Changeset c055502 in mod_gnutls for src


Ignore:
Timestamp:
Dec 9, 2007, 6:12:23 AM (12 years ago)
Author:
Nokis Mavrogiannopoulos <nmav@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, msva, upstream
Children:
c223c85
Parents:
ae4a2b0
git-author:
Nikos Mavrogiannopoulos <nmav@…> (12/09/07 06:12:23)
git-committer:
Nokis Mavrogiannopoulos <nmav@…> (12/09/07 06:12:23)
Message:

Do not allow resuming sessions on different servers.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src/gnutls_cache.c

    rae4a2b0 rc055502  
    3535
    3636#define MC_TAG "mod_gnutls:"
    37 #define MC_TAG_LEN \
    38     (sizeof(MC_TAG))
     37#define MC_TAG_LEN sizeof(MC_TAG)
    3938#define STR_SESSION_LEN (GNUTLS_SESSION_ID_STRING_LEN + MC_TAG_LEN)
    4039
    41 #if 0
    42 static char *gnutls_session_id2sz(unsigned char *id, int idlen,
     40char *mgs_session_id2sz(unsigned char *id, int idlen,
    4341                               char *str, int strsize)
    4442{
    4543    char *cp;
    4644    int n;
    47  
    48     cp = apr_cpystrn(str, MC_TAG, MC_TAG_LEN);
     45
     46    cp = str;
    4947    for (n = 0; n < idlen && n < GNUTLS_MAX_SESSION_ID; n++) {
    5048        apr_snprintf(cp, strsize - (cp-str), "%02X", id[n]);
     
    5452    return str;
    5553}
    56 #endif
     54
     55
     56/* Name the Session ID as:
     57 * IP:port.SessionID
     58 * to disallow resuming sessions on different servers
     59 */
     60static int mgs_session_id2dbm(conn_rec* c, unsigned char *id, int idlen,
     61                               apr_datum_t* dbmkey)
     62{
     63char buf[STR_SESSION_LEN];
     64char *sz;
     65   
     66    sz = mgs_session_id2sz(id, idlen, buf, sizeof(buf));
     67    if (sz == NULL)
     68      return -1;
     69     
     70    dbmkey->dptr = apr_psprintf(c->pool, "%s:%d.%s", c->local_ip, c->base_server->port, sz);
     71    dbmkey->dsize = strlen( dbmkey->dptr);
     72   
     73    return 0;
     74}
    5775
    5876#define CTIME "%b %d %k:%M:%S %Y %Z"
     
    7189}
    7290
    73 char *mgs_session_id2sz(unsigned char *id, int idlen,
    74                                char *str, int strsize)
    75 {
    76     char *cp;
    77     int n;
    78    
    79     cp = str;
    80     for (n = 0; n < idlen && n < GNUTLS_MAX_SESSION_ID; n++) {
    81         apr_snprintf(cp, strsize - (cp-str), "%02X", id[n]);
    82         cp += 2;
    83     }
    84     *cp = '\0';
    85     return str;
    86 }
    87 
    88 
    8991#if HAVE_APR_MEMCACHE
     92/* Name the Session ID as:
     93 * IP:port.SessionID
     94 * to disallow resuming sessions on different servers
     95 */
     96static char* mgs_session_id2mc(conn_rec* c, unsigned char *id, int idlen)
     97{
     98char buf[STR_SESSION_LEN];
     99char *sz;
     100   
     101    sz = mgs_session_id2sz(id, idlen, buf, sizeof(buf));
     102    if (sz == NULL)
     103      return NULL;
     104     
     105    return apr_psprintf(c->pool, MC_TAG"%s:%d.%s", c->local_ip, c->base_server->port, sz);
     106}
    90107
    91108/**
     
    185202    apr_status_t rv = APR_SUCCESS;
    186203    mgs_handle_t *ctxt = baton;
    187     char buf[STR_SESSION_LEN];
    188204    char* strkey = NULL;
    189205    apr_uint32_t timeout;
    190206
    191     strkey = gnutls_session_id2sz(key.data, key.size, buf, sizeof(buf));
     207    strkey = mgs_session_id2mc(ctxt->c, key.data, key.size);
    192208    if(!strkey)
    193209        return -1;
     
    212228    apr_status_t rv = APR_SUCCESS;
    213229    mgs_handle_t *ctxt = baton;
    214     char buf[STR_SESSION_LEN];
    215230    char* strkey = NULL;
    216231    char* value;
     
    218233    gnutls_datum_t data = { NULL, 0 };
    219234
    220     strkey = gnutls_session_id2sz(key.data, key.size, buf, sizeof(buf));
     235    strkey = mgs_session_id2mc(ctxt->c, key.data, key.size);
    221236    if (!strkey) {
    222237        return data;
     
    253268    apr_status_t rv = APR_SUCCESS;
    254269    mgs_handle_t *ctxt = baton;
    255     char buf[STR_SESSION_LEN];
    256270    char* strkey = NULL;
    257271
    258     strkey = gnutls_session_id2sz(key.data, key.size, buf, sizeof(buf));
     272    strkey = mgs_session_id2mc(ctxt->c, key.data, key.size);
    259273    if(!strkey)
    260274        return -1;
     
    367381    apr_status_t rv;
    368382
    369     dbmkey.dptr  = (void*)key.data;
    370     dbmkey.dsize = key.size;
     383    if (mgs_session_id2dbm(ctxt->c, key.data, key.size, &dbmkey) < 0)
     384        return data;
    371385
    372386    rv = apr_dbm_open(&dbm, ctxt->sc->cache_config,
     
    414428    apr_status_t rv;
    415429    apr_time_t expiry;
    416    
    417     dbmkey.dptr  = (char *)key.data;
    418     dbmkey.dsize = key.size;
     430
     431    if (mgs_session_id2dbm(ctxt->c, key.data, key.size, &dbmkey) < 0)
     432        return -1;
    419433
    420434    /* create DBM value */
     
    468482    mgs_handle_t *ctxt = baton;
    469483    apr_status_t rv;
    470    
    471     dbmkey.dptr  = (char *)key.data;
    472     dbmkey.dsize = key.size;
     484
     485    if (mgs_session_id2dbm(ctxt->c, key.data, key.size, &dbmkey) < 0)
     486        return -1;
    473487
    474488    rv = apr_dbm_open(&dbm, ctxt->sc->cache_config,
Note: See TracChangeset for help on using the changeset viewer.