1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html><head><meta http-equiv="Content-Type" content="text/html;charset=iso-8859-1">
<title>KLone: session.c Source File</title>
<link href="kl.css" rel="stylesheet" type="text/css">
</head><body>
<!-- Generated by Doxygen 1.3.9.1 -->
<div class="qindex"><a class="qindex" href="index.html">Main Page</a> | <a class="qindex" href="modules.html">Modules</a> | <a class="qindex" href="annotated.html">Data Structures</a> | <a class="qindex" href="dirs.html">Directories</a> | <a class="qindex" href="files.html">File List</a> | <a class="qindex" href="functions.html">Data Fields</a> | <a class="qindex" href="globals.html">Globals</a></div>
<div class="nav">
<a class="el" href="dir_000000.html">src</a> / <a class="el" href="dir_000009.html">libpage</a></div>
<h1>session.c</h1><a href="session_8c.html">Go to the documentation of this file.</a><div class="fragment"><pre class="fragment">00001 <span class="comment">/*</span>
00002 <span class="comment"> * Copyright (c) 2005, 2006 by KoanLogic s.r.l. <http://www.koanlogic.com></span>
00003 <span class="comment"> * All rights reserved.</span>
00004 <span class="comment"> *</span>
00005 <span class="comment"> * This file is part of KLone, and as such it is subject to the license stated</span>
00006 <span class="comment"> * in the LICENSE file which you have received as part of this distribution.</span>
00007 <span class="comment"> *</span>
00008 <span class="comment"> * $Id: session.c,v 1.36 2006/04/06 14:02:22 tat Exp $</span>
00009 <span class="comment"> */</span>
00010
00011 <span class="preprocessor">#include "klone_conf.h"</span>
00012 <span class="preprocessor">#include <sys/types.h></span>
00013 <span class="preprocessor">#include <sys/stat.h></span>
00014 <span class="preprocessor">#include <sys/time.h></span>
00015 <span class="preprocessor">#include <stdlib.h></span>
00016 <span class="preprocessor">#include <time.h></span>
00017 <span class="preprocessor">#include <unistd.h></span>
00018 <span class="preprocessor">#include <fcntl.h></span>
00019 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00020 <span class="preprocessor"></span><span class="preprocessor">#include <openssl/hmac.h></span>
00021 <span class="preprocessor">#include <openssl/evp.h></span>
00022 <span class="preprocessor">#include <openssl/rand.h></span>
00023 <span class="preprocessor">#include <<a class="code" href="ccipher_8h.html">klone/ccipher.h</a>></span>
00024 <span class="preprocessor">#endif </span><span class="comment">/* HAVE_LIBOPENSSL */</span>
00025 <span class="preprocessor">#include <u/libu.h></span>
00026 <span class="preprocessor">#include <<a class="code" href="session_8h.html">klone/session.h</a>></span>
00027 <span class="preprocessor">#include <<a class="code" href="request_8h.html">klone/request.h</a>></span>
00028 <span class="preprocessor">#include <<a class="code" href="response_8h.html">klone/response.h</a>></span>
00029 <span class="preprocessor">#include <<a class="code" href="vars_8h.html">klone/vars.h</a>></span>
00030 <span class="preprocessor">#include <<a class="code" href="utils_8h.html">klone/utils.h</a>></span>
00031 <span class="preprocessor">#include <<a class="code" href="ses__prv_8h.html">klone/ses_prv.h</a>></span>
00032 <span class="preprocessor">#include <<a class="code" href="codecs_8h.html">klone/codecs.h</a>></span>
00033
00034 <span class="keyword">enum</span> { <a class="code" href="session_8c.html#a27a2">DEFAULT_SESSION_EXPIRATION</a> = 60*20 }; <span class="comment">/* 20 minutes */</span>
00035 <span class="keyword">static</span> <span class="keyword">const</span> <span class="keywordtype">char</span> SID_NAME[] = <span class="stringliteral">"klone_sid"</span>;
00036
00037 <span class="keyword">struct </span>save_cb_params_s
00038 {
00039 <a class="code" href="structsession__s.html">session_t</a> *ss;
00040 <a class="code" href="structio__s.html">io_t</a> *io;
00041 };
00042
<a name="l00043"></a><a class="code" href="session_8c.html#a1">00043</a> <span class="keyword">typedef</span> <span class="keyword">struct </span>save_cb_params_s <a class="code" href="session_8c.html#a1">save_cb_params_t</a>;
00044
<a name="l00045"></a><a class="code" href="ses__prv_8h.html#a30">00045</a> <span class="keywordtype">int</span> <a class="code" href="ses__prv_8h.html#a30">session_module_term</a>(<a class="code" href="structsession__opt__s.html">session_opt_t</a> *so)
00046 {
00047 U_FREE(so);
00048
00049 <span class="keywordflow">return</span> 0;
00050 }
00051
<a name="l00052"></a><a class="code" href="ses__prv_8h.html#a26">00052</a> <span class="keywordtype">int</span> <a class="code" href="ses__prv_8h.html#a26">session_module_init</a>(u_config_t *config, <a class="code" href="structsession__opt__s.html">session_opt_t</a> **pso)
00053 {
00054 <a class="code" href="structsession__opt__s.html">session_opt_t</a> *so = NULL;
00055 u_config_t *c = NULL;
00056 <span class="keyword">const</span> <span class="keywordtype">char</span> *v;
00057 <span class="keywordtype">int</span> max_age;
00058
00059 dbg_err_if (config == NULL);
00060 dbg_err_if (pso == NULL);
00061
00062 so = u_zalloc(<span class="keyword">sizeof</span>(<a class="code" href="structsession__opt__s.html">session_opt_t</a>));
00063 dbg_err_if(so == NULL);
00064
00065 <span class="comment">/* defaults values */</span>
00066 so-><a class="code" href="structsession__opt__s.html#o0">type</a> = SESSION_TYPE_FILE;
00067 so-><a class="code" href="structsession__opt__s.html#o1">max_age</a> = DEFAULT_SESSION_EXPIRATION;
00068 so-><a class="code" href="structsession__opt__s.html#o3">compress</a> = 0;
00069 so-><a class="code" href="structsession__opt__s.html#o2">encrypt</a> = 0;
00070
00071 <span class="keywordflow">if</span>(!u_config_get_subkey(config, <span class="stringliteral">"session"</span>, &c))
00072 {
00073 <span class="comment">/* no 'session' subsection, defaults will be used */</span>
00074
00075 <span class="comment">/* set session type */</span>
00076 <span class="keywordflow">if</span>((v = u_config_get_subkey_value(c, <span class="stringliteral">"type"</span>)) != NULL)
00077 {
00078 <span class="keywordflow">if</span>(!strcasecmp(v, <span class="stringliteral">"memory"</span>)) {
00079 so-><a class="code" href="structsession__opt__s.html#o0">type</a> = SESSION_TYPE_MEMORY;
00080 } <span class="keywordflow">else</span> <span class="keywordflow">if</span>(!strcasecmp(v, <span class="stringliteral">"file"</span>)) {
00081 so-><a class="code" href="structsession__opt__s.html#o0">type</a> = SESSION_TYPE_FILE;
00082 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00083 <span class="preprocessor"></span> } <span class="keywordflow">else</span> <span class="keywordflow">if</span>(!strcasecmp(v, <span class="stringliteral">"client"</span>)) {
00084 so-><a class="code" href="structsession__opt__s.html#o0">type</a> = SESSION_TYPE_CLIENT;
00085 <span class="preprocessor">#endif</span>
00086 <span class="preprocessor"></span> } <span class="keywordflow">else</span>
00087 warn_err(<span class="stringliteral">"config error: bad session type (typo or missing "</span>
00088 <span class="stringliteral">"library)"</span>);
00089 }
00090
00091 <span class="comment">/* set max_age */</span>
00092 <span class="keywordflow">if</span>((v = u_config_get_subkey_value(c, <span class="stringliteral">"max_age"</span>)) != NULL)
00093 max_age = <a class="code" href="utils_8h.html#a1">MAX</a>(atoi(v) * 60, 60); <span class="comment">/* min value: 1 min */</span>
00094
00095 <span class="comment">/* set compression flag */</span>
00096 dbg_err_if(u_config_get_subkey_value_b(c, <span class="stringliteral">"compress"</span>, 0,
00097 &so-><a class="code" href="structsession__opt__s.html#o3">compress</a>));
00098
00099 <span class="comment">/* set encryption flag */</span>
00100 dbg_err_if(u_config_get_subkey_value_b(c, <span class="stringliteral">"encrypt"</span>, 0, &so-><a class="code" href="structsession__opt__s.html#o2">encrypt</a>));
00101
00102 <span class="preprocessor">#ifndef HAVE_LIBZ</span>
00103 <span class="preprocessor"></span> <span class="keywordflow">if</span>(so-><a class="code" href="structsession__opt__s.html#o3">compress</a>)
00104 warn_err(<span class="stringliteral">"config error: compression is enabled but libz is not "</span>
00105 <span class="stringliteral">"linked"</span>);
00106 <span class="preprocessor">#endif</span>
00107 <span class="preprocessor"></span>
00108 <span class="preprocessor">#ifndef HAVE_LIBOPENSSL</span>
00109 <span class="preprocessor"></span> <span class="keywordflow">if</span>(so-><a class="code" href="structsession__opt__s.html#o2">encrypt</a>)
00110 warn_err(<span class="stringliteral">"config error: encryption is enabled but OpenSSL is not "</span>
00111 <span class="stringliteral">"linked"</span>);
00112 <span class="preprocessor">#else</span>
00113 <span class="preprocessor"></span> <span class="comment">/* init cipher EVP algo, the random key and IV */</span>
00114 so->cipher = EVP_aes_256_cbc(); <span class="comment">/* use AES-256 in CBC mode */</span>
00115
00116 EVP_add_cipher(so->cipher);
00117
00118 <span class="comment">/* key and iv for client-side session */</span>
00119 dbg_err_if(!RAND_bytes(so->cipher_key, <a class="code" href="ses__prv_8h.html#a33a12">CIPHER_KEY_SIZE</a>));
00120 dbg_err_if(!RAND_pseudo_bytes(so->cipher_iv, <a class="code" href="ses__prv_8h.html#a33a13">CIPHER_IV_SIZE</a>));
00121
00122 <span class="comment">/* create a random key and iv to crypt the KLONE_CIPHER_KEY variable */</span>
00123 dbg_err_if(!RAND_bytes(so-><a class="code" href="structsession__opt__s.html#o5">session_key</a>, <a class="code" href="ses__prv_8h.html#a33a12">CIPHER_KEY_SIZE</a>));
00124 dbg_err_if(!RAND_pseudo_bytes(so-><a class="code" href="structsession__opt__s.html#o6">session_iv</a>, <a class="code" href="ses__prv_8h.html#a33a13">CIPHER_IV_SIZE</a>));
00125
00126 <span class="preprocessor">#endif</span>
00127 <span class="preprocessor"></span> } <span class="comment">/* if "session" exists */</span>
00128
00129 <span class="comment">/* per-type configuration init */</span>
00130 <span class="keywordflow">if</span>(so-><a class="code" href="structsession__opt__s.html#o0">type</a> == SESSION_TYPE_MEMORY)
00131 warn_err_ifm(<a class="code" href="ses__prv_8h.html#a28">session_mem_module_init</a>(c, so),
00132 <span class="stringliteral">"in-memory session engine init error"</span>);
00133 <span class="keywordflow">else</span> <span class="keywordflow">if</span>(so-><a class="code" href="structsession__opt__s.html#o0">type</a> == SESSION_TYPE_FILE)
00134 warn_err_ifm(<a class="code" href="ses__prv_8h.html#a27">session_file_module_init</a>(c, so),
00135 <span class="stringliteral">"file session engine init error"</span>);
00136 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00137 <span class="preprocessor"></span> <span class="keywordflow">else</span> <span class="keywordflow">if</span>(so-><a class="code" href="structsession__opt__s.html#o0">type</a> == SESSION_TYPE_CLIENT)
00138 warn_err_ifm(<a class="code" href="ses__prv_8h.html#a29">session_client_module_init</a>(c, so),
00139 <span class="stringliteral">"client-side session engine init error"</span>);
00140 <span class="preprocessor">#endif</span>
00141 <span class="preprocessor"></span>
00142 *pso = so;
00143
00144 <span class="keywordflow">return</span> 0;
00145 err:
00146 U_FREE(so);
00147 <span class="keywordflow">return</span> ~0;
00148 }
00149
<a name="l00150"></a><a class="code" href="ses__prv_8h.html#a22">00150</a> <span class="keywordtype">int</span> <a class="code" href="ses__prv_8h.html#a22">session_prv_calc_maxsize</a>(<a class="code" href="structvar__s.html">var_t</a> *v, <span class="keywordtype">void</span> *p)
00151 {
00152 <span class="keyword">const</span> <span class="keywordtype">char</span> *value = NULL;
00153 size_t *psz = (size_t*)p;
00154
00155 dbg_err_if (v == NULL);
00156 dbg_err_if (<a class="code" href="group__var__t.html#ga7">var_get_name</a>(v) == NULL);
00157 dbg_err_if (psz == NULL);
00158
00159 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00160 <span class="preprocessor"></span> <span class="keywordflow">if</span>(*psz == 0)
00161 { <span class="comment">/* first time here */</span>
00162 *psz = CODEC_CIPHER_BLOCK_SIZE;
00163 }
00164 <span class="preprocessor">#endif</span>
00165 <span class="preprocessor"></span>
00166 <span class="comment">/* name= */</span>
00167 *psz += 3 * strlen(<a class="code" href="group__var__t.html#ga7">var_get_name</a>(v)) + 3;
00168
00169 <span class="comment">/* value */</span>
00170 <span class="keywordflow">if</span>((value = <a class="code" href="group__var__t.html#ga8">var_get_value</a>(v)) != NULL)
00171 *psz += 3 * strlen(value) + 1; <span class="comment">/* worse case (i.e. longest string) */</span>
00172
00173 <span class="keywordflow">return</span> 0;
00174 err:
00175 <span class="keywordflow">return</span> ~0;
00176 }
00177
<a name="l00178"></a><a class="code" href="ses__prv_8h.html#a24">00178</a> <span class="keywordtype">int</span> <a class="code" href="ses__prv_8h.html#a24">session_prv_load_from_buf</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <span class="keywordtype">char</span> *buf, size_t size)
00179 {
00180 <a class="code" href="structio__s.html">io_t</a> *io = NULL;
00181
00182 dbg_err_if (ss == NULL);
00183 dbg_err_if (buf == NULL);
00184
00185 <span class="comment">/* build an io_t around the buffer */</span>
00186 dbg_err_if(<a class="code" href="io_8h.html#a6">io_mem_create</a>(buf, size, 0, &io));
00187
00188 <span class="comment">/* load data */</span>
00189 dbg_err_if(<a class="code" href="group__session__t.html#ga4">session_prv_load_from_io</a>(ss, io));
00190
00191 <a class="code" href="group__io__t.html#ga12">io_free</a>(io);
00192
00193 <span class="keywordflow">return</span> 0;
00194 err:
00195 <span class="keywordflow">if</span>(io)
00196 <a class="code" href="group__io__t.html#ga12">io_free</a>(io);
00197 <span class="keywordflow">return</span> ~0;
00198 }
00199
<a name="l00200"></a><a class="code" href="ses__prv_8h.html#a23">00200</a> <span class="keywordtype">int</span> <a class="code" href="ses__prv_8h.html#a23">session_prv_save_to_buf</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <span class="keywordtype">char</span> **pbuf, size_t *psz)
00201 {
00202 <a class="code" href="structio__s.html">io_t</a> *io = NULL;
00203 <span class="keywordtype">char</span> *buf = NULL;
00204 size_t sz = 0;
00205
00206 dbg_err_if (ss == NULL);
00207 dbg_err_if (pbuf == NULL);
00208 dbg_err_if (psz == NULL);
00209
00210 <span class="comment">/* calc the maximum session data size (exact calc requires url encoding and</span>
00211 <span class="comment"> codec transformation knowledge) */</span>
00212 <a class="code" href="group__vars__t.html#ga17">vars_foreach</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, <a class="code" href="session_8c.html#a5">session_prv_calc_maxsize</a>, (<span class="keywordtype">void</span>*)&sz);
00213
00214 <span class="comment">/* alloc a big-enough block to save the session data */</span>
00215 buf = u_malloc(sz);
00216 dbg_err_if(buf == NULL);
00217
00218 <span class="comment">/* create a big-enough in-memory io object */</span>
00219 dbg_err_if(<a class="code" href="io_8h.html#a6">io_mem_create</a>(buf, sz, 0, &io));
00220
00221 <span class="comment">/* save the session to the in-memory io */</span>
00222 dbg_err_if(<a class="code" href="group__session__t.html#ga12">session_prv_save_to_io</a>(ss, io));
00223
00224 <span class="comment">/* remove all codecs to get the right size of 'buf'. we need to remove </span>
00225 <span class="comment"> the codecs because some of them buffer data until last codec->flush() </span>
00226 <span class="comment"> is called (and it's not possible to flush codecs without removing them */</span>
00227 dbg_err_if(<a class="code" href="group__io__t.html#ga24">io_codecs_remove</a>(io));
00228
00229 <span class="comment">/* get the number of bytes written to the io (so to 'buf') */</span>
00230 sz = <a class="code" href="group__io__t.html#ga4">io_tell</a>(io);
00231
00232 <a class="code" href="group__io__t.html#ga12">io_free</a>(io);
00233 io = NULL;
00234
00235 *pbuf = buf;
00236 *psz = sz;
00237
00238 <span class="keywordflow">return</span> 0;
00239 err:
00240 <span class="keywordflow">if</span>(io)
00241 <a class="code" href="group__io__t.html#ga12">io_free</a>(io);
00242 U_FREE(buf);
00243 <span class="keywordflow">return</span> ~0;
00244 }
00245
00246 <span class="keyword">static</span> <span class="keywordtype">int</span> session_is_good_id(<span class="keyword">const</span> <span class="keywordtype">char</span> *<span class="keywordtype">id</span>)
00247 {
00248 <span class="keyword">const</span> <span class="keywordtype">char</span> *p;
00249 size_t len;
00250
00251 dbg_return_if (<span class="keywordtype">id</span> == NULL, 0);
00252
00253 dbg_ifb((len = strlen(<span class="keywordtype">id</span>)) != SESSION_ID_LENGTH)
00254 <span class="keywordflow">return</span> 0; <span class="comment">/* wrong length */</span>
00255
00256 <span class="keywordflow">for</span>(p = id; len; --len, ++p)
00257 {
00258 <span class="comment">/* if is hex */</span>
00259 <span class="keywordflow">if</span>(! ((*p >= <span class="charliteral">'A'</span> && *p <= 'F') || (*p >= <span class="charliteral">'a'</span> && *p <= <span class="charliteral">'f'</span>) ||
00260 (*p >= <span class="charliteral">'0'</span> && *p <= <span class="charliteral">'9'</span>)) )
00261 <span class="keywordflow">return</span> 0; <span class="comment">/* not safe */</span>
00262 }
00263
00264 <span class="keywordflow">return</span> 1; <span class="comment">/* good */</span>
00265 }
00266
00267 <span class="keyword">static</span> <span class="keywordtype">int</span> session_set_filename(<a class="code" href="structsession__s.html">session_t</a> *ss)
00268 {
00269 <a class="code" href="structaddr__s.html">addr_t</a> *addr = NULL;
00270
00271 dbg_err_if(strlen(ss-><a class="code" href="structsession__s.html#o4">id</a>) == 0);
00272
00273 dbg_err_if((addr = <a class="code" href="group__request__t.html#ga59">request_get_addr</a>(ss-><a class="code" href="structsession__s.html#o1">rq</a>)) == NULL);
00274 <span class="keywordflow">switch</span>(addr-><a class="code" href="structaddr__s.html#o0">type</a>)
00275 {
00276 <span class="keywordflow">case</span> ADDR_IPV4:
00277 dbg_err_if(u_path_snprintf(ss-><a class="code" href="structsession__s.html#o3">filename</a>, U_FILENAME_MAX,
00278 U_PATH_SEPARATOR, <span class="stringliteral">"%s/klone_sess_%s_%lu"</span>, ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o4">path</a>, ss-><a class="code" href="structsession__s.html#o4">id</a>,
00279 addr-><a class="code" href="structaddr__s.html#o4">sa</a>.<a class="code" href="structaddr__s.html#o1">sin</a>.sin_addr));
00280 <span class="keywordflow">break</span>;
00281 <span class="keywordflow">case</span> ADDR_IPV6:
00282 <span class="comment">/* FIXME: add ipv6 address in session filename */</span>
00283 dbg_err_if(u_path_snprintf(ss-><a class="code" href="structsession__s.html#o3">filename</a>, U_FILENAME_MAX,
00284 U_PATH_SEPARATOR, <span class="stringliteral">"%s/klone_sess_%s"</span>, ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o4">path</a>, ss-><a class="code" href="structsession__s.html#o4">id</a>));
00285 <span class="keywordflow">break</span>;
00286 <span class="preprocessor">#ifdef OS_UNIX</span>
00287 <span class="preprocessor"></span> <span class="keywordflow">case</span> ADDR_UNIX:
00288 <span class="comment">/* FIXME: add unix address in session filename */</span>
00289 dbg_err_if(u_path_snprintf(ss-><a class="code" href="structsession__s.html#o3">filename</a>, U_FILENAME_MAX,
00290 U_PATH_SEPARATOR, <span class="stringliteral">"%s/klone_sess_%s"</span>, ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o4">path</a>, ss-><a class="code" href="structsession__s.html#o4">id</a>));
00291 <span class="keywordflow">break</span>;
00292 <span class="preprocessor">#endif</span>
00293 <span class="preprocessor"></span> }
00294
00295 <span class="keywordflow">return</span> 0;
00296 err:
00297 <span class="keywordflow">return</span> 0;
00298 }
00299
00300 <span class="keyword">static</span> <span class="keywordtype">int</span> session_gen_id(<a class="code" href="structsession__s.html">session_t</a> *ss)
00301 {
00302 <span class="keyword">enum</span> { BUFSZ = 256 };
00303 <span class="keywordtype">char</span> buf[BUFSZ];
00304 <span class="keyword">struct </span>timeval tv;
00305
00306 dbg_err_if (ss == NULL);
00307
00308 <span class="comment">/* gen a new one */</span>
00309 gettimeofday(&tv, NULL);
00310
00311 dbg_err_if(u_snprintf(buf, BUFSZ, <span class="stringliteral">"%lu%d%lu%d"</span>, tv.tv_sec, getpid(),
00312 tv.tv_usec, rand()));
00313
00314 <span class="comment">/* return the md5 (in hex) buf */</span>
00315 dbg_err_if(<a class="code" href="group__u__t.html#ga38">u_md5</a>(buf, strlen(buf), ss-><a class="code" href="structsession__s.html#o4">id</a>));
00316
00317 <span class="comment">/* remove previous sid if any */</span>
00318 dbg_err_if(<a class="code" href="group__response__t.html#ga3">response_set_cookie</a>(ss-><a class="code" href="structsession__s.html#o2">rs</a>, SID_NAME, NULL, 0, NULL, NULL, 0));
00319
00320 <span class="comment">/* set the cookie ID */</span>
00321 dbg_err_if(<a class="code" href="group__response__t.html#ga3">response_set_cookie</a>(ss-><a class="code" href="structsession__s.html#o2">rs</a>, SID_NAME, ss-><a class="code" href="structsession__s.html#o4">id</a>, 0, NULL,
00322 NULL, 0));
00323
00324 <span class="keywordflow">return</span> 0;
00325 err:
00326 <span class="keywordflow">return</span> ~0;
00327 }
00328
<a name="l00329"></a><a class="code" href="session_8c.html#a11">00329</a> <span class="keywordtype">int</span> <a class="code" href="session_8c.html#a11">session_priv_set_id</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <span class="keyword">const</span> <span class="keywordtype">char</span> *sid)
00330 {
00331 <span class="comment">/* set or generate a session id */</span>
00332 <span class="keywordflow">if</span>(sid && session_is_good_id(sid))
00333 {
00334 dbg_err_if(u_snprintf(ss-><a class="code" href="structsession__s.html#o4">id</a>, <a class="code" href="ses__prv_8h.html#a32a10">SESSION_ID_BUFSZ</a>, <span class="stringliteral">"%s"</span>, sid));
00335 ss-><a class="code" href="structsession__s.html#o4">id</a>[<a class="code" href="ses__prv_8h.html#a32a10">SESSION_ID_BUFSZ</a>-1] = 0;
00336 } <span class="keywordflow">else</span>
00337 dbg_err_if(session_gen_id(ss));
00338
00339 <span class="comment">/* set the filename accordingly */</span>
00340 dbg_err_if(session_set_filename(ss));
00341
00342 <span class="keywordflow">return</span> 0;
00343 err:
00344 <span class="keywordflow">return</span> ~0;
00345 }
00346
<a name="l00353"></a><a class="code" href="group__session__t.html#ga0">00353</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga0">session_load</a>(<a class="code" href="structsession__s.html">session_t</a> *ss)
00354 {
00355 dbg_return_if (ss == NULL, ~0);
00356 dbg_return_if (ss-><a class="code" href="structsession__s.html#o7">load</a> == NULL, ~0);
00357
00358 <span class="keywordflow">return</span> ss-><a class="code" href="structsession__s.html#o7">load</a>(ss);
00359 }
00360
<a name="l00361"></a><a class="code" href="group__session__t.html#ga1">00361</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga1">session_save</a>(<a class="code" href="structsession__s.html">session_t</a> *ss)
00362 {
00363 dbg_err_if (ss == NULL);
00364 dbg_err_if (ss-><a class="code" href="structsession__s.html#o8">save</a> == NULL);
00365
00366 <span class="keywordflow">if</span>(<a class="code" href="group__vars__t.html#ga6">vars_count</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>) == 0)
00367 <span class="keywordflow">return</span> 0; <span class="comment">/* nothing to save */</span>
00368
00369 <span class="keywordflow">if</span>(!strlen(ss-><a class="code" href="structsession__s.html#o4">id</a>))
00370 {
00371 <span class="comment">/* generate a new SID and set session filename accordingly */</span>
00372 dbg_err_if(<a class="code" href="session_8c.html#a11">session_priv_set_id</a>(ss, NULL));
00373 }
00374
00375 <span class="keywordflow">return</span> ss-><a class="code" href="structsession__s.html#o8">save</a>(ss);
00376 err:
00377 <span class="keywordflow">return</span> ~0;
00378 }
00379
<a name="l00380"></a><a class="code" href="group__session__t.html#ga2">00380</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga2">session_remove</a>(<a class="code" href="structsession__s.html">session_t</a> *ss)
00381 {
00382 dbg_return_if (ss == NULL, ~0);
00383 dbg_return_if (ss-><a class="code" href="structsession__s.html#o9">remove</a> == NULL, ~0);
00384
00385 ss-><a class="code" href="structsession__s.html#o5">removed</a> = 1;
00386
00387 <span class="keywordflow">return</span> ss-><a class="code" href="structsession__s.html#o9">remove</a>(ss);
00388 }
00389
<a name="l00390"></a><a class="code" href="group__session__t.html#ga3">00390</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga3">session_prv_init</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <a class="code" href="request_8h.html#a0">request_t</a> *rq, <a class="code" href="response_8h.html#a0">response_t</a> *rs)
00391 {
00392 <span class="keyword">const</span> <span class="keywordtype">char</span> *sid;
00393
00394 dbg_err_if (ss == NULL);
00395 dbg_err_if (rq == NULL);
00396 dbg_err_if (rs == NULL);
00397
00398 dbg_err_if(<a class="code" href="group__vars__t.html#ga1">vars_create</a>(&ss-><a class="code" href="structsession__s.html#o0">vars</a>));
00399
00400 ss-><a class="code" href="structsession__s.html#o1">rq</a> = rq;
00401 ss-><a class="code" href="structsession__s.html#o2">rs</a> = rs;
00402
00403 <span class="comment">/* if the client has a SID set and it's a good one then use it */</span>
00404 sid = <a class="code" href="group__request__t.html#ga3">request_get_cookie</a>(ss-><a class="code" href="structsession__s.html#o1">rq</a>, SID_NAME);
00405 <span class="keywordflow">if</span>(sid)
00406 dbg_err_if(<a class="code" href="session_8c.html#a11">session_priv_set_id</a>(ss, sid));
00407
00408 <span class="keywordflow">return</span> 0;
00409 err:
00410 <span class="keywordflow">return</span> ~0;
00411 }
00412
<a name="l00413"></a><a class="code" href="group__session__t.html#ga4">00413</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga4">session_prv_load_from_io</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <a class="code" href="structio__s.html">io_t</a> *io)
00414 {
00415 u_string_t *line = NULL;
00416 <a class="code" href="structvar__s.html">var_t</a> *v = NULL;
00417 <a class="code" href="structcodec__s.html">codec_t</a> *unzip = NULL, *decrypt = NULL;
00418 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> key[CODEC_CIPHER_KEY_SIZE];
00419 size_t ksz;
00420
00421 dbg_return_if (ss == NULL, ~0);
00422 dbg_return_if (io == NULL, ~0);
00423
00424 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00425 <span class="preprocessor"></span> <span class="keywordflow">if</span>(ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o2">encrypt</a>)
00426 {
00427 dbg_err_if(<a class="code" href="group__codec__t.html#ga2">codec_cipher_create</a>(CIPHER_DECRYPT, ss-><a class="code" href="structsession__s.html#o11">so</a>->cipher,
00428 ss-><a class="code" href="structsession__s.html#o11">so</a>->cipher_key, ss-><a class="code" href="structsession__s.html#o11">so</a>->cipher_iv, &decrypt));
00429 dbg_err_if(<a class="code" href="group__io__t.html#ga23">io_codec_add_tail</a>(io, decrypt));
00430 decrypt = NULL; <span class="comment">/* io_t owns it after io_codec_add_tail */</span>
00431 }
00432 <span class="preprocessor">#else</span>
00433 <span class="preprocessor"></span> u_unused_args(key, ksz);
00434 <span class="preprocessor">#endif</span>
00435 <span class="preprocessor"></span>
00436 <span class="preprocessor">#ifdef HAVE_LIBZ</span>
00437 <span class="preprocessor"></span> <span class="keywordflow">if</span>(ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o3">compress</a>)
00438 {
00439 dbg_err_if(<a class="code" href="group__codec__t.html#ga7">codec_gzip_create</a>(<a class="code" href="cgzip_8h.html#a3a1">GZIP_UNCOMPRESS</a>, &unzip));
00440 dbg_err_if(<a class="code" href="group__io__t.html#ga23">io_codec_add_tail</a>(io, unzip));
00441 unzip = NULL; <span class="comment">/* io_t owns it after io_codec_add_tail */</span>
00442 }
00443 <span class="preprocessor">#endif</span>
00444 <span class="preprocessor"></span>
00445 dbg_err_if(u_string_create(NULL, 0, &line));
00446
00447 <span class="keywordflow">while</span>(<a class="code" href="group__u__t.html#ga33">u_getline</a>(io, line) == 0)
00448 {
00449 <span class="keywordflow">if</span>(u_string_len(line))
00450 {
00451 dbg_err_if(<a class="code" href="group__vars__t.html#ga8">vars_add_urlvar</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, u_string_c(line), &v));
00452
00453 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00454 <span class="preprocessor"></span> <span class="keywordflow">if</span>(!strcmp(<a class="code" href="group__var__t.html#ga7">var_get_name</a>(v), <span class="stringliteral">"KLONE_CIPHER_KEY"</span>))
00455 {
00456 <span class="comment">/* decrypt key and save it to key */</span>
00457 memset(key, 0, <span class="keyword">sizeof</span>(key));
00458 dbg_ifb(u_cipher_decrypt(EVP_aes_256_cbc(), ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o5">session_key</a>,
00459 ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o6">session_iv</a>, key, &ksz,
00460 <a class="code" href="group__var__t.html#ga8">var_get_value</a>(v), <a class="code" href="group__var__t.html#ga9">var_get_value_size</a>(v)))
00461 {
00462 v = <a class="code" href="group__vars__t.html#ga11">vars_get</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, <span class="stringliteral">"KLONE_CIPHER_KEY"</span>);
00463 <a class="code" href="group__vars__t.html#ga4">vars_del</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, v);
00464 } <span class="keywordflow">else</span> {
00465 <span class="comment">/* save it to the var list */</span>
00466 dbg_err_if(<a class="code" href="group__var__t.html#ga13">var_set_bin_value</a>(v, key, ksz));
00467 }
00468 }
00469 <span class="preprocessor">#endif</span>
00470 <span class="preprocessor"></span> }
00471 }
00472
00473 <span class="comment">/* remove set codecs and flush */</span>
00474 <a class="code" href="group__io__t.html#ga24">io_codecs_remove</a>(io);
00475
00476 u_string_free(line);
00477
00478 <span class="keywordflow">return</span> 0;
00479 err:
00480 <span class="keywordflow">if</span>(io)
00481 <a class="code" href="group__io__t.html#ga24">io_codecs_remove</a>(io);
00482 <span class="keywordflow">if</span>(decrypt)
00483 <a class="code" href="group__codec__t.html#ga3">codec_free</a>(decrypt);
00484 <span class="keywordflow">if</span>(unzip)
00485 <a class="code" href="group__codec__t.html#ga3">codec_free</a>(unzip);
00486 <span class="keywordflow">if</span>(line)
00487 u_string_free(line);
00488 <span class="keywordflow">return</span> ~0;
00489 }
00490
<a name="l00491"></a><a class="code" href="group__session__t.html#ga5">00491</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga5">session_free</a>(<a class="code" href="structsession__s.html">session_t</a> *ss)
00492 {
00493 <span class="keywordflow">if</span> (ss)
00494 {
00495 <span class="keywordflow">if</span>(!ss-><a class="code" href="structsession__s.html#o5">removed</a>)
00496 dbg_if(<a class="code" href="group__session__t.html#ga1">session_save</a>(ss));
00497
00498 <span class="comment">/* driver cleanup */</span>
00499 dbg_if(ss-><a class="code" href="structsession__s.html#o10">term</a>(ss));
00500
00501 <span class="keywordflow">if</span>(ss-><a class="code" href="structsession__s.html#o0">vars</a>)
00502 <a class="code" href="group__vars__t.html#ga2">vars_free</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>);
00503
00504 U_FREE(ss);
00505 }
00506
00507 <span class="keywordflow">return</span> 0;
00508 }
00509
<a name="l00519"></a><a class="code" href="group__session__t.html#ga6">00519</a> <a class="code" href="vars_8h.html#a0">vars_t</a> *<a class="code" href="group__session__t.html#ga6">session_get_vars</a>(<a class="code" href="structsession__s.html">session_t</a> *ss)
00520 {
00521 dbg_return_if (ss == NULL, NULL);
00522
00523 <span class="keywordflow">return</span> ss-><a class="code" href="structsession__s.html#o0">vars</a>;
00524 }
00525
<a name="l00537"></a><a class="code" href="group__session__t.html#ga7">00537</a> <span class="keyword">const</span> <span class="keywordtype">char</span> *<a class="code" href="group__session__t.html#ga7">session_get</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <span class="keyword">const</span> <span class="keywordtype">char</span> *name)
00538 {
00539 <a class="code" href="structvar__s.html">var_t</a> *v;
00540
00541 dbg_return_if (ss == NULL, NULL);
00542 dbg_return_if (name == NULL, NULL);
00543
00544 v = <a class="code" href="group__vars__t.html#ga11">vars_get</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, name);
00545 <span class="keywordflow">return</span> v ? <a class="code" href="group__var__t.html#ga8">var_get_value</a>(v): NULL;
00546 }
00547
<a name="l00559"></a><a class="code" href="group__session__t.html#ga8">00559</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga8">session_set</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <span class="keyword">const</span> <span class="keywordtype">char</span> *name, <span class="keyword">const</span> <span class="keywordtype">char</span> *value)
00560 {
00561 <a class="code" href="structvar__s.html">var_t</a> *v = NULL;
00562
00563 dbg_err_if (ss == NULL);
00564 dbg_err_if (name == NULL);
00565 dbg_err_if (value == NULL);
00566 dbg_err_if (strlen(name) == 0);
00567
00568 <span class="keywordflow">if</span>((v = <a class="code" href="group__vars__t.html#ga11">vars_get</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, name)) == NULL)
00569 {
00570 <span class="comment">/* add a new session variable */</span>
00571 dbg_err_if(<a class="code" href="group__var__t.html#ga5">var_create</a>(name, value, &v));
00572
00573 dbg_err_if(<a class="code" href="group__vars__t.html#ga3">vars_add</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, v));
00574 } <span class="keywordflow">else</span> {
00575 <span class="comment">/* update an existing var */</span>
00576 dbg_ifb(<a class="code" href="group__var__t.html#ga12">var_set_value</a>(v, value))
00577 <span class="keywordflow">return</span> ~0;
00578 }
00579
00580 <span class="keywordflow">return</span> 0;
00581 err:
00582 <span class="keywordflow">if</span>(v)
00583 <a class="code" href="group__var__t.html#ga6">var_free</a>(v);
00584 <span class="keywordflow">return</span> ~0;
00585 }
00586
<a name="l00598"></a><a class="code" href="group__session__t.html#ga9">00598</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga9">session_age</a>(<a class="code" href="structsession__s.html">session_t</a> *ss)
00599 {
00600 time_t now;
00601
00602 dbg_return_if (ss == NULL, -1);
00603
00604 now = time(0);
00605
00606 <span class="comment">/* ss->mtime must has been set into session_X_create funcs */</span>
00607 <span class="keywordflow">return</span> (int)(now - ss-><a class="code" href="structsession__s.html#o6">mtime</a>); <span class="comment">/* in seconds */</span>
00608 }
00609
<a name="l00619"></a><a class="code" href="group__session__t.html#ga10">00619</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga10">session_clean</a>(<a class="code" href="structsession__s.html">session_t</a> *ss)
00620 {
00621 <a class="code" href="structvar__s.html">var_t</a> *v = NULL;
00622
00623 dbg_err_if (ss == NULL);
00624
00625 <span class="keywordflow">while</span>((v = <a class="code" href="group__vars__t.html#ga5">vars_getn</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, 0)) != NULL)
00626 {
00627 dbg_err_if(<a class="code" href="group__vars__t.html#ga4">vars_del</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, v));
00628 <a class="code" href="group__var__t.html#ga6">var_free</a>(v);
00629 }
00630
00631 <span class="keywordflow">return</span> 0;
00632 err:
00633 <span class="keywordflow">return</span> ~0;
00634 }
00635
<a name="l00648"></a><a class="code" href="group__session__t.html#ga11">00648</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga11">session_del</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <span class="keyword">const</span> <span class="keywordtype">char</span> *name)
00649 {
00650 <a class="code" href="structvar__s.html">var_t</a> *v = NULL;
00651
00652 dbg_err_if (ss == NULL);
00653 dbg_err_if (name == NULL);
00654
00655 dbg_err_if((v = <a class="code" href="group__vars__t.html#ga11">vars_get</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, name)) == NULL);
00656 dbg_err_if(<a class="code" href="group__vars__t.html#ga4">vars_del</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, v));
00657 <a class="code" href="group__var__t.html#ga6">var_free</a>(v);
00658
00659 <span class="keywordflow">return</span> 0;
00660 err:
00661 <span class="keywordflow">return</span> ~0;
00662 }
00663
<a name="l00664"></a><a class="code" href="group__session__t.html#ga12">00664</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga12">session_prv_save_to_io</a>(<a class="code" href="structsession__s.html">session_t</a> *ss, <a class="code" href="structio__s.html">io_t</a> *out)
00665 {
00666 <a class="code" href="session_8c.html#a1">save_cb_params_t</a> prm;
00667 <a class="code" href="structcodec__s.html">codec_t</a> *zip = NULL, *cencrypt = NULL;
00668
00669 dbg_err_if (ss == NULL);
00670 dbg_err_if (out == NULL);
00671
00672 <span class="preprocessor">#ifdef HAVE_LIBZ</span>
00673 <span class="preprocessor"></span> <span class="keywordflow">if</span>(ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o3">compress</a>)
00674 {
00675 dbg_err_if(<a class="code" href="group__codec__t.html#ga7">codec_gzip_create</a>(<a class="code" href="cgzip_8h.html#a3a0">GZIP_COMPRESS</a>, &zip));
00676 dbg_err_if(<a class="code" href="group__io__t.html#ga23">io_codec_add_tail</a>(out, zip));
00677 zip = NULL; <span class="comment">/* io_t owns it after io_codec_add_tail */</span>
00678 }
00679 <span class="preprocessor">#endif</span>
00680 <span class="preprocessor"></span>
00681 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00682 <span class="preprocessor"></span> <span class="keywordflow">if</span>(ss-><a class="code" href="structsession__s.html#o11">so</a>-><a class="code" href="structsession__opt__s.html#o2">encrypt</a>)
00683 {
00684 dbg_err_if(<a class="code" href="group__codec__t.html#ga2">codec_cipher_create</a>(CIPHER_ENCRYPT, ss-><a class="code" href="structsession__s.html#o11">so</a>->cipher,
00685 ss-><a class="code" href="structsession__s.html#o11">so</a>->cipher_key, ss-><a class="code" href="structsession__s.html#o11">so</a>->cipher_iv, &cencrypt));
00686 dbg_err_if(<a class="code" href="group__io__t.html#ga23">io_codec_add_tail</a>(out, cencrypt));
00687 cencrypt = NULL; <span class="comment">/* io_t owns it after io_codec_add_tail */</span>
00688 }
00689 <span class="preprocessor">#endif</span>
00690 <span class="preprocessor"></span>
00691 <span class="comment">/* pass io and session poiters to the callback function */</span>
00692 prm.io = out;
00693 prm.ss = ss;
00694
00695 <a class="code" href="group__vars__t.html#ga17">vars_foreach</a>(ss-><a class="code" href="structsession__s.html#o0">vars</a>, <a class="code" href="group__session__t.html#ga13">session_prv_save_var</a>, (<span class="keywordtype">void</span>*)&prm);
00696
00697 <span class="comment">/* remove all codecs and flush */</span>
00698 <a class="code" href="group__io__t.html#ga24">io_codecs_remove</a>(out);
00699
00700 <span class="keywordflow">return</span> 0;
00701 err:
00702 <span class="keywordflow">if</span>(out)
00703 <a class="code" href="group__io__t.html#ga24">io_codecs_remove</a>(out);
00704 <span class="keywordflow">if</span>(zip)
00705 <a class="code" href="group__codec__t.html#ga3">codec_free</a>(zip);
00706 <span class="keywordflow">if</span>(cencrypt)
00707 <a class="code" href="group__codec__t.html#ga3">codec_free</a>(cencrypt);
00708 <span class="keywordflow">return</span> ~0;
00709 }
00710
00711 <span class="comment">/* save a var_t (text or binary) to the session io_t */</span>
<a name="l00712"></a><a class="code" href="group__session__t.html#ga13">00712</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga13">session_prv_save_var</a>(<a class="code" href="structvar__s.html">var_t</a> *v, <span class="keywordtype">void</span> *vp)
00713 {
00714 <span class="keyword">enum</span> { NAMESZ = 256, VALSZ = 4096 };
00715 <span class="keywordtype">char</span> sname[NAMESZ], svalue[VALSZ];
00716 <span class="keywordtype">char</span> *uname = sname, *uvalue = svalue;
00717 <a class="code" href="session_8c.html#a1">save_cb_params_t</a> *pprm = (<a class="code" href="session_8c.html#a1">save_cb_params_t</a>*)vp;
00718 <span class="comment">/* encrypted key buffer */</span>
00719 <span class="keywordtype">unsigned</span> <span class="keywordtype">char</span> ekey[<a class="code" href="ccipher_8h.html#a3a0">CODEC_CIPHER_KEY_SIZE</a> + <a class="code" href="ccipher_8h.html#a3a2">CODEC_CIPHER_BLOCK_SIZE</a> + 1];
00720 size_t eksz, nsz, vsz;
00721 <span class="keywordtype">int</span> rc = ~0;
00722
00723 dbg_err_if (v == NULL);
00724 <span class="comment">/* dbg_err_if (vp == NULL); */</span>
00725
00726 <span class="comment">/* buffers must be at least three times the src data to URL-encode */</span>
00727 nsz = 1 + 3 * strlen(<a class="code" href="group__var__t.html#ga7">var_get_name</a>(v)); <span class="comment">/* name buffer size */</span>
00728 vsz = 1 + 3 * <a class="code" href="group__var__t.html#ga9">var_get_value_size</a>(v); <span class="comment">/* value buffer size */</span>
00729
00730 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00731 <span class="preprocessor"></span> vsz += CODEC_CIPHER_BLOCK_SIZE; <span class="comment">/* encryption may enlarge the content up </span>
00732 <span class="comment"> to CODEC_CIPHER_BLOCK_SIZE -1 */</span>
00733 <span class="preprocessor">#else</span>
00734 <span class="preprocessor"></span> u_unused_args(ekey, eksz);
00735 <span class="preprocessor">#endif</span>
00736 <span class="preprocessor"></span>
00737 <span class="comment">/* if the buffer on the stack is too small alloc a bigger one */</span>
00738 <span class="keywordflow">if</span>(NAMESZ <= nsz)
00739 dbg_err_if((uname = u_zalloc(nsz)) == NULL);
00740
00741 <span class="comment">/* url encode name */</span>
00742 dbg_err_if(<a class="code" href="group__u__t.html#ga19">u_urlncpy</a>(uname, <a class="code" href="group__var__t.html#ga7">var_get_name</a>(v), strlen(<a class="code" href="group__var__t.html#ga7">var_get_name</a>(v)),
00743 <a class="code" href="utils_8h.html#a50a7">URLCPY_ENCODE</a>) <= 0);
00744
00745 <span class="keywordflow">if</span>(<a class="code" href="group__var__t.html#ga8">var_get_value</a>(v))
00746 {
00747 <span class="comment">/* if the buffer on the stack is too small alloc a bigger one */</span>
00748 <span class="keywordflow">if</span>(VALSZ <= vsz)
00749 dbg_err_if((uvalue = u_zalloc(vsz)) == NULL);
00750
00751 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00752 <span class="preprocessor"></span> <span class="keywordflow">if</span>(!strcmp(<a class="code" href="group__var__t.html#ga7">var_get_name</a>(v), <span class="stringliteral">"KLONE_CIPHER_KEY"</span>))
00753 {
00754 <span class="comment">/* encrypt key and save it to ekey */</span>
00755 dbg_err_if(u_cipher_encrypt(EVP_aes_256_cbc(),
00756 pprm->ss->so->session_key, pprm->ss->so->session_iv,
00757 ekey, &eksz, <a class="code" href="group__var__t.html#ga8">var_get_value</a>(v), <a class="code" href="group__var__t.html#ga9">var_get_value_size</a>(v)));
00758
00759 <span class="comment">/* save it to the var list */</span>
00760 dbg_err_if(<a class="code" href="group__var__t.html#ga13">var_set_bin_value</a>(v, ekey, eksz));
00761 }
00762 <span class="preprocessor">#endif</span>
00763 <span class="preprocessor"></span>
00764 dbg_err_if(<a class="code" href="group__u__t.html#ga19">u_urlncpy</a>(uvalue, <a class="code" href="group__var__t.html#ga8">var_get_value</a>(v), <a class="code" href="group__var__t.html#ga9">var_get_value_size</a>(v),
00765 <a class="code" href="utils_8h.html#a50a7">URLCPY_ENCODE</a>) <= 0);
00766
00767 dbg_err_if(<a class="code" href="group__io__t.html#ga15">io_printf</a>(pprm->io, <span class="stringliteral">"%s=%s\n"</span>, uname, uvalue) < 0);
00768 } <span class="keywordflow">else</span>
00769 dbg_err_if(<a class="code" href="group__io__t.html#ga15">io_printf</a>(pprm->io, <span class="stringliteral">"%s=\n"</span>, uname) < 0);
00770
00771 rc = 0; <span class="comment">/* success */</span>
00772 err:
00773 <span class="comment">/* free heap buffers */</span>
00774 <span class="keywordflow">if</span>(uname && uname != sname)
00775 U_FREE(uname);
00776
00777 <span class="keywordflow">if</span>(uvalue && uvalue != svalue)
00778 U_FREE(uvalue);
00779
00780 <span class="keywordflow">return</span> rc;
00781 }
00782
<a name="l00783"></a><a class="code" href="group__session__t.html#ga14">00783</a> <span class="keywordtype">int</span> <a class="code" href="group__session__t.html#ga14">session_create</a>(<a class="code" href="structsession__opt__s.html">session_opt_t</a> *so, <a class="code" href="request_8h.html#a0">request_t</a> *rq, <a class="code" href="response_8h.html#a0">response_t</a> *rs,
00784 <a class="code" href="structsession__s.html">session_t</a> **pss)
00785 {
00786 <a class="code" href="structsession__s.html">session_t</a> *ss = NULL;
00787
00788 dbg_err_if (so == NULL);
00789 dbg_err_if (rq == NULL);
00790 dbg_err_if (rs == NULL);
00791 dbg_err_if (pss == NULL);
00792
00793 <span class="keywordflow">switch</span>(so-><a class="code" href="structsession__opt__s.html#o0">type</a>)
00794 {
00795 <span class="keywordflow">case</span> <a class="code" href="ses__prv_8h.html#a31a6">SESSION_TYPE_FILE</a>:
00796 dbg_err_if(<a class="code" href="ses__prv_8h.html#a16">session_file_create</a>(so, rq, rs, &ss));
00797 <span class="keywordflow">break</span>;
00798 <span class="keywordflow">case</span> <a class="code" href="ses__prv_8h.html#a31a7">SESSION_TYPE_MEMORY</a>:
00799 dbg_err_if(<a class="code" href="ses__prv_8h.html#a17">session_mem_create</a>(so, rq, rs, &ss));
00800 <span class="keywordflow">break</span>;
00801 <span class="preprocessor">#ifdef HAVE_LIBOPENSSL</span>
00802 <span class="preprocessor"></span> <span class="keywordflow">case</span> <a class="code" href="ses__prv_8h.html#a31a8">SESSION_TYPE_CLIENT</a>:
00803 dbg_err_if(<a class="code" href="ses__prv_8h.html#a15">session_client_create</a>(so, rq, rs, &ss));
00804 <span class="keywordflow">break</span>;
00805 <span class="preprocessor">#endif</span>
00806 <span class="preprocessor"></span> <span class="keywordflow">default</span>:
00807 warn_err(<span class="stringliteral">"bad session type"</span>);
00808 }
00809
00810 <span class="comment">/* may fail if the session does not exist */</span>
00811 <a class="code" href="group__session__t.html#ga0">session_load</a>(ss);
00812
00813 dbg_ifb(<a class="code" href="group__session__t.html#ga9">session_age</a>(ss) > so-><a class="code" href="structsession__opt__s.html#o1">max_age</a>)
00814 {
00815 <a class="code" href="group__session__t.html#ga10">session_clean</a>(ss); <span class="comment">/* remove all session variables */</span>
00816 <a class="code" href="group__session__t.html#ga2">session_remove</a>(ss); <span class="comment">/* remove the session itself */</span>
00817 }
00818
00819 *pss = ss;
00820
00821 <span class="keywordflow">return</span> 0;
00822 err:
00823 <span class="keywordflow">if</span>(ss)
00824 <a class="code" href="group__session__t.html#ga5">session_free</a>(ss);
00825 <span class="keywordflow">return</span> ~0;
00826 }
00827
</pre></div><hr>
<div>
<div style="text-align:left">
<a href="http://www.koanlogic.com/kl/cont/gb/html/products.html">←Products</a>
</div>
<div style="text-align:center;">
© 2005-2006 - <a href="http://www.koanlogic.com">KoanLogic S.r.l.</a> - All rights reserved
</div>
</div>
</body>
</html>
|
