Build-To-Use: 3.3.0-68

10912c0 Peer-to-peer mesh (#2262)
14e61a9 Keep pulled revs from being echoed back to the peer by the Pusher
d3acebd Change c4repl_getResponseHeaders return to C4SliceResult. (#2272)
CBL-6799: Race can cause _responseTimer to be reset before stop is called (#2268)

:warning: c4repl_getResponseHeaders now returns C4SliceResult, in lieu of C4Slice.

Author: jianminzhao

.github/workflows/xcodebuild.yml

@@ -37,16 +37,17 @@ jobs:
 #### BUILD
 
     - name: "Build C++ Tests"
-      uses: sersoft-gmbh/xcodebuild-action@v1
+      uses: sersoft-gmbh/xcodebuild-action@v3.2.0
       with:
         project: Xcode/LiteCore.xcodeproj
         scheme: LiteCore C++ Tests
         destination: platform=macOS
         configuration: $CONFIGURATION_CPP
         action: build
+        output-formatter: ""   # Experimental
 
     - name: "Build C4Tests"
-      uses: sersoft-gmbh/xcodebuild-action@v1
+      uses: sersoft-gmbh/xcodebuild-action@v3.2.0
       with:
         project: Xcode/LiteCore.xcodeproj
         scheme: LiteCore C Tests

C/Cpp_include/c4Certificate.hh

@@ -57,6 +57,8 @@ struct C4Cert final
 
     bool isSelfSigned();
 
+    bool isSignedBy(C4Cert* issuer);
+
     Retained<C4KeyPair> getPublicKey();
 
     Retained<C4KeyPair> loadPersistentPrivateKey();

C/Cpp_include/c4Database.hh

@@ -80,7 +80,7 @@ struct C4Database
 
     virtual alloc_slice getPath() const = 0;
 
-    const Config& getConfiguration() const noexcept FLPURE { return _config; }
+    const Config& getConfiguration() const noexcept LIFETIMEBOUND FLPURE { return _config; }
 
     virtual alloc_slice getSourceID() const    = 0;
     virtual C4UUID      getPublicUUID() const  = 0;
@@ -279,8 +279,6 @@ inline bool operator==(const C4Database::CollectionSpec& a, const C4Database::Co
     return a.name == b.name && a.effectiveScope() == b.effectiveScope();
 }
 
-inline bool operator!=(const C4Database::CollectionSpec& a, const C4Database::CollectionSpec& b) { return !(a == b); }
-
 template <>
 struct std::hash<C4Database::CollectionSpec> {
     std::size_t operator()(C4Database::CollectionSpec const& spec) const {

C/Cpp_include/c4PeerDiscovery.hh

@@ -0,0 +1,140 @@
+//
+// c4PeerSync.hh
+//
+// Copyright 2025-Present Couchbase, Inc.
+//
+// Use of this software is governed by the Business Source License included
+// in the file licenses/BSL-Couchbase.txt.  As of the Change Date specified
+// in that file, in accordance with the Business Source License, use of this
+// software will be governed by the Apache License, Version 2.0, included in
+// the file licenses/APL2.txt.
+//
+
+#pragma once
+#include "c4Base.hh"
+#include "c4PeerSyncTypes.h"
+#include "c4Replicator.hh"
+#include "fleece/InstanceCounted.hh"
+#include <cstring>  // for memcmp
+#include <span>
+
+#ifdef COUCHBASE_ENTERPRISE
+C4_ASSUME_NONNULL_BEGIN
+
+// ************************************************************************
+// This header is part of the LiteCore C++ API.
+// If you use this API, you must _statically_ link LiteCore;
+// the dynamic library only exports the C API.
+// ************************************************************************
+
+
+/** A peer-to-peer sync manager that automatically discovers and connects with its counterparts
+    with matching `peerGroupID`s, and replicates with them to sync a database. */
+struct C4PeerSync
+    : fleece::InstanceCounted
+    , C4Base {
+  public:
+    /** API to receive notifications from C4PeerSync. */
+    class Delegate {
+      public:
+        virtual ~Delegate() = default;
+
+        /// C4PeerSync has started or stopped, possibly with an error.
+        virtual void peerSyncStatus(bool started, C4Error const&) {}
+
+        /// A peer has come online or gone offline.
+        virtual void peerDiscovery(C4PeerID const&, bool online) {}
+
+        /// Authenticate a TLS connection to/from a peer, based on properties of its certificate.
+        virtual bool authenticatePeer(C4PeerID const&, C4Cert*) = 0;
+
+        /// A peer's direct connections to other peers have changed.
+        virtual void peerNeighborsChanged(C4PeerID const&, size_t count) {}
+
+        /// A replication with a peer has changed status.
+        /// The `incoming` flag is true if this connection was made by the other peer.
+        virtual void peerReplicationStatus(C4PeerID const&, C4ReplicatorStatus const&, bool incoming) {}
+
+        /// A replication with a peer has transferred documents.
+        /// @note  This will only be called if you configured Parameters::progressLevel accordingly.
+        virtual void peerDocumentsEnded(C4PeerID const&, bool pushing, std::span<const C4DocumentEnded*>) {}
+
+        /// A replication with a peer is transferring a blob.
+        /// @note  This will only be called if you configured Parameters::progressLevel accordingly.
+        virtual void peerBlobProgress(C4PeerID const&, bool pushing, C4BlobProgress const&) {}
+    };
+
+    /** Configuration of a C4PeerSync. */
+    struct Parameters {
+        std::string_view                  peerGroupID;        ///< App identifier for peer discovery
+        std::span<const std::string_view> protocols;          ///< Which protocols to use (empty = all)
+        C4Cert*                           tlsCert;            ///< My TLS certificate (server+client)
+        C4KeyPair*                        tlsKeyPair;         ///< Certificate's key-pair
+        C4Database*                       database;           ///< Database to sync
+        std::span<C4PeerSyncCollection>   collections;        ///< Collections to sync
+        slice                             optionsDictFleece;  ///< Replicator options
+        C4ReplicatorProgressLevel         progressLevel;      ///< Level of progress notifications
+        Delegate*                         delegate;           ///< Your object that receives notifications
+    };
+
+    explicit C4PeerSync(Parameters const&);
+    explicit C4PeerSync(C4PeerSyncParameters const*);
+
+    /** @note  It is guaranteed that the delegate will not be called after the destructor returns. */
+    ~C4PeerSync() noexcept override;
+
+    /// Returns this instance's peer ID, as visible to other peers.
+    /// (The ID is derived via \ref c4peerid_fromCert from the C4Cert given in the parameters.)
+    /// @note  This function is thread-safe.
+    C4PeerID thisPeerID() const noexcept;
+
+    /// Starts a C4PeerSync, beginning peer discovery and replication.
+    /// This call is asynchronous and returns immediately.
+    /// When it succeeds or fails, the delegate's \ref peerSyncStatus method will be called.
+    /// @note  This function is thread-safe.
+    void start() noexcept;
+
+    /// Stops all active replicators, stops the listener, and stops peer discovery and publishing.
+    /// This call is asynchronous and returns immediately.
+    /// When complete, the delegate's \ref peerSyncStatus method will be called.
+    /// @note  This function is thread-safe.
+    void stop() noexcept;
+
+    /** Information about a peer, returned from \ref getPeerInfo. */
+    struct PeerInfo {
+        Retained<C4Cert>      certificate;         ///< Its identity; nullptr if unverified
+        std::vector<C4PeerID> neighbors;           ///< Peers it's directly connected to
+        C4ReplicatorStatus    replicatorStatus{};  ///< Status of my connection to it, if any
+        bool                  online = false;      ///< True if it's currently online/visible
+    };
+
+    /// Returns a list of all peers currently online, including this one.
+    /// @note  This function is thread-safe.
+    std::vector<C4PeerID> onlinePeers();
+
+    /// Returns information about a peer.
+    /// - If the peer is not directly connected, the `replicatorStatus.level` will be `kC4Stopped`.
+    /// @note  This function is thread-safe.
+    PeerInfo getPeerInfo(C4PeerID const&);
+
+    // Version number of c4PeerSync.hh API. Incremented on incompatible changes.
+    static constexpr int kAPIVersion = 4;
+
+  private:
+    class Impl;
+    class CppImpl;
+    class CImpl;
+    std::unique_ptr<Impl> _impl;
+};
+
+// Equality operator for C4PeerIDs.
+inline bool operator==(C4PeerID const& a, C4PeerID const& b) { return memcmp(a.bytes, b.bytes, sizeof(a.bytes)) == 0; }
+
+// Hash code for C4PeerIDs, making them useable as std::unordered_map keys.
+template <>
+struct std::hash<C4PeerID> {
+    std::size_t operator()(C4PeerID const&) const noexcept;
+};
+
+C4_ASSUME_NONNULL_END
+#endif  // COUCHBASE_ENTERPRISE

C/Cpp_include/c4PeerSync.hh

@@ -13,6 +13,10 @@
 #pragma once
 #include "c4Base.hh"
 #include "c4ReplicatorTypes.h"
+#include <functional>
+#include <memory>
+#include <span>
+#include <vector>
 
 C4_ASSUME_NONNULL_BEGIN
 
@@ -22,6 +26,10 @@ C4_ASSUME_NONNULL_BEGIN
 // the dynamic library only exports the C API.
 // ************************************************************************
 
+namespace fleece {
+    class Dict;
+    class MutableDict;
+}  // namespace fleece
 
 struct C4Replicator
     : public fleece::RefCounted
@@ -52,8 +60,48 @@ struct C4Replicator
     bool        isDocumentPending(slice docID, C4CollectionSpec) const;
 
 #ifdef COUCHBASE_ENTERPRISE
-    virtual C4Cert* C4NULLABLE getPeerTLSCertificate() const;
+    using PeerTLSCertificateValidator = std::function<bool(slice certData, std::string_view hostname)>;
+
+    /// Registers a callback that can accept or reject a peer's certificate during the TLS handshake.
+    virtual void setPeerTLSCertificateValidator(PeerTLSCertificateValidator) = 0;
+
+    virtual C4Cert* C4NULLABLE getPeerTLSCertificate() const = 0;
 #endif
+
+    /** Extended, memory-safe version of `C4ReplicatorParameters`.
+     *  The constructor copies all the pointed-to data into internal storage:
+     *  - `optionsDictFleece`
+     *  - `collections`
+     *  - each collection's `name`, `scope` and `optionsDictFleece` */
+    struct Parameters : C4ReplicatorParameters {
+        Parameters();
+        explicit Parameters(C4ReplicatorParameters const&);
+
+        Parameters(Parameters const& params) : Parameters((C4ReplicatorParameters const&)params) {}
+
+        std::span<C4ReplicationCollection> collections() noexcept { return _collections; }
+
+        std::span<const C4ReplicationCollection> collections() const noexcept { return _collections; }
+
+        /// The highest push and pull modes of any collections.
+        std::pair<C4ReplicatorMode, C4ReplicatorMode> maxModes() const;
+
+        C4ReplicationCollection& addCollection(C4ReplicationCollection const&);
+
+        C4ReplicationCollection& addCollection(C4CollectionSpec const&, C4ReplicatorMode pushMode,
+                                               C4ReplicatorMode pullMode);
+
+        fleece::MutableDict copyOptions() const;       ///< Returns copy of options (never null)
+        void                setOptions(fleece::Dict);  ///< Updates options Dict
+        void                updateOptions(std::function<void(fleece::MutableDict)> const& callback);
+
+      private:
+        void makeAllocated(C4ReplicationCollection&);
+
+        alloc_slice                          _options;
+        std::vector<C4ReplicationCollection> _collections;
+        std::vector<alloc_slice>             _slices;
+    };
 };
 
 C4_ASSUME_NONNULL_END

C/Cpp_include/c4Replicator.hh

@@ -48,11 +48,22 @@ struct C4Socket  // NOLINT(cppcoreguidelines-pro-type-member-init) - its okay fo
         @param factory  The C4SocketFactory that will manage the socket.
         @param nativeHandle  A value known to the factory that represents the underlying socket,
             such as a file descriptor or a native object pointer.
-        @param address  The address of the remote peer making the connection.
+        @param address  The address of the remote peer.
+        @param incoming  True if this is an incoming (server) connection, false for outgoing (client).
         @return  A new C4Socket initialized with the `nativeHandle`. */
-    static C4Socket* fromNative(const C4SocketFactory& factory, void* C4NULLABLE nativeHandle,
-                                const C4Address& address);
-
+    static C4Socket* fromNative(const C4SocketFactory& factory, void* C4NULLABLE nativeHandle, const C4Address& address,
+                                bool incoming = true);
+
+    /** Notification that a socket is making a TLS connection and has received the peer's (usually
+        server's) certificate.
+        This notification occurs only after any other TLS validation options have passed
+        (`kC4ReplicatorOptionRootCerts`, `kC4ReplicatorOptionPinnedServerCert`,
+        `kC4ReplicatorOptionOnlySelfSignedServerCert`).
+        @param certData  The DER-encoded form of the peer's TLS certificate.
+        @param hostname  The DNS hostname of the peer. (This may be different from the original
+                         Address given, if there were HTTP redirects.)
+        @returns  True to proceed, false to abort the connection. */
+    virtual bool gotPeerCertificate(slice certData, std::string_view hostname) = 0;
 
     /** Notification that a socket has received an HTTP response, with the given headers (encoded
         as a Fleece dictionary.) This should be called just before \ref opened() or \ref closed().
@@ -114,6 +125,11 @@ struct C4Socket  // NOLINT(cppcoreguidelines-pro-type-member-init) - its okay fo
     void* C4NULLABLE nativeHandle;  ///< for client's use
 };
 
+// Glue to make Retained<C4Socket> work:
+inline C4Socket* retain(C4Socket* socket) { return c4socket_retain(socket); }
+
+inline void release(C4Socket* socket) { c4socket_release(socket); }
+
 /** @} */
 
 C4_ASSUME_NONNULL_END

C/Cpp_include/c4Socket.hh

@@ -1044,6 +1044,8 @@ bool c4cert_isSigned(C4Cert* cert) noexcept { return cert->isSigned(); }
 
 bool c4cert_isSelfSigned(C4Cert* cert) noexcept { return cert->isSelfSigned(); }
 
+bool c4cert_isSignedBy(C4Cert* cert, C4Cert* issuer) noexcept { return cert->isSignedBy(issuer); }
+
 C4Cert* c4cert_signRequest(C4Cert* c4Cert, const C4CertIssuerParameters* C4NULLABLE c4Params,
                            C4KeyPair* issuerPrivateKey, C4Cert* issuerC4Cert, C4Error* outError) noexcept {
     return tryCatch<C4Cert*>(outError, [&]() -> C4Cert* {

C/c4CAPI.cc

@@ -120,6 +120,12 @@ bool C4Cert::isSelfSigned() {
     return signedCert && signedCert->isSelfSigned();
 }
 
+bool C4Cert::isSignedBy(C4Cert* issuer) {
+    Cert* signedCert   = asSignedCert();
+    Cert* signedIssuer = issuer->asSignedCert();
+    return signedCert && signedIssuer && signedCert->isSignedBy(signedIssuer);
+}
+
 Retained<C4KeyPair> C4Cert::getPublicKey() {
     if ( auto signedCert = asSignedCert(); signedCert ) return new C4KeyPair(signedCert->subjectPublicKey().get());
     return nullptr;