@harperfast/harper 5.0.0-alpha.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CODE_OF_CONDUCT.md +83 -0
- package/LICENSE +201 -0
- package/README.md +54 -0
- package/SECURITY.md +18 -0
- package/SUPPORT.md +26 -0
- package/dist/bin/BinObjects.d.ts +9 -0
- package/dist/bin/BinObjects.js +15 -0
- package/dist/bin/BinObjects.js.map +1 -0
- package/dist/bin/cliOperations.d.ts +12 -0
- package/dist/bin/cliOperations.js +156 -0
- package/dist/bin/cliOperations.js.map +1 -0
- package/dist/bin/copyDb.d.ts +2 -0
- package/dist/bin/copyDb.js +298 -0
- package/dist/bin/copyDb.js.map +1 -0
- package/dist/bin/harper.d.ts +2 -0
- package/dist/bin/harper.js +148 -0
- package/dist/bin/harper.js.map +1 -0
- package/dist/bin/install.d.ts +2 -0
- package/dist/bin/install.js +16 -0
- package/dist/bin/install.js.map +1 -0
- package/dist/bin/lite.d.ts +1 -0
- package/dist/bin/lite.js +6 -0
- package/dist/bin/lite.js.map +1 -0
- package/dist/bin/restart.d.ts +13 -0
- package/dist/bin/restart.js +194 -0
- package/dist/bin/restart.js.map +1 -0
- package/dist/bin/run.d.ts +21 -0
- package/dist/bin/run.js +365 -0
- package/dist/bin/run.js.map +1 -0
- package/dist/bin/status.d.ts +2 -0
- package/dist/bin/status.js +56 -0
- package/dist/bin/status.js.map +1 -0
- package/dist/bin/stop.d.ts +2 -0
- package/dist/bin/stop.js +17 -0
- package/dist/bin/stop.js.map +1 -0
- package/dist/bin/upgrade.d.ts +7 -0
- package/dist/bin/upgrade.js +111 -0
- package/dist/bin/upgrade.js.map +1 -0
- package/dist/components/Application.d.ts +110 -0
- package/dist/components/Application.js +509 -0
- package/dist/components/Application.js.map +1 -0
- package/dist/components/ApplicationScope.d.ts +28 -0
- package/dist/components/ApplicationScope.js +81 -0
- package/dist/components/ApplicationScope.js.map +1 -0
- package/dist/components/Component.d.ts +21 -0
- package/dist/components/Component.js +43 -0
- package/dist/components/Component.js.map +1 -0
- package/dist/components/ComponentV1.d.ts +69 -0
- package/dist/components/ComponentV1.js +263 -0
- package/dist/components/ComponentV1.js.map +1 -0
- package/dist/components/DEFAULT_CONFIG.d.ts +18 -0
- package/dist/components/DEFAULT_CONFIG.js +22 -0
- package/dist/components/DEFAULT_CONFIG.js.map +1 -0
- package/dist/components/EntryHandler.d.ts +61 -0
- package/dist/components/EntryHandler.js +148 -0
- package/dist/components/EntryHandler.js.map +1 -0
- package/dist/components/OptionsWatcher.d.ts +75 -0
- package/dist/components/OptionsWatcher.js +281 -0
- package/dist/components/OptionsWatcher.js.map +1 -0
- package/dist/components/PluginModule.d.ts +5 -0
- package/dist/components/PluginModule.js +3 -0
- package/dist/components/PluginModule.js.map +1 -0
- package/dist/components/Scope.d.ts +49 -0
- package/dist/components/Scope.js +262 -0
- package/dist/components/Scope.js.map +1 -0
- package/dist/components/componentLoader.js +498 -0
- package/dist/components/componentLoader.js.map +1 -0
- package/dist/components/deriveCommonPatternBase.d.ts +1 -0
- package/dist/components/deriveCommonPatternBase.js +34 -0
- package/dist/components/deriveCommonPatternBase.js.map +1 -0
- package/dist/components/deriveGlobOptions.d.ts +13 -0
- package/dist/components/deriveGlobOptions.js +30 -0
- package/dist/components/deriveGlobOptions.js.map +1 -0
- package/dist/components/deriveURLPath.d.ts +3 -0
- package/dist/components/deriveURLPath.js +55 -0
- package/dist/components/deriveURLPath.js.map +1 -0
- package/dist/components/operations.d.ts +97 -0
- package/dist/components/operations.js +556 -0
- package/dist/components/operations.js.map +1 -0
- package/dist/components/operationsValidation.d.ts +44 -0
- package/dist/components/operationsValidation.js +221 -0
- package/dist/components/operationsValidation.js.map +1 -0
- package/dist/components/packageComponent.d.ts +8 -0
- package/dist/components/packageComponent.js +42 -0
- package/dist/components/packageComponent.js.map +1 -0
- package/dist/components/requestRestart.d.ts +3 -0
- package/dist/components/requestRestart.js +27 -0
- package/dist/components/requestRestart.js.map +1 -0
- package/dist/components/resolveBaseURLPath.d.ts +15 -0
- package/dist/components/resolveBaseURLPath.js +38 -0
- package/dist/components/resolveBaseURLPath.js.map +1 -0
- package/dist/components/status/ComponentStatus.d.ts +61 -0
- package/dist/components/status/ComponentStatus.js +102 -0
- package/dist/components/status/ComponentStatus.js.map +1 -0
- package/dist/components/status/ComponentStatusRegistry.d.ts +89 -0
- package/dist/components/status/ComponentStatusRegistry.js +195 -0
- package/dist/components/status/ComponentStatusRegistry.js.map +1 -0
- package/dist/components/status/api.d.ts +104 -0
- package/dist/components/status/api.js +137 -0
- package/dist/components/status/api.js.map +1 -0
- package/dist/components/status/crossThread.d.ts +62 -0
- package/dist/components/status/crossThread.js +343 -0
- package/dist/components/status/crossThread.js.map +1 -0
- package/dist/components/status/errors.d.ts +68 -0
- package/dist/components/status/errors.js +123 -0
- package/dist/components/status/errors.js.map +1 -0
- package/dist/components/status/index.d.ts +35 -0
- package/dist/components/status/index.js +75 -0
- package/dist/components/status/index.js.map +1 -0
- package/dist/components/status/internal.d.ts +40 -0
- package/dist/components/status/internal.js +76 -0
- package/dist/components/status/internal.js.map +1 -0
- package/dist/components/status/registry.d.ts +10 -0
- package/dist/components/status/registry.js +14 -0
- package/dist/components/status/registry.js.map +1 -0
- package/dist/components/status/types.d.ts +94 -0
- package/dist/components/status/types.js +20 -0
- package/dist/components/status/types.js.map +1 -0
- package/dist/config/RootConfigWatcher.d.ts +10 -0
- package/dist/config/RootConfigWatcher.js +59 -0
- package/dist/config/RootConfigWatcher.js.map +1 -0
- package/dist/config/configHelpers.d.ts +6 -0
- package/dist/config/configHelpers.js +47 -0
- package/dist/config/configHelpers.js.map +1 -0
- package/dist/config/configUtils.d.ts +85 -0
- package/dist/config/configUtils.js +801 -0
- package/dist/config/configUtils.js.map +1 -0
- package/dist/config/harperConfigEnvVars.d.ts +46 -0
- package/dist/config/harperConfigEnvVars.js +527 -0
- package/dist/config/harperConfigEnvVars.js.map +1 -0
- package/dist/dataLayer/CreateAttributeObject.d.ts +19 -0
- package/dist/dataLayer/CreateAttributeObject.js +23 -0
- package/dist/dataLayer/CreateAttributeObject.js.map +1 -0
- package/dist/dataLayer/CreateTableObject.d.ts +7 -0
- package/dist/dataLayer/CreateTableObject.js +10 -0
- package/dist/dataLayer/CreateTableObject.js.map +1 -0
- package/dist/dataLayer/DataLayerObjects.d.ts +22 -0
- package/dist/dataLayer/DataLayerObjects.js +33 -0
- package/dist/dataLayer/DataLayerObjects.js.map +1 -0
- package/dist/dataLayer/DeleteBeforeObject.d.ts +18 -0
- package/dist/dataLayer/DeleteBeforeObject.js +21 -0
- package/dist/dataLayer/DeleteBeforeObject.js.map +1 -0
- package/dist/dataLayer/DeleteObject.d.ts +19 -0
- package/dist/dataLayer/DeleteObject.js +23 -0
- package/dist/dataLayer/DeleteObject.js.map +1 -0
- package/dist/dataLayer/DropAttributeObject.d.ts +7 -0
- package/dist/dataLayer/DropAttributeObject.js +10 -0
- package/dist/dataLayer/DropAttributeObject.js.map +1 -0
- package/dist/dataLayer/GetBackupObject.d.ts +16 -0
- package/dist/dataLayer/GetBackupObject.js +20 -0
- package/dist/dataLayer/GetBackupObject.js.map +1 -0
- package/dist/dataLayer/InsertObject.d.ts +20 -0
- package/dist/dataLayer/InsertObject.js +24 -0
- package/dist/dataLayer/InsertObject.js.map +1 -0
- package/dist/dataLayer/ReadAuditLogObject.d.ts +18 -0
- package/dist/dataLayer/ReadAuditLogObject.js +22 -0
- package/dist/dataLayer/ReadAuditLogObject.js.map +1 -0
- package/dist/dataLayer/SQLSearch.d.ts +171 -0
- package/dist/dataLayer/SQLSearch.js +1168 -0
- package/dist/dataLayer/SQLSearch.js.map +1 -0
- package/dist/dataLayer/SearchByConditionsObject.d.ts +85 -0
- package/dist/dataLayer/SearchByConditionsObject.js +57 -0
- package/dist/dataLayer/SearchByConditionsObject.js.map +1 -0
- package/dist/dataLayer/SearchByHashObject.d.ts +17 -0
- package/dist/dataLayer/SearchByHashObject.js +20 -0
- package/dist/dataLayer/SearchByHashObject.js.map +1 -0
- package/dist/dataLayer/SearchObject.d.ts +30 -0
- package/dist/dataLayer/SearchObject.js +33 -0
- package/dist/dataLayer/SearchObject.js.map +1 -0
- package/dist/dataLayer/SqlSearchObject.d.ts +10 -0
- package/dist/dataLayer/SqlSearchObject.js +13 -0
- package/dist/dataLayer/SqlSearchObject.js.map +1 -0
- package/dist/dataLayer/UpdateObject.d.ts +18 -0
- package/dist/dataLayer/UpdateObject.js +22 -0
- package/dist/dataLayer/UpdateObject.js.map +1 -0
- package/dist/dataLayer/UpsertObject.d.ts +18 -0
- package/dist/dataLayer/UpsertObject.js +22 -0
- package/dist/dataLayer/UpsertObject.js.map +1 -0
- package/dist/dataLayer/bulkLoad.d.ts +28 -0
- package/dist/dataLayer/bulkLoad.js +624 -0
- package/dist/dataLayer/bulkLoad.js.map +1 -0
- package/dist/dataLayer/dataObjects/BulkLoadObjects.d.ts +17 -0
- package/dist/dataLayer/dataObjects/BulkLoadObjects.js +25 -0
- package/dist/dataLayer/dataObjects/BulkLoadObjects.js.map +1 -0
- package/dist/dataLayer/dataObjects/UpsertObject.d.ts +18 -0
- package/dist/dataLayer/dataObjects/UpsertObject.js +22 -0
- package/dist/dataLayer/dataObjects/UpsertObject.js.map +1 -0
- package/dist/dataLayer/delete.d.ts +22 -0
- package/dist/dataLayer/delete.js +111 -0
- package/dist/dataLayer/delete.js.map +1 -0
- package/dist/dataLayer/export.d.ts +15 -0
- package/dist/dataLayer/export.js +302 -0
- package/dist/dataLayer/export.js.map +1 -0
- package/dist/dataLayer/getBackup.d.ts +8 -0
- package/dist/dataLayer/getBackup.js +28 -0
- package/dist/dataLayer/getBackup.js.map +1 -0
- package/dist/dataLayer/harperBridge/BridgeMethods.d.ts +24 -0
- package/dist/dataLayer/harperBridge/BridgeMethods.js +62 -0
- package/dist/dataLayer/harperBridge/BridgeMethods.js.map +1 -0
- package/dist/dataLayer/harperBridge/ResourceBridge.d.ts +104 -0
- package/dist/dataLayer/harperBridge/ResourceBridge.js +630 -0
- package/dist/dataLayer/harperBridge/ResourceBridge.js.map +1 -0
- package/dist/dataLayer/harperBridge/bridgeUtility/insertUpdateReturnObj.d.ts +14 -0
- package/dist/dataLayer/harperBridge/bridgeUtility/insertUpdateReturnObj.js +24 -0
- package/dist/dataLayer/harperBridge/bridgeUtility/insertUpdateReturnObj.js.map +1 -0
- package/dist/dataLayer/harperBridge/bridgeUtility/insertUpdateValidate.d.ts +11 -0
- package/dist/dataLayer/harperBridge/bridgeUtility/insertUpdateValidate.js +68 -0
- package/dist/dataLayer/harperBridge/bridgeUtility/insertUpdateValidate.js.map +1 -0
- package/dist/dataLayer/harperBridge/harperBridge.d.ts +2 -0
- package/dist/dataLayer/harperBridge/harperBridge.js +18 -0
- package/dist/dataLayer/harperBridge/harperBridge.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/LMDBBridge.d.ts +47 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/LMDBBridge.js +99 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/LMDBBridge.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/DeleteAuditLogsBeforeResults.d.ts +15 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/DeleteAuditLogsBeforeResults.js +18 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/DeleteAuditLogsBeforeResults.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateAttribute.d.ts +12 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateAttribute.js +74 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateAttribute.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateRecords.d.ts +13 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateRecords.js +54 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateRecords.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateSchema.d.ts +6 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateSchema.js +23 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateSchema.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateTable.d.ts +8 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateTable.js +62 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbCreateTable.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDeleteAuditLogsBefore.d.ts +8 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDeleteAuditLogsBefore.js +82 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDeleteAuditLogsBefore.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDeleteRecords.d.ts +11 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDeleteRecords.js +76 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDeleteRecords.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropAttribute.d.ts +9 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropAttribute.js +83 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropAttribute.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropSchema.d.ts +6 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropSchema.js +73 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropSchema.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropTable.d.ts +6 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropTable.js +110 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbDropTable.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbFlush.d.ts +14 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbFlush.js +33 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbFlush.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetBackup.d.ts +7 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetBackup.js +110 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetBackup.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetDataByHash.d.ts +6 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetDataByHash.js +21 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetDataByHash.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetDataByValue.d.ts +14 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetDataByValue.js +25 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbGetDataByValue.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbReadAuditLog.d.ts +7 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbReadAuditLog.js +180 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbReadAuditLog.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByConditions.d.ts +8 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByConditions.js +134 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByConditions.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByHash.d.ts +6 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByHash.js +14 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByHash.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByValue.d.ts +15 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByValue.js +26 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbSearchByValue.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbTransaction.d.ts +8 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbTransaction.js +17 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbTransaction.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbUpdateRecords.d.ts +12 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbUpdateRecords.js +52 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbUpdateRecords.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbUpsertRecords.d.ts +15 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbUpsertRecords.js +56 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbMethods/lmdbUpsertRecords.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBCreateAttributeObject.d.ts +16 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBCreateAttributeObject.js +20 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBCreateAttributeObject.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBDeleteTransactionObject.d.ts +16 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBDeleteTransactionObject.js +22 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBDeleteTransactionObject.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBInsertTransactionObject.d.ts +16 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBInsertTransactionObject.js +21 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBInsertTransactionObject.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBTransactionObject.d.ts +19 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBTransactionObject.js +22 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBTransactionObject.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBUpdateTransactionObject.d.ts +18 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBUpdateTransactionObject.js +23 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBUpdateTransactionObject.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBUpsertTransactionObject.d.ts +18 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBUpsertTransactionObject.js +23 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/LMDBUpsertTransactionObject.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/TableSizeObject.d.ts +21 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/TableSizeObject.js +24 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/TableSizeObject.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/initializeHashSearch.d.ts +7 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/initializeHashSearch.js +19 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/initializeHashSearch.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/initializePaths.d.ts +22 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/initializePaths.js +137 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/initializePaths.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbCheckForNewAttributes.d.ts +9 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbCheckForNewAttributes.js +73 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbCheckForNewAttributes.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbCreateTransactionsAuditEnvironment.d.ts +8 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbCreateTransactionsAuditEnvironment.js +38 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbCreateTransactionsAuditEnvironment.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbGetTableSize.d.ts +8 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbGetTableSize.js +29 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbGetTableSize.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbProcessRows.d.ts +17 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbProcessRows.js +63 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbProcessRows.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbSearch.d.ts +106 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbSearch.js +251 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbSearch.js.map +1 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbWriteTransaction.d.ts +8 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbWriteTransaction.js +66 -0
- package/dist/dataLayer/harperBridge/lmdbBridge/lmdbUtility/lmdbWriteTransaction.js.map +1 -0
- package/dist/dataLayer/hdbInfoController.d.ts +28 -0
- package/dist/dataLayer/hdbInfoController.js +203 -0
- package/dist/dataLayer/hdbInfoController.js.map +1 -0
- package/dist/dataLayer/insert.d.ts +44 -0
- package/dist/dataLayer/insert.js +192 -0
- package/dist/dataLayer/insert.js.map +1 -0
- package/dist/dataLayer/readAuditLog.d.ts +8 -0
- package/dist/dataLayer/readAuditLog.js +37 -0
- package/dist/dataLayer/readAuditLog.js.map +1 -0
- package/dist/dataLayer/schema.d.ts +24 -0
- package/dist/dataLayer/schema.js +225 -0
- package/dist/dataLayer/schema.js.map +1 -0
- package/dist/dataLayer/schemaDescribe.d.ts +26 -0
- package/dist/dataLayer/schemaDescribe.js +265 -0
- package/dist/dataLayer/schemaDescribe.js.map +1 -0
- package/dist/dataLayer/search.d.ts +4 -0
- package/dist/dataLayer/search.js +56 -0
- package/dist/dataLayer/search.js.map +1 -0
- package/dist/dataLayer/transaction.d.ts +8 -0
- package/dist/dataLayer/transaction.js +16 -0
- package/dist/dataLayer/transaction.js.map +1 -0
- package/dist/dataLayer/update.d.ts +15 -0
- package/dist/dataLayer/update.js +107 -0
- package/dist/dataLayer/update.js.map +1 -0
- package/dist/globals.d.ts +7 -0
- package/dist/globals.js +12 -0
- package/dist/globals.js.map +1 -0
- package/dist/index.d.ts +7 -0
- package/dist/index.js +40 -0
- package/dist/index.js.map +1 -0
- package/dist/json/systemSchema.json +373 -0
- package/dist/launchServiceScripts/utility/checkNodeVersion.d.ts +4 -0
- package/dist/launchServiceScripts/utility/checkNodeVersion.js +13 -0
- package/dist/launchServiceScripts/utility/checkNodeVersion.js.map +1 -0
- package/dist/resources/DatabaseTransaction.d.ts +96 -0
- package/dist/resources/DatabaseTransaction.js +354 -0
- package/dist/resources/DatabaseTransaction.js.map +1 -0
- package/dist/resources/ErrorResource.d.ts +26 -0
- package/dist/resources/ErrorResource.js +60 -0
- package/dist/resources/ErrorResource.js.map +1 -0
- package/dist/resources/IterableEventQueue.d.ts +19 -0
- package/dist/resources/IterableEventQueue.js +103 -0
- package/dist/resources/IterableEventQueue.js.map +1 -0
- package/dist/resources/LMDBTransaction.d.ts +43 -0
- package/dist/resources/LMDBTransaction.js +371 -0
- package/dist/resources/LMDBTransaction.js.map +1 -0
- package/dist/resources/RecordEncoder.d.ts +65 -0
- package/dist/resources/RecordEncoder.js +700 -0
- package/dist/resources/RecordEncoder.js.map +1 -0
- package/dist/resources/RequestTarget.d.ts +57 -0
- package/dist/resources/RequestTarget.js +91 -0
- package/dist/resources/RequestTarget.js.map +1 -0
- package/dist/resources/Resource.d.ts +152 -0
- package/dist/resources/Resource.js +727 -0
- package/dist/resources/Resource.js.map +1 -0
- package/dist/resources/ResourceInterface.d.ts +162 -0
- package/dist/resources/ResourceInterface.js +3 -0
- package/dist/resources/ResourceInterface.js.map +1 -0
- package/dist/resources/ResourceInterfaceV2.d.ts +21 -0
- package/dist/resources/ResourceInterfaceV2.js +3 -0
- package/dist/resources/ResourceInterfaceV2.js.map +1 -0
- package/dist/resources/ResourceV2.d.ts +30 -0
- package/dist/resources/ResourceV2.js +27 -0
- package/dist/resources/ResourceV2.js.map +1 -0
- package/dist/resources/Resources.d.ts +36 -0
- package/dist/resources/Resources.js +155 -0
- package/dist/resources/Resources.js.map +1 -0
- package/dist/resources/RocksIndexStore.d.ts +24 -0
- package/dist/resources/RocksIndexStore.js +54 -0
- package/dist/resources/RocksIndexStore.js.map +1 -0
- package/dist/resources/RocksTransactionLogStore.d.ts +60 -0
- package/dist/resources/RocksTransactionLogStore.js +344 -0
- package/dist/resources/RocksTransactionLogStore.js.map +1 -0
- package/dist/resources/Table.d.ts +854 -0
- package/dist/resources/Table.js +4350 -0
- package/dist/resources/Table.js.map +1 -0
- package/dist/resources/analytics/hostnames.d.ts +16 -0
- package/dist/resources/analytics/hostnames.js +72 -0
- package/dist/resources/analytics/hostnames.js.map +1 -0
- package/dist/resources/analytics/metadata.d.ts +9 -0
- package/dist/resources/analytics/metadata.js +12 -0
- package/dist/resources/analytics/metadata.js.map +1 -0
- package/dist/resources/analytics/profile.d.ts +2 -0
- package/dist/resources/analytics/profile.js +144 -0
- package/dist/resources/analytics/profile.js.map +1 -0
- package/dist/resources/analytics/read.d.ts +41 -0
- package/dist/resources/analytics/read.js +189 -0
- package/dist/resources/analytics/read.js.map +1 -0
- package/dist/resources/analytics/write.d.ts +131 -0
- package/dist/resources/analytics/write.js +822 -0
- package/dist/resources/analytics/write.js.map +1 -0
- package/dist/resources/auditStore.d.ts +81 -0
- package/dist/resources/auditStore.js +572 -0
- package/dist/resources/auditStore.js.map +1 -0
- package/dist/resources/blob.d.ts +137 -0
- package/dist/resources/blob.js +1273 -0
- package/dist/resources/blob.js.map +1 -0
- package/dist/resources/crdt.d.ts +19 -0
- package/dist/resources/crdt.js +146 -0
- package/dist/resources/crdt.js.map +1 -0
- package/dist/resources/dataLoader.d.ts +98 -0
- package/dist/resources/dataLoader.js +461 -0
- package/dist/resources/dataLoader.js.map +1 -0
- package/dist/resources/databases.d.ts +131 -0
- package/dist/resources/databases.js +1220 -0
- package/dist/resources/databases.js.map +1 -0
- package/dist/resources/graphql.d.ts +19 -0
- package/dist/resources/graphql.js +223 -0
- package/dist/resources/graphql.js.map +1 -0
- package/dist/resources/indexes/HierarchicalNavigableSmallWorld.d.ts +87 -0
- package/dist/resources/indexes/HierarchicalNavigableSmallWorld.js +598 -0
- package/dist/resources/indexes/HierarchicalNavigableSmallWorld.js.map +1 -0
- package/dist/resources/indexes/customIndexes.d.ts +4 -0
- package/dist/resources/indexes/customIndexes.js +10 -0
- package/dist/resources/indexes/customIndexes.js.map +1 -0
- package/dist/resources/indexes/vector.d.ts +2 -0
- package/dist/resources/indexes/vector.js +40 -0
- package/dist/resources/indexes/vector.js.map +1 -0
- package/dist/resources/jsResource.d.ts +24 -0
- package/dist/resources/jsResource.js +82 -0
- package/dist/resources/jsResource.js.map +1 -0
- package/dist/resources/loadEnv.d.ts +5 -0
- package/dist/resources/loadEnv.js +28 -0
- package/dist/resources/loadEnv.js.map +1 -0
- package/dist/resources/login.d.ts +3 -0
- package/dist/resources/login.js +22 -0
- package/dist/resources/login.js.map +1 -0
- package/dist/resources/openApi.d.ts +27 -0
- package/dist/resources/openApi.js +327 -0
- package/dist/resources/openApi.js.map +1 -0
- package/dist/resources/registrationDeprecated.d.ts +4 -0
- package/dist/resources/registrationDeprecated.js +11 -0
- package/dist/resources/registrationDeprecated.js.map +1 -0
- package/dist/resources/replayLogs.d.ts +2 -0
- package/dist/resources/replayLogs.js +170 -0
- package/dist/resources/replayLogs.js.map +1 -0
- package/dist/resources/roles.d.ts +11 -0
- package/dist/resources/roles.js +102 -0
- package/dist/resources/roles.js.map +1 -0
- package/dist/resources/search.d.ts +39 -0
- package/dist/resources/search.js +1333 -0
- package/dist/resources/search.js.map +1 -0
- package/dist/resources/tracked.d.ts +49 -0
- package/dist/resources/tracked.js +665 -0
- package/dist/resources/tracked.js.map +1 -0
- package/dist/resources/transaction.d.ts +9 -0
- package/dist/resources/transaction.js +89 -0
- package/dist/resources/transaction.js.map +1 -0
- package/dist/resources/transactionBroadcast.d.ts +38 -0
- package/dist/resources/transactionBroadcast.js +263 -0
- package/dist/resources/transactionBroadcast.js.map +1 -0
- package/dist/security/auth.d.ts +9 -0
- package/dist/security/auth.js +408 -0
- package/dist/security/auth.js.map +1 -0
- package/dist/security/certificateVerification/certificateVerificationSource.d.ts +18 -0
- package/dist/security/certificateVerification/certificateVerificationSource.js +78 -0
- package/dist/security/certificateVerification/certificateVerificationSource.js.map +1 -0
- package/dist/security/certificateVerification/configValidation.d.ts +14 -0
- package/dist/security/certificateVerification/configValidation.js +101 -0
- package/dist/security/certificateVerification/configValidation.js.map +1 -0
- package/dist/security/certificateVerification/crlVerification.d.ts +29 -0
- package/dist/security/certificateVerification/crlVerification.js +564 -0
- package/dist/security/certificateVerification/crlVerification.js.map +1 -0
- package/dist/security/certificateVerification/index.d.ts +31 -0
- package/dist/security/certificateVerification/index.js +111 -0
- package/dist/security/certificateVerification/index.js.map +1 -0
- package/dist/security/certificateVerification/ocspVerification.d.ts +23 -0
- package/dist/security/certificateVerification/ocspVerification.js +117 -0
- package/dist/security/certificateVerification/ocspVerification.js.map +1 -0
- package/dist/security/certificateVerification/pkijs-ed25519-patch.d.ts +14 -0
- package/dist/security/certificateVerification/pkijs-ed25519-patch.js +183 -0
- package/dist/security/certificateVerification/pkijs-ed25519-patch.js.map +1 -0
- package/dist/security/certificateVerification/types.d.ts +105 -0
- package/dist/security/certificateVerification/types.js +6 -0
- package/dist/security/certificateVerification/types.js.map +1 -0
- package/dist/security/certificateVerification/verificationConfig.d.ts +29 -0
- package/dist/security/certificateVerification/verificationConfig.js +121 -0
- package/dist/security/certificateVerification/verificationConfig.js.map +1 -0
- package/dist/security/certificateVerification/verificationUtils.d.ts +79 -0
- package/dist/security/certificateVerification/verificationUtils.js +441 -0
- package/dist/security/certificateVerification/verificationUtils.js.map +1 -0
- package/dist/security/cryptoHash.d.ts +2 -0
- package/dist/security/cryptoHash.js +35 -0
- package/dist/security/cryptoHash.js.map +1 -0
- package/dist/security/data_objects/PermissionAttributeResponseObject.d.ts +11 -0
- package/dist/security/data_objects/PermissionAttributeResponseObject.js +14 -0
- package/dist/security/data_objects/PermissionAttributeResponseObject.js.map +1 -0
- package/dist/security/data_objects/PermissionResponseObject.d.ts +57 -0
- package/dist/security/data_objects/PermissionResponseObject.js +105 -0
- package/dist/security/data_objects/PermissionResponseObject.js.map +1 -0
- package/dist/security/data_objects/PermissionTableResponseObject.d.ts +16 -0
- package/dist/security/data_objects/PermissionTableResponseObject.js +19 -0
- package/dist/security/data_objects/PermissionTableResponseObject.js.map +1 -0
- package/dist/security/fastifyAuth.d.ts +2 -0
- package/dist/security/fastifyAuth.js +135 -0
- package/dist/security/fastifyAuth.js.map +1 -0
- package/dist/security/impersonation.d.ts +11 -0
- package/dist/security/impersonation.js +139 -0
- package/dist/security/impersonation.js.map +1 -0
- package/dist/security/jsLoader.d.ts +9 -0
- package/dist/security/jsLoader.js +522 -0
- package/dist/security/jsLoader.js.map +1 -0
- package/dist/security/keys.d.ts +119 -0
- package/dist/security/keys.js +866 -0
- package/dist/security/keys.js.map +1 -0
- package/dist/security/permissionsTranslator.d.ts +9 -0
- package/dist/security/permissionsTranslator.js +269 -0
- package/dist/security/permissionsTranslator.js.map +1 -0
- package/dist/security/role.d.ts +5 -0
- package/dist/security/role.js +160 -0
- package/dist/security/role.js.map +1 -0
- package/dist/security/tokenAuthentication.d.ts +38 -0
- package/dist/security/tokenAuthentication.js +205 -0
- package/dist/security/tokenAuthentication.js.map +1 -0
- package/dist/security/user.d.ts +77 -0
- package/dist/security/user.js +349 -0
- package/dist/security/user.js.map +1 -0
- package/dist/server/DurableSubscriptionsSession.d.ts +74 -0
- package/dist/server/DurableSubscriptionsSession.js +511 -0
- package/dist/server/DurableSubscriptionsSession.js.map +1 -0
- package/dist/server/REST.d.ts +16 -0
- package/dist/server/REST.js +423 -0
- package/dist/server/REST.js.map +1 -0
- package/dist/server/Server.d.ts +62 -0
- package/dist/server/Server.js +27 -0
- package/dist/server/Server.js.map +1 -0
- package/dist/server/fastifyRoutes/helpers/getCORSOptions.d.ts +11 -0
- package/dist/server/fastifyRoutes/helpers/getCORSOptions.js +32 -0
- package/dist/server/fastifyRoutes/helpers/getCORSOptions.js.map +1 -0
- package/dist/server/fastifyRoutes/helpers/getHeaderTimeoutConfig.d.ts +6 -0
- package/dist/server/fastifyRoutes/helpers/getHeaderTimeoutConfig.js +13 -0
- package/dist/server/fastifyRoutes/helpers/getHeaderTimeoutConfig.js.map +1 -0
- package/dist/server/fastifyRoutes/helpers/getServerOptions.d.ts +12 -0
- package/dist/server/fastifyRoutes/helpers/getServerOptions.js +30 -0
- package/dist/server/fastifyRoutes/helpers/getServerOptions.js.map +1 -0
- package/dist/server/fastifyRoutes/plugins/hdbCore.d.ts +2 -0
- package/dist/server/fastifyRoutes/plugins/hdbCore.js +31 -0
- package/dist/server/fastifyRoutes/plugins/hdbCore.js.map +1 -0
- package/dist/server/fastifyRoutes.d.ts +25 -0
- package/dist/server/fastifyRoutes.js +235 -0
- package/dist/server/fastifyRoutes.js.map +1 -0
- package/dist/server/graphqlQuerying.d.ts +1 -0
- package/dist/server/graphqlQuerying.js +630 -0
- package/dist/server/graphqlQuerying.js.map +1 -0
- package/dist/server/http.d.ts +15 -0
- package/dist/server/http.js +650 -0
- package/dist/server/http.js.map +1 -0
- package/dist/server/itc/serverHandlers.d.ts +10 -0
- package/dist/server/itc/serverHandlers.js +153 -0
- package/dist/server/itc/serverHandlers.js.map +1 -0
- package/dist/server/itc/utility/ITCEventObject.d.ts +6 -0
- package/dist/server/itc/utility/ITCEventObject.js +9 -0
- package/dist/server/itc/utility/ITCEventObject.js.map +1 -0
- package/dist/server/jobs/JobObject.d.ts +15 -0
- package/dist/server/jobs/JobObject.js +22 -0
- package/dist/server/jobs/JobObject.js.map +1 -0
- package/dist/server/jobs/jobProcess.d.ts +1 -0
- package/dist/server/jobs/jobProcess.js +66 -0
- package/dist/server/jobs/jobProcess.js.map +1 -0
- package/dist/server/jobs/jobRunner.d.ts +11 -0
- package/dist/server/jobs/jobRunner.js +160 -0
- package/dist/server/jobs/jobRunner.js.map +1 -0
- package/dist/server/jobs/jobs.d.ts +20 -0
- package/dist/server/jobs/jobs.js +267 -0
- package/dist/server/jobs/jobs.js.map +1 -0
- package/dist/server/loadRootComponents.d.ts +5 -0
- package/dist/server/loadRootComponents.js +45 -0
- package/dist/server/loadRootComponents.js.map +1 -0
- package/dist/server/mqtt.d.ts +9 -0
- package/dist/server/mqtt.js +466 -0
- package/dist/server/mqtt.js.map +1 -0
- package/dist/server/nodeName.d.ts +5 -0
- package/dist/server/nodeName.js +84 -0
- package/dist/server/nodeName.js.map +1 -0
- package/dist/server/operationsServer.d.ts +48 -0
- package/dist/server/operationsServer.js +265 -0
- package/dist/server/operationsServer.js.map +1 -0
- package/dist/server/serverHelpers/Headers.d.ts +20 -0
- package/dist/server/serverHelpers/Headers.js +134 -0
- package/dist/server/serverHelpers/Headers.js.map +1 -0
- package/dist/server/serverHelpers/JSONStream.d.ts +14 -0
- package/dist/server/serverHelpers/JSONStream.js +322 -0
- package/dist/server/serverHelpers/JSONStream.js.map +1 -0
- package/dist/server/serverHelpers/OperationFunctionObject.d.ts +9 -0
- package/dist/server/serverHelpers/OperationFunctionObject.js +17 -0
- package/dist/server/serverHelpers/OperationFunctionObject.js.map +1 -0
- package/dist/server/serverHelpers/Request.d.ts +69 -0
- package/dist/server/serverHelpers/Request.js +141 -0
- package/dist/server/serverHelpers/Request.js.map +1 -0
- package/dist/server/serverHelpers/contentTypes.d.ts +57 -0
- package/dist/server/serverHelpers/contentTypes.js +639 -0
- package/dist/server/serverHelpers/contentTypes.js.map +1 -0
- package/dist/server/serverHelpers/requestTimePlugin.d.ts +2 -0
- package/dist/server/serverHelpers/requestTimePlugin.js +56 -0
- package/dist/server/serverHelpers/requestTimePlugin.js.map +1 -0
- package/dist/server/serverHelpers/serverHandlers.d.ts +6 -0
- package/dist/server/serverHelpers/serverHandlers.js +130 -0
- package/dist/server/serverHelpers/serverHandlers.js.map +1 -0
- package/dist/server/serverHelpers/serverUtilities.d.ts +29 -0
- package/dist/server/serverHelpers/serverUtilities.js +356 -0
- package/dist/server/serverHelpers/serverUtilities.js.map +1 -0
- package/dist/server/serverRegistry.d.ts +3 -0
- package/dist/server/serverRegistry.js +11 -0
- package/dist/server/serverRegistry.js.map +1 -0
- package/dist/server/static.d.ts +16 -0
- package/dist/server/static.js +164 -0
- package/dist/server/static.js.map +1 -0
- package/dist/server/status/definitions.d.ts +27 -0
- package/dist/server/status/definitions.js +22 -0
- package/dist/server/status/definitions.js.map +1 -0
- package/dist/server/status/index.d.ts +26 -0
- package/dist/server/status/index.js +89 -0
- package/dist/server/status/index.js.map +1 -0
- package/dist/server/storageReclamation.d.ts +18 -0
- package/dist/server/storageReclamation.js +96 -0
- package/dist/server/storageReclamation.js.map +1 -0
- package/dist/server/threads/itc.d.ts +53 -0
- package/dist/server/threads/itc.js +81 -0
- package/dist/server/threads/itc.js.map +1 -0
- package/dist/server/threads/manageThreads.d.ts +30 -0
- package/dist/server/threads/manageThreads.js +579 -0
- package/dist/server/threads/manageThreads.js.map +1 -0
- package/dist/server/threads/socketRouter.d.ts +6 -0
- package/dist/server/threads/socketRouter.js +395 -0
- package/dist/server/threads/socketRouter.js.map +1 -0
- package/dist/server/threads/threadServer.d.ts +5 -0
- package/dist/server/threads/threadServer.js +288 -0
- package/dist/server/threads/threadServer.js.map +1 -0
- package/dist/server/throttle.d.ts +7 -0
- package/dist/server/throttle.js +71 -0
- package/dist/server/throttle.js.map +1 -0
- package/dist/sqlTranslator/SelectValidator.d.ts +79 -0
- package/dist/sqlTranslator/SelectValidator.js +274 -0
- package/dist/sqlTranslator/SelectValidator.js.map +1 -0
- package/dist/sqlTranslator/alasqlFunctionImporter.d.ts +2 -0
- package/dist/sqlTranslator/alasqlFunctionImporter.js +55 -0
- package/dist/sqlTranslator/alasqlFunctionImporter.js.map +1 -0
- package/dist/sqlTranslator/deleteTranslator.d.ts +2 -0
- package/dist/sqlTranslator/deleteTranslator.js +56 -0
- package/dist/sqlTranslator/deleteTranslator.js.map +1 -0
- package/dist/sqlTranslator/index.d.ts +16 -0
- package/dist/sqlTranslator/index.js +215 -0
- package/dist/sqlTranslator/index.js.map +1 -0
- package/dist/sqlTranslator/sql_statement_bucket.d.ts +46 -0
- package/dist/sqlTranslator/sql_statement_bucket.js +430 -0
- package/dist/sqlTranslator/sql_statement_bucket.js.map +1 -0
- package/dist/upgrade/UpgradeObjects.d.ts +5 -0
- package/dist/upgrade/UpgradeObjects.js +12 -0
- package/dist/upgrade/UpgradeObjects.js.map +1 -0
- package/dist/upgrade/directives/directivesController.d.ts +30 -0
- package/dist/upgrade/directives/directivesController.js +76 -0
- package/dist/upgrade/directives/directivesController.js.map +1 -0
- package/dist/upgrade/directivesManager.d.ts +7 -0
- package/dist/upgrade/directivesManager.js +125 -0
- package/dist/upgrade/directivesManager.js.map +1 -0
- package/dist/upgrade/upgradePrompt.d.ts +13 -0
- package/dist/upgrade/upgradePrompt.js +102 -0
- package/dist/upgrade/upgradePrompt.js.map +1 -0
- package/dist/upgrade/upgradeUtilities.d.ts +10 -0
- package/dist/upgrade/upgradeUtilities.js +26 -0
- package/dist/upgrade/upgradeUtilities.js.map +1 -0
- package/dist/utility/AWS/AWSConnector.d.ts +2 -0
- package/dist/utility/AWS/AWSConnector.js +26 -0
- package/dist/utility/AWS/AWSConnector.js.map +1 -0
- package/dist/utility/OperationFunctionCaller.d.ts +9 -0
- package/dist/utility/OperationFunctionCaller.js +58 -0
- package/dist/utility/OperationFunctionCaller.js.map +1 -0
- package/dist/utility/assignCmdEnvVariables.d.ts +10 -0
- package/dist/utility/assignCmdEnvVariables.js +55 -0
- package/dist/utility/assignCmdEnvVariables.js.map +1 -0
- package/dist/utility/common_utils.d.ts +264 -0
- package/dist/utility/common_utils.js +806 -0
- package/dist/utility/common_utils.js.map +1 -0
- package/dist/utility/environment/environmentManager.d.ts +41 -0
- package/dist/utility/environment/environmentManager.js +179 -0
- package/dist/utility/environment/environmentManager.js.map +1 -0
- package/dist/utility/environment/systemInformation.d.ts +67 -0
- package/dist/utility/environment/systemInformation.js +326 -0
- package/dist/utility/environment/systemInformation.js.map +1 -0
- package/dist/utility/errors/commonErrors.d.ts +171 -0
- package/dist/utility/errors/commonErrors.js +230 -0
- package/dist/utility/errors/commonErrors.js.map +1 -0
- package/dist/utility/errors/hdbError.d.ts +76 -0
- package/dist/utility/errors/hdbError.js +128 -0
- package/dist/utility/errors/hdbError.js.map +1 -0
- package/dist/utility/functions/date/dateFunctions.d.ts +11 -0
- package/dist/utility/functions/date/dateFunctions.js +64 -0
- package/dist/utility/functions/date/dateFunctions.js.map +1 -0
- package/dist/utility/functions/geo.d.ts +74 -0
- package/dist/utility/functions/geo.js +311 -0
- package/dist/utility/functions/geo.js.map +1 -0
- package/dist/utility/functions/sql/alaSQLExtension.d.ts +13 -0
- package/dist/utility/functions/sql/alaSQLExtension.js +96 -0
- package/dist/utility/functions/sql/alaSQLExtension.js.map +1 -0
- package/dist/utility/globalSchema.d.ts +151 -0
- package/dist/utility/globalSchema.js +34 -0
- package/dist/utility/globalSchema.js.map +1 -0
- package/dist/utility/hdbTerms.d.ts +737 -0
- package/dist/utility/hdbTerms.js +756 -0
- package/dist/utility/hdbTerms.js.map +1 -0
- package/dist/utility/install/checkJWTTokensExist.d.ts +5 -0
- package/dist/utility/install/checkJWTTokensExist.js +53 -0
- package/dist/utility/install/checkJWTTokensExist.js.map +1 -0
- package/dist/utility/install/installer.d.ts +17 -0
- package/dist/utility/install/installer.js +569 -0
- package/dist/utility/install/installer.js.map +1 -0
- package/dist/utility/installation.d.ts +12 -0
- package/dist/utility/installation.js +64 -0
- package/dist/utility/installation.js.map +1 -0
- package/dist/utility/lmdb/DBIDefinition.d.ts +16 -0
- package/dist/utility/lmdb/DBIDefinition.js +19 -0
- package/dist/utility/lmdb/DBIDefinition.js.map +1 -0
- package/dist/utility/lmdb/DeleteRecordsResponseObject.d.ts +21 -0
- package/dist/utility/lmdb/DeleteRecordsResponseObject.js +24 -0
- package/dist/utility/lmdb/DeleteRecordsResponseObject.js.map +1 -0
- package/dist/utility/lmdb/InsertRecordsResponseObject.d.ts +18 -0
- package/dist/utility/lmdb/InsertRecordsResponseObject.js +21 -0
- package/dist/utility/lmdb/InsertRecordsResponseObject.js.map +1 -0
- package/dist/utility/lmdb/OpenDBIObject.d.ts +23 -0
- package/dist/utility/lmdb/OpenDBIObject.js +29 -0
- package/dist/utility/lmdb/OpenDBIObject.js.map +1 -0
- package/dist/utility/lmdb/OpenEnvironmentObject.d.ts +22 -0
- package/dist/utility/lmdb/OpenEnvironmentObject.js +40 -0
- package/dist/utility/lmdb/OpenEnvironmentObject.js.map +1 -0
- package/dist/utility/lmdb/UpdateRecordsResponseObject.d.ts +21 -0
- package/dist/utility/lmdb/UpdateRecordsResponseObject.js +24 -0
- package/dist/utility/lmdb/UpdateRecordsResponseObject.js.map +1 -0
- package/dist/utility/lmdb/UpsertRecordsResponseObject.d.ts +18 -0
- package/dist/utility/lmdb/UpsertRecordsResponseObject.js +21 -0
- package/dist/utility/lmdb/UpsertRecordsResponseObject.js.map +1 -0
- package/dist/utility/lmdb/cleanLMDBMap.d.ts +6 -0
- package/dist/utility/lmdb/cleanLMDBMap.js +63 -0
- package/dist/utility/lmdb/cleanLMDBMap.js.map +1 -0
- package/dist/utility/lmdb/commonUtility.d.ts +28 -0
- package/dist/utility/lmdb/commonUtility.js +120 -0
- package/dist/utility/lmdb/commonUtility.js.map +1 -0
- package/dist/utility/lmdb/deleteUtility.d.ts +10 -0
- package/dist/utility/lmdb/deleteUtility.js +115 -0
- package/dist/utility/lmdb/deleteUtility.js.map +1 -0
- package/dist/utility/lmdb/environmentUtility.d.ts +81 -0
- package/dist/utility/lmdb/environmentUtility.js +432 -0
- package/dist/utility/lmdb/environmentUtility.js.map +1 -0
- package/dist/utility/lmdb/searchCursorFunctions.d.ts +93 -0
- package/dist/utility/lmdb/searchCursorFunctions.js +174 -0
- package/dist/utility/lmdb/searchCursorFunctions.js.map +1 -0
- package/dist/utility/lmdb/searchUtility.d.ts +204 -0
- package/dist/utility/lmdb/searchUtility.js +724 -0
- package/dist/utility/lmdb/searchUtility.js.map +1 -0
- package/dist/utility/lmdb/terms.d.ts +34 -0
- package/dist/utility/lmdb/terms.js +52 -0
- package/dist/utility/lmdb/terms.js.map +1 -0
- package/dist/utility/lmdb/writeUtility.d.ts +32 -0
- package/dist/utility/lmdb/writeUtility.js +360 -0
- package/dist/utility/lmdb/writeUtility.js.map +1 -0
- package/dist/utility/logging/harper_logger.d.ts +141 -0
- package/dist/utility/logging/harper_logger.js +862 -0
- package/dist/utility/logging/harper_logger.js.map +1 -0
- package/dist/utility/logging/logRotator.d.ts +19 -0
- package/dist/utility/logging/logRotator.js +146 -0
- package/dist/utility/logging/logRotator.js.map +1 -0
- package/dist/utility/logging/logger.d.ts +11 -0
- package/dist/utility/logging/logger.js +19 -0
- package/dist/utility/logging/logger.js.map +1 -0
- package/dist/utility/logging/readLog.d.ts +8 -0
- package/dist/utility/logging/readLog.js +339 -0
- package/dist/utility/logging/readLog.js.map +1 -0
- package/dist/utility/logging/transactionLog.d.ts +8 -0
- package/dist/utility/logging/transactionLog.js +46 -0
- package/dist/utility/logging/transactionLog.js.map +1 -0
- package/dist/utility/mount_hdb.d.ts +2 -0
- package/dist/utility/mount_hdb.js +51 -0
- package/dist/utility/mount_hdb.js.map +1 -0
- package/dist/utility/npmUtilities.d.ts +6 -0
- package/dist/utility/npmUtilities.js +91 -0
- package/dist/utility/npmUtilities.js.map +1 -0
- package/dist/utility/operationPermissions.d.ts +36 -0
- package/dist/utility/operationPermissions.js +116 -0
- package/dist/utility/operationPermissions.js.map +1 -0
- package/dist/utility/operation_authorization.d.ts +18 -0
- package/dist/utility/operation_authorization.js +667 -0
- package/dist/utility/operation_authorization.js.map +1 -0
- package/dist/utility/packageUtils.d.ts +9 -0
- package/dist/utility/packageUtils.js +52 -0
- package/dist/utility/packageUtils.js.map +1 -0
- package/dist/utility/password.d.ts +20 -0
- package/dist/utility/password.js +119 -0
- package/dist/utility/password.js.map +1 -0
- package/dist/utility/processManagement/processManagement.d.ts +35 -0
- package/dist/utility/processManagement/processManagement.js +188 -0
- package/dist/utility/processManagement/processManagement.js.map +1 -0
- package/dist/utility/processManagement/servicesConfig.d.ts +29 -0
- package/dist/utility/processManagement/servicesConfig.js +52 -0
- package/dist/utility/processManagement/servicesConfig.js.map +1 -0
- package/dist/utility/scripts/restartHdb.d.ts +1 -0
- package/dist/utility/scripts/restartHdb.js +23 -0
- package/dist/utility/scripts/restartHdb.js.map +1 -0
- package/dist/utility/signalling.d.ts +2 -0
- package/dist/utility/signalling.js +35 -0
- package/dist/utility/signalling.js.map +1 -0
- package/dist/utility/terms/certificates.d.ts +46 -0
- package/dist/utility/terms/certificates.js +65 -0
- package/dist/utility/terms/certificates.js.map +1 -0
- package/dist/utility/when.d.ts +3 -0
- package/dist/utility/when.js +18 -0
- package/dist/utility/when.js.map +1 -0
- package/dist/validation/bulkDeleteValidator.d.ts +2 -0
- package/dist/validation/bulkDeleteValidator.js +21 -0
- package/dist/validation/bulkDeleteValidator.js.map +1 -0
- package/dist/validation/check_permissions.d.ts +2 -0
- package/dist/validation/check_permissions.js +20 -0
- package/dist/validation/check_permissions.js.map +1 -0
- package/dist/validation/common_validators.d.ts +19 -0
- package/dist/validation/common_validators.js +76 -0
- package/dist/validation/common_validators.js.map +1 -0
- package/dist/validation/configValidator.d.ts +8 -0
- package/dist/validation/configValidator.js +292 -0
- package/dist/validation/configValidator.js.map +1 -0
- package/dist/validation/deleteValidator.d.ts +2 -0
- package/dist/validation/deleteValidator.js +15 -0
- package/dist/validation/deleteValidator.js.map +1 -0
- package/dist/validation/fileLoadValidator.d.ts +4 -0
- package/dist/validation/fileLoadValidator.js +138 -0
- package/dist/validation/fileLoadValidator.js.map +1 -0
- package/dist/validation/insertValidator.d.ts +2 -0
- package/dist/validation/insertValidator.js +38 -0
- package/dist/validation/insertValidator.js.map +1 -0
- package/dist/validation/installValidator.d.ts +7 -0
- package/dist/validation/installValidator.js +28 -0
- package/dist/validation/installValidator.js.map +1 -0
- package/dist/validation/readLogValidator.d.ts +2 -0
- package/dist/validation/readLogValidator.js +48 -0
- package/dist/validation/readLogValidator.js.map +1 -0
- package/dist/validation/role_validation.d.ts +3 -0
- package/dist/validation/role_validation.js +284 -0
- package/dist/validation/role_validation.js.map +1 -0
- package/dist/validation/schemaMetadataValidator.d.ts +16 -0
- package/dist/validation/schemaMetadataValidator.js +38 -0
- package/dist/validation/schemaMetadataValidator.js.map +1 -0
- package/dist/validation/searchValidator.d.ts +2 -0
- package/dist/validation/searchValidator.js +141 -0
- package/dist/validation/searchValidator.js.map +1 -0
- package/dist/validation/statusValidator.d.ts +19 -0
- package/dist/validation/statusValidator.js +95 -0
- package/dist/validation/statusValidator.js.map +1 -0
- package/dist/validation/transactionLogValidator.d.ts +2 -0
- package/dist/validation/transactionLogValidator.js +28 -0
- package/dist/validation/transactionLogValidator.js.map +1 -0
- package/dist/validation/user_validation.d.ts +3 -0
- package/dist/validation/user_validation.js +52 -0
- package/dist/validation/user_validation.js.map +1 -0
- package/dist/validation/validationWrapper.d.ts +15 -0
- package/dist/validation/validationWrapper.js +95 -0
- package/dist/validation/validationWrapper.js.map +1 -0
- package/package.json +225 -0
- package/static/README.md +13 -0
- package/static/ascii_logo.txt +21 -0
- package/static/defaultConfig.yaml +75 -0
|
@@ -0,0 +1,866 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
const path = require('path');
|
|
3
|
+
const { watch } = require('chokidar');
|
|
4
|
+
const fs = require('fs-extra');
|
|
5
|
+
const forge = require('node-forge');
|
|
6
|
+
const net = require('net');
|
|
7
|
+
let { generateKeyPair, X509Certificate, createPrivateKey, randomBytes } = require('node:crypto');
|
|
8
|
+
const util = require('util');
|
|
9
|
+
generateKeyPair = util.promisify(generateKeyPair);
|
|
10
|
+
const pki = forge.pki;
|
|
11
|
+
const { v4: uuidv4 } = require('uuid');
|
|
12
|
+
const { forComponent } = require('../utility/logging/harper_logger.js');
|
|
13
|
+
const envManager = require('../utility/environment/environmentManager.js');
|
|
14
|
+
const hdbTerms = require("../utility/hdbTerms.js");
|
|
15
|
+
const { CONFIG_PARAMS } = hdbTerms;
|
|
16
|
+
const certificatesTerms = require('../utility/terms/certificates.js');
|
|
17
|
+
const tls = require('node:tls');
|
|
18
|
+
const { relative, join } = require('node:path');
|
|
19
|
+
const { CERTIFICATE_VALUES } = certificatesTerms;
|
|
20
|
+
const assignCmdenvVars = require('../utility/assignCmdEnvVariables.js');
|
|
21
|
+
const configUtils = require('../config/configUtils.js');
|
|
22
|
+
const { table, getDatabases, databases } = require("../resources/databases.js");
|
|
23
|
+
const logger = forComponent('tls').conditional;
|
|
24
|
+
const { getThisNodeName, getThisNodeUrl, urlToNodeName, clearThisNodeName } = require("../server/nodeName.js");
|
|
25
|
+
exports.generateKeys = generateKeys;
|
|
26
|
+
exports.updateConfigCert = updateConfigCert;
|
|
27
|
+
exports.setCertTable = setCertTable;
|
|
28
|
+
exports.getCertTable = getCertTable;
|
|
29
|
+
exports.loadCertificates = loadCertificates;
|
|
30
|
+
exports.reviewSelfSignedCert = reviewSelfSignedCert;
|
|
31
|
+
exports.createTLSSelector = createTLSSelector;
|
|
32
|
+
exports.listCertificates = listCertificates;
|
|
33
|
+
exports.generateCertsKeys = generateCertsKeys;
|
|
34
|
+
exports.getReplicationCert = getReplicationCert;
|
|
35
|
+
exports.getReplicationCertAuth = getReplicationCertAuth;
|
|
36
|
+
exports.renewSelfSigned = renewSelfSigned;
|
|
37
|
+
exports.hostnamesFromCert = hostnamesFromCert;
|
|
38
|
+
exports.getHostnamesFromCertificate = getHostnamesFromCertificate;
|
|
39
|
+
exports.getPrimaryHostName = getPrimaryHostName;
|
|
40
|
+
exports.generateSerialNumber = generateSerialNumber;
|
|
41
|
+
exports.getPrivateKeys = () => privateKeys;
|
|
42
|
+
exports.getCertAuthority = getCertAuthority;
|
|
43
|
+
exports.certExtensions = certExtensions;
|
|
44
|
+
exports.getCommonName = getCommonName;
|
|
45
|
+
const { readFileSync, statSync } = require('node:fs');
|
|
46
|
+
const { getTicketKeys, onMessageFromWorkers } = require('../server/threads/manageThreads.js');
|
|
47
|
+
const { isMainThread } = require('worker_threads');
|
|
48
|
+
const { TLSSocket } = require('node:tls');
|
|
49
|
+
const CERT_VALIDITY_DAYS = 3650;
|
|
50
|
+
const CERT_DOMAINS = ['127.0.0.1', 'localhost', '::1'];
|
|
51
|
+
const CERT_ATTRIBUTES = [
|
|
52
|
+
{ name: 'countryName', value: 'USA' },
|
|
53
|
+
{ name: 'stateOrProvinceName', value: 'Colorado' },
|
|
54
|
+
{ name: 'localityName', value: 'Denver' },
|
|
55
|
+
{ name: 'organizationName', value: 'HarperDB, Inc.' },
|
|
56
|
+
];
|
|
57
|
+
exports.CERT_ATTRIBUTES = CERT_ATTRIBUTES;
|
|
58
|
+
/**
|
|
59
|
+
* Generates a cryptographically secure serial number for X.509 certificates.
|
|
60
|
+
*
|
|
61
|
+
* Returns a hex string as expected by node-forge. Ensures the high bit is cleared
|
|
62
|
+
* to create a positive ASN.1 INTEGER per RFC 5280 requirements.
|
|
63
|
+
*
|
|
64
|
+
* @returns {string} 16-character hex string
|
|
65
|
+
*/
|
|
66
|
+
function generateSerialNumber() {
|
|
67
|
+
const bytes = randomBytes(8);
|
|
68
|
+
bytes[0] = (bytes[0] & 0x7f) | 0x01; // Clear high bit with bitmask 0x7F (01111111) and ensure that it is non-zero
|
|
69
|
+
return bytes.toString('hex');
|
|
70
|
+
}
|
|
71
|
+
onMessageFromWorkers(async (message) => {
|
|
72
|
+
if (message.type === hdbTerms.ITC_EVENT_TYPES.RESTART) {
|
|
73
|
+
envManager.initSync(true);
|
|
74
|
+
// This will also call loadCertificates
|
|
75
|
+
await reviewSelfSignedCert();
|
|
76
|
+
}
|
|
77
|
+
});
|
|
78
|
+
let certificateTable;
|
|
79
|
+
function getCertTable() {
|
|
80
|
+
if (!certificateTable) {
|
|
81
|
+
certificateTable = getDatabases()['system']['hdb_certificate'];
|
|
82
|
+
if (!certificateTable) {
|
|
83
|
+
certificateTable = table({
|
|
84
|
+
table: 'hdb_certificate',
|
|
85
|
+
database: 'system',
|
|
86
|
+
attributes: [
|
|
87
|
+
{
|
|
88
|
+
name: 'name',
|
|
89
|
+
isPrimaryKey: true,
|
|
90
|
+
},
|
|
91
|
+
{
|
|
92
|
+
attribute: 'uses',
|
|
93
|
+
},
|
|
94
|
+
{
|
|
95
|
+
attribute: 'certificate',
|
|
96
|
+
},
|
|
97
|
+
{
|
|
98
|
+
attribute: 'is_authority',
|
|
99
|
+
},
|
|
100
|
+
{
|
|
101
|
+
attribute: 'private_key_name',
|
|
102
|
+
},
|
|
103
|
+
{
|
|
104
|
+
attribute: 'details',
|
|
105
|
+
},
|
|
106
|
+
{
|
|
107
|
+
attribute: 'is_self_signed',
|
|
108
|
+
},
|
|
109
|
+
{
|
|
110
|
+
attribute: '__updatedtime__',
|
|
111
|
+
},
|
|
112
|
+
],
|
|
113
|
+
});
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
return certificateTable;
|
|
117
|
+
}
|
|
118
|
+
async function getReplicationCert() {
|
|
119
|
+
const SNICallback = createTLSSelector('operations-api');
|
|
120
|
+
const secureTarget = {
|
|
121
|
+
secureContexts: null,
|
|
122
|
+
setSecureContext: (_ctx) => { },
|
|
123
|
+
};
|
|
124
|
+
await SNICallback.initialize(secureTarget);
|
|
125
|
+
const cert = secureTarget.secureContexts.get(getThisNodeName());
|
|
126
|
+
if (!cert)
|
|
127
|
+
return;
|
|
128
|
+
const certParsed = new X509Certificate(cert.options.cert);
|
|
129
|
+
cert.cert_parsed = certParsed;
|
|
130
|
+
cert.issuer = certParsed.issuer;
|
|
131
|
+
return cert;
|
|
132
|
+
}
|
|
133
|
+
async function getReplicationCertAuth() {
|
|
134
|
+
getCertTable();
|
|
135
|
+
const certPem = (await getReplicationCert()).options.cert;
|
|
136
|
+
const repCert = new X509Certificate(certPem);
|
|
137
|
+
const caName = repCert.issuer.match(/CN=(.*)/)?.[1];
|
|
138
|
+
return certificateTable.get(caName);
|
|
139
|
+
}
|
|
140
|
+
let configuredCertsLoaded;
|
|
141
|
+
const privateKeys = new Map();
|
|
142
|
+
/**
|
|
143
|
+
* This is responsible for loading any certificates that are in the harperdb-config.yaml file and putting them into the hdbCertificate table.
|
|
144
|
+
* @return {*}
|
|
145
|
+
*/
|
|
146
|
+
function loadCertificates() {
|
|
147
|
+
if (configuredCertsLoaded)
|
|
148
|
+
return;
|
|
149
|
+
configuredCertsLoaded = true;
|
|
150
|
+
// these are the sections of the config to check
|
|
151
|
+
const CERTIFICATE_CONFIGS = [{ configKey: CONFIG_PARAMS.TLS }, { configKey: CONFIG_PARAMS.OPERATIONSAPI_TLS }];
|
|
152
|
+
getCertTable();
|
|
153
|
+
const rootPath = path.dirname(configUtils.getConfigFilePath());
|
|
154
|
+
let promise;
|
|
155
|
+
for (let { configKey } of CERTIFICATE_CONFIGS) {
|
|
156
|
+
let configs = configUtils.getConfigFromFile(configKey);
|
|
157
|
+
if (configs) {
|
|
158
|
+
// the configs can be an array, so normalize to an array
|
|
159
|
+
if (!Array.isArray(configs)) {
|
|
160
|
+
configs = [configs];
|
|
161
|
+
}
|
|
162
|
+
for (let config of configs) {
|
|
163
|
+
const privateKeyPath = config.privateKey;
|
|
164
|
+
// need to relativize the paths so they aren't exposed
|
|
165
|
+
let private_key_name = privateKeyPath && relative(join(rootPath, 'keys'), privateKeyPath);
|
|
166
|
+
if (private_key_name) {
|
|
167
|
+
loadAndWatch(privateKeyPath, (private_key) => {
|
|
168
|
+
privateKeys.set(private_key_name, private_key);
|
|
169
|
+
}, 'private key');
|
|
170
|
+
}
|
|
171
|
+
for (let ca of [false, true]) {
|
|
172
|
+
let path = config[ca ? 'certificateAuthority' : 'certificate'];
|
|
173
|
+
if (path && isMainThread) {
|
|
174
|
+
loadAndWatch(path, (certificate) => {
|
|
175
|
+
if (CERTIFICATE_VALUES.cert === certificate) {
|
|
176
|
+
// this is the compromised Harper certificate authority, and we do not even want to bother to
|
|
177
|
+
// load it or tempted to use it anywhere
|
|
178
|
+
return;
|
|
179
|
+
}
|
|
180
|
+
let hostnames = config.hostname ?? config.hostnames ?? config.host ?? config.hosts;
|
|
181
|
+
if (hostnames && !Array.isArray(hostnames))
|
|
182
|
+
hostnames = [hostnames];
|
|
183
|
+
const certificatePem = readPEM(path);
|
|
184
|
+
const x509Cert = new X509Certificate(certificatePem);
|
|
185
|
+
let certCn;
|
|
186
|
+
try {
|
|
187
|
+
certCn = getPrimaryHostName(x509Cert);
|
|
188
|
+
}
|
|
189
|
+
catch (err) {
|
|
190
|
+
logger.error?.('error extracting host name from certificate', err);
|
|
191
|
+
return;
|
|
192
|
+
}
|
|
193
|
+
if (certCn == null) {
|
|
194
|
+
logger.error?.('No host name found on certificate');
|
|
195
|
+
return;
|
|
196
|
+
}
|
|
197
|
+
// Check if cert issued by compromised Harper certificate authority, if it is, do not load it
|
|
198
|
+
if (x509Cert.checkIssued(new X509Certificate(CERTIFICATE_VALUES.cert)))
|
|
199
|
+
return;
|
|
200
|
+
// If a record already exists for cert check to see who is newer, cert record or cert file.
|
|
201
|
+
// If cert file is newer, add it to table
|
|
202
|
+
const certRecord = certificateTable.primaryStore.get(certCn);
|
|
203
|
+
let fileTimestamp = statSync(path).mtimeMs;
|
|
204
|
+
let recordTimestamp = !certRecord || certRecord.is_self_signed
|
|
205
|
+
? 1
|
|
206
|
+
: (certRecord.file_timestamp ?? certRecord.__updatedtime__);
|
|
207
|
+
if (certRecord && fileTimestamp <= recordTimestamp) {
|
|
208
|
+
if (fileTimestamp < recordTimestamp)
|
|
209
|
+
logger.info?.(`Certificate ${certCn} at ${path} is older (${new Date(fileTimestamp)}) than the certificate in the database (${recordTimestamp > 1 ? new Date(recordTimestamp) : 'only self signed certificate available'})`);
|
|
210
|
+
return;
|
|
211
|
+
}
|
|
212
|
+
promise = certificateTable.put({
|
|
213
|
+
name: certCn,
|
|
214
|
+
uses: ['https', ...(configKey.includes('operations') ? ['operations'] : [])],
|
|
215
|
+
ciphers: config.ciphers,
|
|
216
|
+
certificate: certificatePem,
|
|
217
|
+
private_key_name,
|
|
218
|
+
is_authority: ca,
|
|
219
|
+
hostnames,
|
|
220
|
+
fileTimestamp,
|
|
221
|
+
details: {
|
|
222
|
+
issuer: x509Cert.issuer.replace(/\n/g, ' '),
|
|
223
|
+
subject: x509Cert.subject?.replace(/\n/g, ' '),
|
|
224
|
+
subject_alt_name: x509Cert.subjectAltName,
|
|
225
|
+
serial_number: x509Cert.serialNumber,
|
|
226
|
+
valid_from: x509Cert.validFrom,
|
|
227
|
+
valid_to: x509Cert.validTo,
|
|
228
|
+
},
|
|
229
|
+
});
|
|
230
|
+
}, ca ? 'certificate authority' : 'certificate');
|
|
231
|
+
}
|
|
232
|
+
}
|
|
233
|
+
}
|
|
234
|
+
}
|
|
235
|
+
}
|
|
236
|
+
return promise;
|
|
237
|
+
}
|
|
238
|
+
/**
|
|
239
|
+
* Load the certificate file and watch for changes and reload with any changes
|
|
240
|
+
* @param path
|
|
241
|
+
* @param loadCert
|
|
242
|
+
* @param type
|
|
243
|
+
*/
|
|
244
|
+
function loadAndWatch(path, loadCert, type) {
|
|
245
|
+
let lastModified;
|
|
246
|
+
const loadFile = (path, stats) => {
|
|
247
|
+
try {
|
|
248
|
+
let modified = stats.mtimeMs;
|
|
249
|
+
if (modified && modified !== lastModified) {
|
|
250
|
+
if (lastModified && isMainThread)
|
|
251
|
+
logger.warn?.(`Reloading ${type}:`, path);
|
|
252
|
+
lastModified = modified;
|
|
253
|
+
loadCert(readPEM(path));
|
|
254
|
+
}
|
|
255
|
+
}
|
|
256
|
+
catch (error) {
|
|
257
|
+
logger.error?.(`Error loading ${type}:`, path, error);
|
|
258
|
+
}
|
|
259
|
+
};
|
|
260
|
+
if (fs.existsSync(path))
|
|
261
|
+
loadFile(path, statSync(path));
|
|
262
|
+
else
|
|
263
|
+
logger.error?.(`${type} file not found:`, path);
|
|
264
|
+
watch(path, { persistent: false }).on('change', loadFile);
|
|
265
|
+
}
|
|
266
|
+
function getHost() {
|
|
267
|
+
let url = getThisNodeUrl();
|
|
268
|
+
if (url == null) {
|
|
269
|
+
const host = CERT_DOMAINS[0];
|
|
270
|
+
logger.info?.('node url is missing from harperdb-config.yaml, using default host' + host);
|
|
271
|
+
return host;
|
|
272
|
+
}
|
|
273
|
+
return urlToNodeName(url);
|
|
274
|
+
}
|
|
275
|
+
function getCommonName() {
|
|
276
|
+
let node_name = getThisNodeName();
|
|
277
|
+
if (node_name == null) {
|
|
278
|
+
const host = CERT_DOMAINS[0];
|
|
279
|
+
logger.info?.('replication url is missing from harperdb-config.yaml, using default host' + host);
|
|
280
|
+
return host;
|
|
281
|
+
}
|
|
282
|
+
return node_name;
|
|
283
|
+
}
|
|
284
|
+
function certExtensions() {
|
|
285
|
+
const altName = CERT_DOMAINS.includes(getCommonName()) ? CERT_DOMAINS : [...CERT_DOMAINS, getCommonName()];
|
|
286
|
+
if (!altName.includes(getHost()))
|
|
287
|
+
altName.push(getHost());
|
|
288
|
+
return [
|
|
289
|
+
{
|
|
290
|
+
name: 'basicConstraints',
|
|
291
|
+
cA: false,
|
|
292
|
+
critical: true,
|
|
293
|
+
},
|
|
294
|
+
{
|
|
295
|
+
name: 'keyUsage',
|
|
296
|
+
digitalSignature: true,
|
|
297
|
+
keyEncipherment: true,
|
|
298
|
+
critical: true,
|
|
299
|
+
},
|
|
300
|
+
{
|
|
301
|
+
name: 'extKeyUsage',
|
|
302
|
+
serverAuth: true,
|
|
303
|
+
clientAuth: true,
|
|
304
|
+
},
|
|
305
|
+
{
|
|
306
|
+
name: 'nsCertType',
|
|
307
|
+
client: true,
|
|
308
|
+
server: true,
|
|
309
|
+
},
|
|
310
|
+
{
|
|
311
|
+
name: 'subjectAltName',
|
|
312
|
+
altNames: altName.map((domain) => {
|
|
313
|
+
// types https://git.io/fptng
|
|
314
|
+
if (net.isIP(domain)) {
|
|
315
|
+
return { type: 7, ip: domain };
|
|
316
|
+
}
|
|
317
|
+
return { type: 2, value: domain };
|
|
318
|
+
}),
|
|
319
|
+
},
|
|
320
|
+
];
|
|
321
|
+
}
|
|
322
|
+
async function createCertificateTable(cert, caCert) {
|
|
323
|
+
await setCertTable({
|
|
324
|
+
name: getThisNodeName(),
|
|
325
|
+
uses: ['https', 'wss'],
|
|
326
|
+
certificate: cert,
|
|
327
|
+
private_key_name: 'privateKey.pem',
|
|
328
|
+
is_authority: false,
|
|
329
|
+
is_self_signed: true,
|
|
330
|
+
});
|
|
331
|
+
await setCertTable({
|
|
332
|
+
name: caCert.subject.getField('CN').value,
|
|
333
|
+
uses: ['https', 'wss'],
|
|
334
|
+
certificate: pki.certificateToPem(caCert),
|
|
335
|
+
private_key_name: 'privateKey.pem',
|
|
336
|
+
is_authority: true,
|
|
337
|
+
is_self_signed: true,
|
|
338
|
+
});
|
|
339
|
+
}
|
|
340
|
+
async function setCertTable(certRecord) {
|
|
341
|
+
let cert;
|
|
342
|
+
try {
|
|
343
|
+
cert = new X509Certificate(certRecord.certificate);
|
|
344
|
+
}
|
|
345
|
+
catch (error) {
|
|
346
|
+
// Log the specific error for debugging
|
|
347
|
+
logger.error?.(`Failed to parse certificate for ${certRecord.name}:`, error.message);
|
|
348
|
+
// Log the certRecord for context
|
|
349
|
+
logger.debug?.(`Certificate record details:`, JSON.stringify(certRecord, null, 2));
|
|
350
|
+
// Throw a more descriptive error
|
|
351
|
+
const certError = new Error(`Invalid certificate format for ${certRecord.name}: ${error.message}. ` +
|
|
352
|
+
`This may be due to corrupted certificate data during transfer or encoding issues.`);
|
|
353
|
+
certError.code = 'INVALID_CERTIFICATE_FORMAT';
|
|
354
|
+
certError.cause = error;
|
|
355
|
+
throw certError;
|
|
356
|
+
}
|
|
357
|
+
certRecord.details = {
|
|
358
|
+
issuer: cert.issuer.replace(/\n/g, ' '),
|
|
359
|
+
subject: cert.subject?.replace(/\n/g, ' '),
|
|
360
|
+
subject_alt_name: cert.subjectAltName,
|
|
361
|
+
serial_number: cert.serialNumber,
|
|
362
|
+
valid_from: cert.validFrom,
|
|
363
|
+
valid_to: cert.validTo,
|
|
364
|
+
};
|
|
365
|
+
getCertTable();
|
|
366
|
+
await certificateTable.patch(certRecord);
|
|
367
|
+
}
|
|
368
|
+
async function generateKeys() {
|
|
369
|
+
const keys = await generateKeyPair('rsa', {
|
|
370
|
+
modulusLength: 4096,
|
|
371
|
+
publicKeyEncoding: {
|
|
372
|
+
type: 'spki',
|
|
373
|
+
format: 'pem',
|
|
374
|
+
},
|
|
375
|
+
privateKeyEncoding: {
|
|
376
|
+
type: 'pkcs8',
|
|
377
|
+
format: 'pem',
|
|
378
|
+
},
|
|
379
|
+
});
|
|
380
|
+
return {
|
|
381
|
+
publicKey: pki.publicKeyFromPem(keys.publicKey),
|
|
382
|
+
privateKey: pki.privateKeyFromPem(keys.privateKey),
|
|
383
|
+
};
|
|
384
|
+
}
|
|
385
|
+
//https://www.openssl.org/docs/manmaster/man5/x509v3Config.html
|
|
386
|
+
async function generateCertificates(caPrivateKey, publicKey, caCert) {
|
|
387
|
+
const publicCert = pki.createCertificate();
|
|
388
|
+
if (!publicKey) {
|
|
389
|
+
const repCert = await getReplicationCert();
|
|
390
|
+
const opsCert = pki.certificateFromPem(repCert.options.cert);
|
|
391
|
+
publicKey = opsCert.publicKey;
|
|
392
|
+
}
|
|
393
|
+
publicCert.publicKey = publicKey;
|
|
394
|
+
publicCert.serialNumber = generateSerialNumber();
|
|
395
|
+
publicCert.validity.notBefore = new Date();
|
|
396
|
+
const notAfter = new Date();
|
|
397
|
+
publicCert.validity.notAfter = notAfter;
|
|
398
|
+
publicCert.validity.notAfter.setDate(notAfter.getDate() + CERT_VALIDITY_DAYS);
|
|
399
|
+
const subject = [
|
|
400
|
+
{
|
|
401
|
+
name: 'commonName',
|
|
402
|
+
value: getCommonName(),
|
|
403
|
+
},
|
|
404
|
+
...CERT_ATTRIBUTES,
|
|
405
|
+
];
|
|
406
|
+
publicCert.setSubject(subject);
|
|
407
|
+
publicCert.setIssuer(caCert.subject.attributes);
|
|
408
|
+
publicCert.setExtensions(certExtensions());
|
|
409
|
+
publicCert.sign(caPrivateKey, forge.md.sha256.create());
|
|
410
|
+
return pki.certificateToPem(publicCert);
|
|
411
|
+
}
|
|
412
|
+
async function getCertAuthority() {
|
|
413
|
+
const allCerts = await listCertificates();
|
|
414
|
+
let match;
|
|
415
|
+
for (let cert of allCerts) {
|
|
416
|
+
if (!cert.is_authority)
|
|
417
|
+
continue;
|
|
418
|
+
const matchingPrivateKey = await getPrivateKeyByName(cert.private_key_name);
|
|
419
|
+
if (cert.private_key_name && matchingPrivateKey) {
|
|
420
|
+
const keyCheck = new X509Certificate(cert.certificate).checkPrivateKey(createPrivateKey(matchingPrivateKey));
|
|
421
|
+
if (keyCheck) {
|
|
422
|
+
logger.trace?.(`CA named: ${cert.name} found with matching private key`);
|
|
423
|
+
match = { ca: cert, private_key: matchingPrivateKey };
|
|
424
|
+
break;
|
|
425
|
+
}
|
|
426
|
+
}
|
|
427
|
+
}
|
|
428
|
+
if (match)
|
|
429
|
+
return match;
|
|
430
|
+
logger.trace?.('No CA found with matching private key');
|
|
431
|
+
}
|
|
432
|
+
async function generateCertAuthority(private_key, publicKey, writeKey = true) {
|
|
433
|
+
const caCert = pki.createCertificate();
|
|
434
|
+
caCert.publicKey = publicKey;
|
|
435
|
+
caCert.serialNumber = generateSerialNumber();
|
|
436
|
+
caCert.validity.notBefore = new Date();
|
|
437
|
+
const notAfter = new Date();
|
|
438
|
+
caCert.validity.notAfter = notAfter;
|
|
439
|
+
caCert.validity.notAfter.setDate(notAfter.getDate() + CERT_VALIDITY_DAYS);
|
|
440
|
+
const subject = [
|
|
441
|
+
{
|
|
442
|
+
name: 'commonName',
|
|
443
|
+
value: `Harper-Certificate-Authority-${envManager.get(CONFIG_PARAMS.NODE_HOSTNAME) ?? uuidv4().split('-')[0]}`,
|
|
444
|
+
},
|
|
445
|
+
...CERT_ATTRIBUTES,
|
|
446
|
+
];
|
|
447
|
+
caCert.setSubject(subject);
|
|
448
|
+
caCert.setIssuer(subject);
|
|
449
|
+
caCert.setExtensions([
|
|
450
|
+
{ name: 'basicConstraints', cA: true, critical: true },
|
|
451
|
+
{ name: 'keyUsage', keyCertSign: true, critical: true },
|
|
452
|
+
// Subject Key Identifier is required for OCSP validation - helps OCSP responders
|
|
453
|
+
// efficiently identify certificates in the chain and match them to their issuing CAs
|
|
454
|
+
{ name: 'subjectKeyIdentifier' },
|
|
455
|
+
]);
|
|
456
|
+
caCert.sign(private_key, forge.md.sha256.create());
|
|
457
|
+
const keysPath = path.join(envManager.getHdbBasePath(), hdbTerms.LICENSE_KEY_DIR_NAME);
|
|
458
|
+
const privatePath = path.join(keysPath, certificatesTerms.PRIVATEKEY_PEM_NAME);
|
|
459
|
+
if (writeKey) {
|
|
460
|
+
await fs.writeFile(privatePath, pki.privateKeyToPem(private_key));
|
|
461
|
+
}
|
|
462
|
+
return caCert;
|
|
463
|
+
}
|
|
464
|
+
async function generateCertsKeys() {
|
|
465
|
+
const { privateKey, publicKey } = await generateKeys();
|
|
466
|
+
const caCert = await generateCertAuthority(privateKey, publicKey);
|
|
467
|
+
const publicCert = await generateCertificates(privateKey, publicKey, caCert);
|
|
468
|
+
await createCertificateTable(publicCert, caCert);
|
|
469
|
+
updateConfigCert();
|
|
470
|
+
}
|
|
471
|
+
/**
|
|
472
|
+
* Delete any existing self-signed certs (including CA) and create new ones
|
|
473
|
+
* @returns {Promise<void>}
|
|
474
|
+
*/
|
|
475
|
+
async function renewSelfSigned() {
|
|
476
|
+
getCertTable();
|
|
477
|
+
for await (const cert of certificateTable.search([{ attribute: 'is_self_signed', value: true }])) {
|
|
478
|
+
await certificateTable.delete(cert.name);
|
|
479
|
+
}
|
|
480
|
+
await reviewSelfSignedCert();
|
|
481
|
+
}
|
|
482
|
+
async function reviewSelfSignedCert() {
|
|
483
|
+
// Clear any cached node name var
|
|
484
|
+
clearThisNodeName();
|
|
485
|
+
await loadCertificates();
|
|
486
|
+
getCertTable();
|
|
487
|
+
let caAndKey = await getCertAuthority();
|
|
488
|
+
if (!caAndKey) {
|
|
489
|
+
logger.notify?.("A matching Certificate Authority and key was not found. A new CA will be created in advance, so it's available if needed.");
|
|
490
|
+
const tryToParseKey = (keyPath) => {
|
|
491
|
+
try {
|
|
492
|
+
const key = pki.privateKeyFromPem(fs.readFileSync(keyPath));
|
|
493
|
+
return { key, keyPath };
|
|
494
|
+
}
|
|
495
|
+
catch (err) {
|
|
496
|
+
logger.warn?.(`Failed to parse private key from ${keyPath}:`, err.message);
|
|
497
|
+
return { key: null, keyPath };
|
|
498
|
+
}
|
|
499
|
+
};
|
|
500
|
+
// TLS config can be an array of cert, so we need to check each one
|
|
501
|
+
const tlsConfig = envManager.get(CONFIG_PARAMS.TLS);
|
|
502
|
+
let privateKey;
|
|
503
|
+
let tlsPrivateKeyPath;
|
|
504
|
+
if (Array.isArray(tlsConfig)) {
|
|
505
|
+
for (const config of tlsConfig) {
|
|
506
|
+
if (config.privateKey) {
|
|
507
|
+
const result = tryToParseKey(config.privateKey);
|
|
508
|
+
privateKey = result.key;
|
|
509
|
+
tlsPrivateKeyPath = result.keyPath;
|
|
510
|
+
if (result.key) {
|
|
511
|
+
break; // Found a working key
|
|
512
|
+
}
|
|
513
|
+
}
|
|
514
|
+
}
|
|
515
|
+
}
|
|
516
|
+
else {
|
|
517
|
+
const keyPath = envManager.get(CONFIG_PARAMS.TLS_PRIVATEKEY);
|
|
518
|
+
const result = tryToParseKey(keyPath);
|
|
519
|
+
privateKey = result.key;
|
|
520
|
+
tlsPrivateKeyPath = result.keyPath;
|
|
521
|
+
}
|
|
522
|
+
const keysPath = path.join(envManager.getHdbBasePath(), hdbTerms.LICENSE_KEY_DIR_NAME);
|
|
523
|
+
let keyName = relative(keysPath, tlsPrivateKeyPath);
|
|
524
|
+
if (!privateKey) {
|
|
525
|
+
logger.warn?.('Unable to parse the TLS key', tlsPrivateKeyPath, 'A new key will be generated and used to create Certificate Authority');
|
|
526
|
+
// Currently we can only parse RSA keys, so if it's not an RSA key, we need to generate a new one
|
|
527
|
+
// There is a ticket to add support for other key types CORE-2457
|
|
528
|
+
({ privateKey } = await generateKeys());
|
|
529
|
+
// If there is an existing private key, we will save the new one with a unique name
|
|
530
|
+
if (fs.existsSync(path.join(keysPath, certificatesTerms.PRIVATEKEY_PEM_NAME)))
|
|
531
|
+
keyName = `privateKey${uuidv4().split('-')[0]}.pem`;
|
|
532
|
+
await fs.writeFile(path.join(keysPath, keyName), pki.privateKeyToPem(privateKey));
|
|
533
|
+
}
|
|
534
|
+
const hdbCa = await generateCertAuthority(privateKey, pki.setRsaPublicKey(privateKey.n, privateKey.e), false);
|
|
535
|
+
await setCertTable({
|
|
536
|
+
name: hdbCa.subject.getField('CN').value,
|
|
537
|
+
uses: ['https'],
|
|
538
|
+
certificate: pki.certificateToPem(hdbCa),
|
|
539
|
+
private_key_name: keyName,
|
|
540
|
+
is_authority: true,
|
|
541
|
+
is_self_signed: true,
|
|
542
|
+
});
|
|
543
|
+
}
|
|
544
|
+
const existingCert = await getReplicationCert();
|
|
545
|
+
if (!existingCert) {
|
|
546
|
+
const certName = getThisNodeName();
|
|
547
|
+
logger.notify?.(`A suitable replication certificate was not found, creating new self singed cert named: ${certName}`);
|
|
548
|
+
caAndKey = caAndKey ?? (await getCertAuthority());
|
|
549
|
+
const hdbCa = pki.certificateFromPem(caAndKey.ca.certificate);
|
|
550
|
+
const publicKey = hdbCa.publicKey;
|
|
551
|
+
const newPublicCert = await generateCertificates(pki.privateKeyFromPem(caAndKey.private_key), publicKey, hdbCa);
|
|
552
|
+
await setCertTable({
|
|
553
|
+
name: certName,
|
|
554
|
+
uses: ['https', 'operations', 'wss'],
|
|
555
|
+
certificate: newPublicCert,
|
|
556
|
+
is_authority: false,
|
|
557
|
+
private_key_name: caAndKey.ca.private_key_name,
|
|
558
|
+
is_self_signed: true,
|
|
559
|
+
});
|
|
560
|
+
}
|
|
561
|
+
}
|
|
562
|
+
// Update the cert config in harperdb-config.yaml
|
|
563
|
+
// If CLI or Env values are present it will use those values, else it will use default private key.
|
|
564
|
+
function updateConfigCert() {
|
|
565
|
+
const cliEnvArgs = assignCmdenvVars(Object.keys(hdbTerms.CONFIG_PARAM_MAP), true);
|
|
566
|
+
const keysPath = path.join(envManager.getHdbBasePath(), hdbTerms.LICENSE_KEY_DIR_NAME);
|
|
567
|
+
const private_key = path.join(keysPath, certificatesTerms.PRIVATEKEY_PEM_NAME);
|
|
568
|
+
// This object is what will be added to the harperdb-config.yaml file.
|
|
569
|
+
// We check for any CLI of Env args and if they are present we use them instead of default values.
|
|
570
|
+
const conf = hdbTerms.CONFIG_PARAMS;
|
|
571
|
+
const newCerts = {
|
|
572
|
+
[conf.TLS_PRIVATEKEY]: cliEnvArgs[conf.TLS_PRIVATEKEY.toLowerCase()]
|
|
573
|
+
? cliEnvArgs[conf.TLS_PRIVATEKEY.toLowerCase()]
|
|
574
|
+
: private_key,
|
|
575
|
+
};
|
|
576
|
+
if (cliEnvArgs[conf.TLS_CERTIFICATE.toLowerCase()]) {
|
|
577
|
+
newCerts[conf.TLS_CERTIFICATE] = cliEnvArgs[conf.TLS_CERTIFICATE.toLowerCase()];
|
|
578
|
+
}
|
|
579
|
+
if (cliEnvArgs[conf.TLS_CERTIFICATEAUTHORITY.toLowerCase()]) {
|
|
580
|
+
newCerts[conf.TLS_CERTIFICATEAUTHORITY] = cliEnvArgs[conf.TLS_CERTIFICATEAUTHORITY.toLowerCase()];
|
|
581
|
+
}
|
|
582
|
+
if (cliEnvArgs[conf.OPERATIONSAPI_TLS_CERTIFICATE.toLowerCase()]) {
|
|
583
|
+
newCerts[conf.OPERATIONSAPI_TLS_CERTIFICATE] = cliEnvArgs[conf.OPERATIONSAPI_TLS_CERTIFICATE.toLowerCase()];
|
|
584
|
+
}
|
|
585
|
+
if (cliEnvArgs[conf.OPERATIONSAPI_TLS_PRIVATEKEY.toLowerCase()]) {
|
|
586
|
+
newCerts[conf.OPERATIONSAPI_TLS_PRIVATEKEY] = cliEnvArgs[conf.OPERATIONSAPI_TLS_PRIVATEKEY.toLowerCase()];
|
|
587
|
+
}
|
|
588
|
+
if (cliEnvArgs[conf.OPERATIONSAPI_TLS_CERTIFICATEAUTHORITY.toLowerCase()]) {
|
|
589
|
+
newCerts[conf.OPERATIONSAPI_TLS_CERTIFICATEAUTHORITY] =
|
|
590
|
+
cliEnvArgs[conf.OPERATIONSAPI_TLS_CERTIFICATEAUTHORITY.toLowerCase()];
|
|
591
|
+
}
|
|
592
|
+
configUtils.updateConfigValue(undefined, undefined, newCerts, false, true);
|
|
593
|
+
}
|
|
594
|
+
function readPEM(path) {
|
|
595
|
+
if (path.startsWith('-----BEGIN'))
|
|
596
|
+
return path;
|
|
597
|
+
return readFileSync(path, 'utf8');
|
|
598
|
+
}
|
|
599
|
+
// this horrifying hack is brought to you by https://github.com/nodejs/node/issues/36655
|
|
600
|
+
const origCreateSecureContext = tls.createSecureContext;
|
|
601
|
+
tls.createSecureContext = function (options) {
|
|
602
|
+
if (!options.cert || !options.key) {
|
|
603
|
+
return origCreateSecureContext(options);
|
|
604
|
+
}
|
|
605
|
+
let lessOptions = { ...options };
|
|
606
|
+
delete lessOptions.key;
|
|
607
|
+
delete lessOptions.cert;
|
|
608
|
+
let ctx = origCreateSecureContext(lessOptions);
|
|
609
|
+
ctx.context.setCert(options.cert);
|
|
610
|
+
ctx.context.setKey(options.key, undefined);
|
|
611
|
+
return ctx;
|
|
612
|
+
};
|
|
613
|
+
// Node.js SNI callbacks _add_ the certificate and don't replace it, and so we can't have a default certificate,
|
|
614
|
+
// so we have to assign the default certificate during the cert callback, because the default SNI callback isn't
|
|
615
|
+
// consistently called for all TLS connections (isn't called if no SNI server name is provided).
|
|
616
|
+
// first we have interrupt the socket initialization to add our own cert callback
|
|
617
|
+
const originalInit = TLSSocket.prototype._init;
|
|
618
|
+
TLSSocket.prototype._init = function (socket, wrap) {
|
|
619
|
+
originalInit.call(this, socket, wrap);
|
|
620
|
+
let tlsSocket = this;
|
|
621
|
+
this._handle.oncertcb = function (info) {
|
|
622
|
+
const servername = info.servername;
|
|
623
|
+
tlsSocket._SNICallback(servername, (err, context) => {
|
|
624
|
+
this.sni_context = context?.context || context;
|
|
625
|
+
// note that this skips the checks for multiple callbacks and entirely skips OCSP, so if we ever need that, we
|
|
626
|
+
// need to call the original oncertcb
|
|
627
|
+
this.certCbDone();
|
|
628
|
+
});
|
|
629
|
+
};
|
|
630
|
+
};
|
|
631
|
+
let caCerts = new Map();
|
|
632
|
+
/**
|
|
633
|
+
* Create a TLS selector that will choose the best TLS configuration/context for a given hostname
|
|
634
|
+
* @param type
|
|
635
|
+
* @param mtlsOptions
|
|
636
|
+
* @return {(function(*, *): (*|undefined))|*}
|
|
637
|
+
*/
|
|
638
|
+
function createTLSSelector(type, mtlsOptions) {
|
|
639
|
+
let secureContexts = new Map();
|
|
640
|
+
let defaultContext;
|
|
641
|
+
let hasWildcards = false;
|
|
642
|
+
SNICallback.initialize = (server) => {
|
|
643
|
+
if (SNICallback.ready)
|
|
644
|
+
return SNICallback.ready;
|
|
645
|
+
if (server) {
|
|
646
|
+
server.secureContexts = secureContexts;
|
|
647
|
+
server.secureContextsListeners = [];
|
|
648
|
+
}
|
|
649
|
+
return (SNICallback.ready = new Promise((resolve, reject) => {
|
|
650
|
+
async function updateTLS() {
|
|
651
|
+
try {
|
|
652
|
+
secureContexts.clear();
|
|
653
|
+
caCerts.clear();
|
|
654
|
+
let bestQuality = 0;
|
|
655
|
+
if (databases === undefined) {
|
|
656
|
+
resolve();
|
|
657
|
+
return;
|
|
658
|
+
}
|
|
659
|
+
for await (const cert of databases.system.hdb_certificate.search([])) {
|
|
660
|
+
const certificate = cert.certificate;
|
|
661
|
+
const certParsed = new X509Certificate(certificate);
|
|
662
|
+
if (cert.is_authority) {
|
|
663
|
+
certParsed.asString = certificate;
|
|
664
|
+
caCerts.set(certParsed.subject, certificate);
|
|
665
|
+
}
|
|
666
|
+
}
|
|
667
|
+
for await (const cert of databases.system.hdb_certificate.search([])) {
|
|
668
|
+
try {
|
|
669
|
+
if (cert.is_authority) {
|
|
670
|
+
continue;
|
|
671
|
+
}
|
|
672
|
+
let isOperations = type === 'operations-api';
|
|
673
|
+
let quality = cert.is_self_signed ? 1 : 3;
|
|
674
|
+
// prefer operations certificates for operations API
|
|
675
|
+
if (isOperations && cert.uses?.includes?.('operations'))
|
|
676
|
+
quality += 1;
|
|
677
|
+
const private_key = await getPrivateKeyByName(cert.private_key_name);
|
|
678
|
+
let certificate = cert.certificate;
|
|
679
|
+
const certParsed = new X509Certificate(certificate);
|
|
680
|
+
if (caCerts.has(certParsed.issuer)) {
|
|
681
|
+
certificate += '\n' + caCerts.get(certParsed.issuer);
|
|
682
|
+
}
|
|
683
|
+
if (!private_key || !certificate) {
|
|
684
|
+
throw new Error('Missing private key or certificate for secure server');
|
|
685
|
+
}
|
|
686
|
+
const secureOptions = {
|
|
687
|
+
ciphers: cert.ciphers,
|
|
688
|
+
ticketKeys: getTicketKeys(),
|
|
689
|
+
availableCAs: caCerts, // preserve the record of caCerts even if not used for mTLS here
|
|
690
|
+
ca: mtlsOptions && Array.from(caCerts.values()),
|
|
691
|
+
cert: certificate,
|
|
692
|
+
key: private_key,
|
|
693
|
+
key_file: cert.private_key_name,
|
|
694
|
+
is_self_signed: cert.is_self_signed,
|
|
695
|
+
};
|
|
696
|
+
if (server)
|
|
697
|
+
secureOptions.sessionIdContext = server.sessionIdContext;
|
|
698
|
+
let hostnames = cert.hostnames ?? hostnamesFromCert(certParsed);
|
|
699
|
+
if (!Array.isArray(hostnames))
|
|
700
|
+
hostnames = [hostnames];
|
|
701
|
+
for (let hostname of hostnames) {
|
|
702
|
+
if (hostname === getHost())
|
|
703
|
+
quality += 1; // prefer a certificate that has our hostname in the SANs
|
|
704
|
+
}
|
|
705
|
+
let secureContext = tls.createSecureContext(secureOptions);
|
|
706
|
+
secureContext.name = cert.name;
|
|
707
|
+
secureContext.options = secureOptions;
|
|
708
|
+
secureContext.quality = quality;
|
|
709
|
+
secureContext.certificateAuthorities = Array.from(caCerts);
|
|
710
|
+
// we store the first 100 bytes of the certificate just for debug logging
|
|
711
|
+
secureContext.certStart = certificate.toString().slice(0, 100);
|
|
712
|
+
// we want to configure SNI handling to pick the right certificate based on all the registered SANs
|
|
713
|
+
// in the certificate
|
|
714
|
+
for (let hostname of hostnames) {
|
|
715
|
+
if (hostname) {
|
|
716
|
+
if (hostname[0] === '*') {
|
|
717
|
+
hasWildcards = true;
|
|
718
|
+
hostname = hostname.slice(1);
|
|
719
|
+
}
|
|
720
|
+
// we use this certificate if it has a higher quality than the existing one for this hostname
|
|
721
|
+
let existingCertQuality = secureContexts.get(hostname)?.quality ?? 0;
|
|
722
|
+
logger.trace?.('Assigning TLS for hostname', hostname, 'if', quality, '>', existingCertQuality);
|
|
723
|
+
if (quality > existingCertQuality) {
|
|
724
|
+
secureContexts.set(hostname, secureContext);
|
|
725
|
+
}
|
|
726
|
+
}
|
|
727
|
+
else {
|
|
728
|
+
logger.error?.('No hostname found for certificate at', tls.certificate);
|
|
729
|
+
}
|
|
730
|
+
}
|
|
731
|
+
logger.trace?.('Adding TLS', secureContext.name, 'for', server.ports || 'client', 'cert named', cert.name, 'hostnames', hostnames, 'quality', quality, 'best quality', bestQuality);
|
|
732
|
+
if (quality > bestQuality /* && hasIpAddress*/) {
|
|
733
|
+
// we use this certificate as the default if it has a higher quality than the existing one
|
|
734
|
+
SNICallback.defaultContext = defaultContext = secureContext;
|
|
735
|
+
bestQuality = quality;
|
|
736
|
+
if (server) {
|
|
737
|
+
server.defaultContext = secureContext;
|
|
738
|
+
// note that we can not set the secure context on the server here, because this creates an
|
|
739
|
+
// indeterminate situation of whether openssl will use this certificate or the one from the SNI
|
|
740
|
+
// callback
|
|
741
|
+
//server.setSecureContext?.(server, secureOptions);
|
|
742
|
+
}
|
|
743
|
+
}
|
|
744
|
+
}
|
|
745
|
+
catch (error) {
|
|
746
|
+
logger.error?.('Error applying TLS for', cert.name, error);
|
|
747
|
+
}
|
|
748
|
+
}
|
|
749
|
+
server?.secureContextsListeners.forEach((listener) => listener());
|
|
750
|
+
resolve(defaultContext);
|
|
751
|
+
}
|
|
752
|
+
catch (error) {
|
|
753
|
+
reject(error);
|
|
754
|
+
}
|
|
755
|
+
}
|
|
756
|
+
databases?.system.hdb_certificate.subscribe({
|
|
757
|
+
listener: () => setTimeout(() => updateTLS(), 1500).unref(),
|
|
758
|
+
omitCurrent: true,
|
|
759
|
+
});
|
|
760
|
+
updateTLS();
|
|
761
|
+
}));
|
|
762
|
+
};
|
|
763
|
+
return SNICallback;
|
|
764
|
+
function SNICallback(servername, cb) {
|
|
765
|
+
// find the matching server name, substituting wildcards for each part of the domain to find matches
|
|
766
|
+
logger.info?.('TLS requested for', servername || '(no SNI)');
|
|
767
|
+
let matchingName = servername;
|
|
768
|
+
while (true) {
|
|
769
|
+
let context = secureContexts.get(matchingName);
|
|
770
|
+
if (context) {
|
|
771
|
+
logger.debug?.('Found certificate for', servername, context.certStart);
|
|
772
|
+
// check if there is a updated context, which is used by replication to replace the context with TLS with
|
|
773
|
+
// full set of CAs
|
|
774
|
+
if (context.updatedContext)
|
|
775
|
+
context = context.updatedContext;
|
|
776
|
+
return cb(null, context);
|
|
777
|
+
}
|
|
778
|
+
if (hasWildcards && matchingName) {
|
|
779
|
+
let nextDot = matchingName.indexOf('.', 1);
|
|
780
|
+
if (nextDot < 0)
|
|
781
|
+
matchingName = '';
|
|
782
|
+
else
|
|
783
|
+
matchingName = matchingName.slice(nextDot);
|
|
784
|
+
}
|
|
785
|
+
else
|
|
786
|
+
break;
|
|
787
|
+
}
|
|
788
|
+
if (servername)
|
|
789
|
+
logger.debug?.('No certificate found to match', servername, 'using the default certificate');
|
|
790
|
+
else
|
|
791
|
+
logger.debug?.('No SNI, using the default certificate', defaultContext?.name);
|
|
792
|
+
// no matches, return the first/default one
|
|
793
|
+
let context = defaultContext;
|
|
794
|
+
if (!context)
|
|
795
|
+
logger.info?.('No default certificate found');
|
|
796
|
+
else if (context.updatedContext)
|
|
797
|
+
context = context.updatedContext;
|
|
798
|
+
cb(null, context);
|
|
799
|
+
}
|
|
800
|
+
}
|
|
801
|
+
async function getPrivateKeyByName(private_key_name) {
|
|
802
|
+
const private_key = privateKeys.get(private_key_name);
|
|
803
|
+
if (!private_key && private_key_name) {
|
|
804
|
+
return await fs.readFile(path.join(envManager.get(CONFIG_PARAMS.ROOTPATH), hdbTerms.LICENSE_KEY_DIR_NAME, private_key_name), 'utf8');
|
|
805
|
+
}
|
|
806
|
+
return private_key;
|
|
807
|
+
}
|
|
808
|
+
/**
|
|
809
|
+
* List all the records in hdbCertificate table
|
|
810
|
+
* @returns {Promise<*[]>}
|
|
811
|
+
*/
|
|
812
|
+
async function listCertificates() {
|
|
813
|
+
getCertTable();
|
|
814
|
+
let response = [];
|
|
815
|
+
for await (const cert of certificateTable.search([])) {
|
|
816
|
+
response.push(cert);
|
|
817
|
+
}
|
|
818
|
+
return response;
|
|
819
|
+
}
|
|
820
|
+
function getPrimaryHostName(cert /*X509Certificate*/) {
|
|
821
|
+
const commonName = cert.subject?.match(/CN=(.*)/)?.[1];
|
|
822
|
+
if (commonName)
|
|
823
|
+
return commonName;
|
|
824
|
+
return hostnamesFromCert(cert)[0];
|
|
825
|
+
}
|
|
826
|
+
function hostnamesFromCert(cert /*X509Certificate*/) {
|
|
827
|
+
if (cert.subjectAltName) {
|
|
828
|
+
return cert.subjectAltName
|
|
829
|
+
.split(',')
|
|
830
|
+
.map((part) => {
|
|
831
|
+
// the subject alt names looks like 'IP Address:127.0.0.1, DNS:localhost, IP
|
|
832
|
+
// Address:0:0:0:0:0:0:0:1, DirName:"CN=localhost"'
|
|
833
|
+
// so we split on commas and then use the part after the colon as the host name
|
|
834
|
+
let colonIndex = part.indexOf(':'); // get the value part
|
|
835
|
+
part = part.slice(colonIndex + 1);
|
|
836
|
+
part = part.trim();
|
|
837
|
+
if (part[0] === '"') {
|
|
838
|
+
// quoted value
|
|
839
|
+
try {
|
|
840
|
+
part = JSON.parse(part);
|
|
841
|
+
}
|
|
842
|
+
catch {
|
|
843
|
+
// ignore
|
|
844
|
+
}
|
|
845
|
+
}
|
|
846
|
+
// can have name=value inside
|
|
847
|
+
if (part.indexOf('=') > -1)
|
|
848
|
+
return part.match(/CN=([^,]*)/)?.[1];
|
|
849
|
+
return part;
|
|
850
|
+
})
|
|
851
|
+
.filter((part) => part); // filter out any empty names
|
|
852
|
+
}
|
|
853
|
+
// finally we fall back to the common name
|
|
854
|
+
const commonName = cert.subject?.match(/CN=(.*)/)?.[1];
|
|
855
|
+
return commonName ? [commonName] : [];
|
|
856
|
+
}
|
|
857
|
+
function getHostnamesFromCertificate(certificate) {
|
|
858
|
+
return [
|
|
859
|
+
certificate.subject?.CN, // use the subject if it exists
|
|
860
|
+
...certificate.subjectaltname // otherwise use the subject alternative names
|
|
861
|
+
.split(',')
|
|
862
|
+
.filter((n) => n.trim().startsWith('DNS:')) // find the DNS names
|
|
863
|
+
.map((n) => n.trim().substring(4)),
|
|
864
|
+
];
|
|
865
|
+
}
|
|
866
|
+
//# sourceMappingURL=keys.js.map
|