if (ret < 0) {
                     free(biv);
                     PROVIDER_RELEASE_BYTES(provider, iv);
-                    continue;
+                    lcb_log(LOGARGS(instance, WARN), "Unable to encode IV as Base64 string");
+                    return LCB_EINVAL;
                 }
                 encrypted["iv"] = biv;
             }
+
+            std::string contents = Json::FastWriter().write(jdoc[field->name]);
             const uint8_t *ptext = reinterpret_cast< const uint8_t * >(contents.c_str());
             uint8_t *ctext = NULL;
             size_t nptext = contents.size(), nctext = 0;
-            rc = PROVIDER_ENCRYPT(provider, ptext, nptext, key, nkey, iv, niv, &ctext, &nctext);
+            rc = PROVIDER_ENCRYPT(provider, ptext, nptext, iv, niv, &ctext, &nctext);
             PROVIDER_RELEASE_BYTES(provider, iv);
             if (rc != LCB_SUCCESS) {
                 PROVIDER_RELEASE_BYTES(provider, ctext);
-                continue;
+                lcb_log(LOGARGS(instance, WARN), "Unable to encrypt field");
+                return rc;
             }
             char *btext = NULL;
             lcb_SIZE nbtext = 0;
@@ -158,9 +164,12 @@ lcb_error_t lcbcrypto_encrypt_fields(lcb_t instance, lcbcrypto_CMDENCRYPT *cmd)
             PROVIDER_RELEASE_BYTES(provider, ctext);
             if (ret < 0) {
                 free(btext);
-                continue;
+                lcb_log(LOGARGS(instance, WARN), "Unable to encode encrypted field as Base64 string");
+                return LCB_EINVAL;
             }
             encrypted["ciphertext"] = btext;
+            std::string kid = PROVIDER_GET_KEY_ID(provider);
+            encrypted["kid"] = kid;
 
             if (PROVIDER_NEED_SIGN(provider)) {
                 lcbcrypto_SIGV parts[4] = {};
@@ -168,8 +177,8 @@ lcb_error_t lcbcrypto_encrypt_fields(lcb_t instance, lcbcrypto_CMDENCRYPT *cmd)
                 uint8_t *sig = NULL;
                 size_t nsig = 0;
 
-                parts[nparts].data = reinterpret_cast< const uint8_t * >(field->kid);
-                parts[nparts].len = strlen(field->kid);
+                parts[nparts].data = reinterpret_cast< const uint8_t * >(kid.c_str());
+                parts[nparts].len = kid.size();
                 nparts++;
                 parts[nparts].data = reinterpret_cast< const uint8_t * >(field->alg);
                 parts[nparts].len = strlen(field->alg);
@@ -186,7 +195,8 @@ lcb_error_t lcbcrypto_encrypt_fields(lcb_t instance, lcbcrypto_CMDENCRYPT *cmd)
                 rc = PROVIDER_SIGN(provider, parts, nparts, &sig, &nsig);
                 if (rc != LCB_SUCCESS) {
                     PROVIDER_RELEASE_BYTES(provider, sig);
-                    continue;
+                    lcb_log(LOGARGS(instance, WARN), "Unable to sign encrypted field");
+                    return rc;
                 }
                 char *bsig = NULL;
                 lcb_SIZE nbsig = 0;
@@ -194,14 +204,14 @@ lcb_error_t lcbcrypto_encrypt_fields(lcb_t instance, lcbcrypto_CMDENCRYPT *cmd)
                 PROVIDER_RELEASE_BYTES(provider, sig);
                 if (ret < 0) {
                     free(bsig);
-                    continue;
+                    lcb_log(LOGARGS(instance, WARN), "Unable to encode signature as Base64 string");
+                    return LCB_EINVAL;
                 }
                 encrypted["sig"] = bsig;
                 free(bsig);
             }
             free(biv);
             free(btext);
-            encrypted["kid"] = field->kid;
             encrypted["alg"] = field->alg;
             jdoc[prefix + field->name] = encrypted;
             jdoc.removeMember(field->name);
@@ -231,34 +241,45 @@ lcb_error_t lcbcrypto_decrypt_fields(lcb_t instance, lcbcrypto_CMDDECRYPT *cmd)
     }
 
     bool changed = false;
-    std::string prefix = (cmd->prefix == NULL) ? "__crypt_" : cmd->prefix;
+    std::string prefix = (cmd->prefix == NULL) ? LCBCRYPTO_DEFAULT_FIELD_PREFIX : cmd->prefix;
 
-    const Json::Value::Members names = jdoc.getMemberNames();
-    for (Json::Value::Members::const_iterator ii = names.begin(); ii != names.end(); ii++) {
-        const std::string &name = *ii;
-        if (name.size() <= prefix.size()) {
-            continue;
+    for (size_t ii = 0; ii < cmd->nfields; ii++) {
+        lcbcrypto_FIELDSPEC *field = cmd->fields + ii;
+
+        if (field->name == NULL) {
+            lcb_log(LOGARGS(instance, WARN), "field name cannot be NULL");
+            return LCB_EINVAL;
+        }
+        lcbcrypto_PROVIDER *provider = lcb_get_provider(instance, field->alg);
+        if (!lcbcrypto_is_valid(provider)) {
+            lcb_log(LOGARGS(instance, WARN), "Invalid crypto provider");
+            return LCB_EINVAL;
         }
-        if (prefix.compare(0, prefix.size(), name, 0, prefix.size()) != 0) {
+
+        std::string name = prefix + field->name;
+        if (!jdoc.isMember(name)) {
             continue;
         }
         Json::Value &encrypted = jdoc[name];
         if (!encrypted.isObject()) {
-            continue;
-        }
-
-        Json::Value &jalg = encrypted["alg"];
-        if (!jalg.isString()) {
-            continue;
+            lcb_log(LOGARGS(instance, WARN), "Expected encrypted field to be an JSON object");
+            return LCB_EINVAL;
         }
-        const std::string &alg = jalg.asString();
 
         Json::Value &jkid = encrypted["kid"];
         if (!jkid.isString()) {
-            continue;
+            lcb_log(LOGARGS(instance, WARN), "Expected \"kid\" to be a JSON string");
+            return LCB_EINVAL;
         }
         const std::string &kid = jkid.asString();
 
+        Json::Value &jalg = encrypted["alg"];
+        if (!jalg.isString()) {
+            lcb_log(LOGARGS(instance, WARN), "Expected provider alias \"alg\" to be a JSON string");
+            return LCB_EINVAL;
+        }
+        const std::string &alg = jalg.asString();
+
         Json::Value &jiv = encrypted["iv"];
         const char *biv = NULL;
         size_t nbiv = 0;
@@ -270,21 +291,18 @@ lcb_error_t lcbcrypto_decrypt_fields(lcb_t instance, lcbcrypto_CMDDECRYPT *cmd)
         int ret;
         lcb_error_t rc;
 
-        lcbcrypto_PROVIDER *provider = lcb_get_provider(instance, alg);
-        if (!lcbcrypto_is_valid(provider)) {
-            continue;
-        }
         Json::Value &jctext = encrypted["ciphertext"];
         if (!jctext.isString()) {
-            continue;
+            lcb_log(LOGARGS(instance, WARN), "Expected encrypted field \"ciphertext\" to be a JSON string");
+            return LCB_EINVAL;
         }
         const std::string &btext = jctext.asString();
 
         if (PROVIDER_NEED_SIGN(provider)) {
             Json::Value &jsig = encrypted["sig"];
             if (!jsig.isString()) {
-                /* TODO: warn about missing signature? */
-                continue;
+                lcb_log(LOGARGS(instance, WARN), "Expected signature field \"sig\" to be a JSON string");
+                return LCB_EINVAL;
             }
             uint8_t *sig = NULL;
             lcb_SIZE nsig = 0;
@@ -292,7 +310,8 @@ lcb_error_t lcbcrypto_decrypt_fields(lcb_t instance, lcbcrypto_CMDDECRYPT *cmd)
             ret = lcb_base64_decode2(bsig.c_str(), bsig.size(), reinterpret_cast< char ** >(&sig), &nsig);
             if (ret < 0) {
                 PROVIDER_RELEASE_BYTES(provider, sig);
-                continue;
+                lcb_log(LOGARGS(instance, WARN), "Unable to decode signature as Base64 string");
+                return LCB_EINVAL;
             }
 
             lcbcrypto_SIGV parts[4] = {};
@@ -316,7 +335,8 @@ lcb_error_t lcbcrypto_decrypt_fields(lcb_t instance, lcbcrypto_CMDDECRYPT *cmd)
             rc = PROVIDER_VERIFY_SIGNATURE(provider, parts, nparts, sig, nsig);
             free(sig);
             if (rc != LCB_SUCCESS) {
-                continue;
+                lcb_log(LOGARGS(instance, WARN), "Signature verification for encrypted field \"ciphertext\" failed");
+                return rc;
             }
         }
 
@@ -324,16 +344,8 @@ lcb_error_t lcbcrypto_decrypt_fields(lcb_t instance, lcbcrypto_CMDDECRYPT *cmd)
         lcb_SIZE nctext = 0;
         ret = lcb_base64_decode2(btext.c_str(), btext.size(), reinterpret_cast< char ** >(&ctext), &nctext);
         if (ret < 0) {
-            continue;
-        }
-
-        uint8_t *key = NULL;
-        size_t nkey = 0;
-        rc = PROVIDER_LOAD_KEY(provider, LCBCRYPTO_KEY_DECRYPT, kid.c_str(), &key, &nkey);
-        if (rc != LCB_SUCCESS) {
-            free(ctext);
-            PROVIDER_RELEASE_BYTES(provider, key);
-            continue;
+            lcb_log(LOGARGS(instance, WARN), "Unable to decode encrypted field \"ciphertext\" as Base64 string");
+            return LCB_EINVAL;
         }
 
         uint8_t *iv = NULL;
@@ -342,26 +354,27 @@ lcb_error_t lcbcrypto_decrypt_fields(lcb_t instance, lcbcrypto_CMDDECRYPT *cmd)
             ret = lcb_base64_decode2(biv, nbiv, reinterpret_cast< char ** >(&iv), &niv);
             if (ret < 0) {
                 free(ctext);
-                PROVIDER_RELEASE_BYTES(provider, key);
-                continue;
+                lcb_log(LOGARGS(instance, WARN), "Unable to decode IV field \"iv\" as Base64 string");
+                return LCB_EINVAL;
             }
         }
 
         uint8_t *ptext = NULL;
         size_t nptext = 0;
-        rc = PROVIDER_DECRYPT(provider, ctext, nctext, key, nkey, iv, niv, &ptext, &nptext);
-        PROVIDER_RELEASE_BYTES(provider, key);
+        rc = PROVIDER_DECRYPT(provider, ctext, nctext, iv, niv, &ptext, &nptext);
         free(ctext);
         if (rc != LCB_SUCCESS) {
             PROVIDER_RELEASE_BYTES(provider, ptext);
-            continue;
+            lcb_log(LOGARGS(instance, WARN), "Unable to decrypt encrypted field");
+            return rc;
         }
         Json::Value frag;
         char *json = reinterpret_cast< char * >(ptext);
         bool valid_json = Json::Reader().parse(json, json + nptext, frag);
         PROVIDER_RELEASE_BYTES(provider, ptext);
         if (!valid_json) {
-            continue;
+            lcb_log(LOGARGS(instance, WARN), "Result of decryption is not valid JSON");
+            return LCB_EINVAL;
         }
         jdoc[name.substr(prefix.size())] = frag;
         jdoc.removeMember(name);