Attachment #33187 for bug #57300

View | Details | Raw Unified | Return to bug 57300
Collapse All | Expand All




my $checks_per_test = 5;

# Session, API, Encoding, SessionEnv, SessionHeader, SessionMaxAge,
# SessionExpiryUpdateInterval, SessionInclude/Exclude.
my $num_tests = 2 + 4 + 5 + 2 + 1 + 4 + 7 + 3;

my @todo = (
    # Session writable after decode failure - PR 58171
    53, 54,
    # Session writable after expired - PR 56052
    88, 89
);

# Until the fix for PR 57300 is backported, sessions are always saved.
if (!have_min_apache_version('2.5')) {
    my @todo_backport = ( 8, 18, 38, 43, 48, 58, 63, 133 );
    push(@todo, @todo_backport);
}

plan tests => $num_tests * $checks_per_test,
              todo => \@todo,
              need need_module('session'),
              need_min_apache_version('2.3.0');

# APR time is in microseconds.
use constant APR_TIME_PER_SEC => 1000000;

# Don't use math ops, the result is too big for 32 Bit Perl
# Use adding of trailing "0"s instead
sub expiry_from_seconds
{
    my $seconds = shift;
    return $seconds . "0" x (length(APR_TIME_PER_SEC) - 1);
}

# check_result(name, res, session, dirty, expiry, response)
sub check_result
{

my $read_session = 'action=get&name=test';

# Session directive
check_post 'Cannot write session when off', '/', $create_session;
check_get 'New empty session is not saved', '/on';

# API optional functions
check_post 'Set session', '/on', $create_session, $session, 1;
check_post 'Get session', "/on?$session", $read_session,
    undef, 0, 0, 'value';
check_post 'Delete session', "/on?$session", 'action=set&name=test', '', 1;
check_post 'Edit session', "/on?$session", 'action=set&name=test&value=',
    'test=', 1;

check_post 'Encode session', '/on/encode', $create_session,
    $encoded_session, 1;
check_post 'Decode session', "/on/encode?$encoded_session", $read_session,
    undef, 0, 0, 'value';
check_get 'Custom decoder failure', "/on/encode?$session";
check_get 'Identity decoder failure', "/on?&=test";
check_post 'Session writable after decode failure', "/on/encode?$session",
    $create_session, $encoded_session, 1;

# SessionEnv directive - requires mod_include
if (have_module('include')) {
    check_custom 'SessionEnv Off', GET("/modules/session/env.shtml?$session"),
        undef, 0, 0, '(none)';
    check_get 'SessionEnv On', "/on/env/on/env.shtml?$session",
        undef, 0, 0, $session;
}
else {
    for (1 .. 2 * $checks_per_test) {

    "$session&another=5&last=7", 1;

# SessionMaxAge directive
my $future_expiry = expiry_from_seconds(time() + 200);
# Use adding of trailing "0"s instead
my $future_expiry = (time() + 100) . "0" x (length(APR_TIME_PER_SEC) - 1);

check_get 'SessionMaxAge adds expiry', "/on/expire?$session", $session, 0, 1;
check_get 'Discard expired session', "/on/expire?$session&expiry=1", '', 0, 1;

check_post 'Session writable after expired', '/on/expire?expiry=1',
    $create_session, $session, 1, 1;

# SessionExpiryUpdateInterval directive - new in 2.5
if (have_module('version') && have_min_apache_version('2.5')) {
    my $max_expiry = expiry_from_seconds(time() + 100);
    my $threshold_expiry = expiry_from_seconds(time() + 40);

    check_get 'SessionExpiryUpdateInterval off by default',
        "/on/expire?$session&expiry=$max_expiry", $session, 0, 1;
    check_get 'SessionExpiryUpdateInterval skips save',
        "/on/expire/cache?$session&expiry=$max_expiry";
    check_post 'Session readable when save skipped',
        "/on/expire/cache?$session&expiry=$max_expiry", $read_session,
        undef, 0, 0, 'value';
    check_post 'Dirty overrides SessionExpiryUpdateInterval',
        "/on/expire/cache?$session&expiry=$max_expiry", $create_session,
        $session, 1, 1;
    check_get 'Old session always updates expiry',
        "/on/expire/cache?$session&expiry=$threshold_expiry", $session, 0, 1;
    check_get 'New empty session with expiry not saved', "/on/expire/cache";
    check_post 'Can create session with SessionExpiryUpdateInterval',
        "/on/expire/cache", $create_session, $session, 1, 1;
}
else {
    for (1 .. 7 * $checks_per_test) {
        skip "SessionExpiryUpdateInterval tests require backporting";
    }
}

# SessionInclude/Exclude directives
check_post 'Cannot write session when not included',
    "/on/include?$session", $create_session;
check_post 'Can read session when included',
    "/on/include/yes?$session", $read_session, undef, 0, 0, 'value';
check_post 'SessionExclude overrides SessionInclude',
    "/on/include/yes/no?$session", $create_session;

Lines 31-38 Link Here

(-)c-modules/test_session/mod_test_session.c (-1 / +8 lines)
31	</Location>	31	</Location>
32	</IfModule>	32	</IfModule>
33	<Location /sessiontest/on/expire>	33	<Location /sessiontest/on/expire>
34	SessionMaxAge 10	34	SessionMaxAge 100
35	</Location>	35	</Location>
		36	<IfModule mod_version.c>
		37	<IfVersion >= 2.5.0>
		38	<Location /sessiontest/on/expire/cache>
		39	SessionExpiryUpdateInterval 50
		40	</Location>
		41	</IfVersion>
		42	</IfModule>
36	<Location /sessiontest/on/include>	43	<Location /sessiontest/on/include>
37	SessionInclude /sessiontest/on/include/yes	44	SessionInclude /sessiontest/on/include/yes
38	SessionExclude /sessiontest/on/include/yes/no	45	SessionExclude /sessiontest/on/include/yes/no

Return to bug 57300

Lines 13-36 Link Here

(-)t/modules/session.t (-19 / +61 lines)
13	my $checks_per_test = 5;	13	my $checks_per_test = 5;
14		14
15	# Session, API, Encoding, SessionEnv, SessionHeader, SessionMaxAge,	15	# Session, API, Encoding, SessionEnv, SessionHeader, SessionMaxAge,
16	# SessionInclude/Exclude.	16	# SessionExpiryUpdateInterval, SessionInclude/Exclude.
17	my $num_tests = 2 + 4 + 5 + 2 + 1 + 4 + 3;	17	my $num_tests = 2 + 4 + 5 + 2 + 1 + 4 + 7 + 3;
18		18
19	my @todo = [	19	my @todo = (
20	# Session writable after decode failure - PR 58171	20	# Session writable after decode failure - PR 58171
21	53, 54,	21	53, 54,
22	# Session writable after expired - PR 56052	22	# Session writable after expired - PR 56052
23	88, 89	23	88, 89
24	];	24	);
25		25
		26	# Until the fix for PR 57300 is backported, sessions are always saved.
		27	if (!have_min_apache_version('2.5')) {
		28	my @todo_backport = ( 8, 18, 38, 43, 48, 58, 63, 133 );
		29	push(@todo, @todo_backport);
		30	}
		31
26	plan tests => $num_tests * $checks_per_test,	32	plan tests => $num_tests * $checks_per_test,
27	todo => @todo,	33	todo => \@todo,
28	need need_module('session'),	34	need need_module('session'),
29	need_min_apache_version('2.3.0');	35	need_min_apache_version('2.3.0');
30		36
31	# APR time is in microseconds.	37	# APR time is in microseconds.
32	use constant APR_TIME_PER_SEC => 1000000;	38	use constant APR_TIME_PER_SEC => 1000000;
33		39
		40	# Don't use math ops, the result is too big for 32 Bit Perl
		41	# Use adding of trailing "0"s instead
		42	sub expiry_from_seconds
		43	{
		44	my $seconds = shift;
		45	return $seconds . "0" x (length(APR_TIME_PER_SEC) - 1);
		46	}
		47
34	# check_result(name, res, session, dirty, expiry, response)	48	# check_result(name, res, session, dirty, expiry, response)
35	sub check_result	49	sub check_result
36	{	50	{
Lines 109-121 Link Here
109	my $read_session = 'action=get&name=test';	123	my $read_session = 'action=get&name=test';
110		124
111	# Session directive	125	# Session directive
112	check_get 'Session Off', '/';	126	check_post 'Cannot write session when off', '/', $create_session;
113	check_get 'Session On', '/on', '';	127	check_get 'New empty session is not saved', '/on';
114		128
115	# API optional functions	129	# API optional functions
116	check_post 'Set session', '/on', $create_session, $session, 1;	130	check_post 'Set session', '/on', $create_session, $session, 1;
117	check_post 'Get session', "/on?$session", $read_session,	131	check_post 'Get session', "/on?$session", $read_session,
118	$session, 0, 0, 'value';	132	undef, 0, 0, 'value';
119	check_post 'Delete session', "/on?$session", 'action=set&name=test', '', 1;	133	check_post 'Delete session', "/on?$session", 'action=set&name=test', '', 1;
120	check_post 'Edit session', "/on?$session", 'action=set&name=test&value=',	134	check_post 'Edit session', "/on?$session", 'action=set&name=test&value=',
121	'test=', 1;	135	'test=', 1;
Lines 124-141 Link Here
124	check_post 'Encode session', '/on/encode', $create_session,	138	check_post 'Encode session', '/on/encode', $create_session,
125	$encoded_session, 1;	139	$encoded_session, 1;
126	check_post 'Decode session', "/on/encode?$encoded_session", $read_session,	140	check_post 'Decode session', "/on/encode?$encoded_session", $read_session,
127	$encoded_session, 0, 0, 'value';	141	undef, 0, 0, 'value';
128	check_get 'Custom decoder failure', "/on/encode?$session", $encoded_prefix;	142	check_get 'Custom decoder failure', "/on/encode?$session";
129	check_get 'Identity decoder failure', "/on?&=test", '';	143	check_get 'Identity decoder failure', "/on?&=test";
130	check_post 'Session writable after decode failure', "/on/encode?$session",	144	check_post 'Session writable after decode failure', "/on/encode?$session",
131	$create_session, $encoded_session, 1;	145	$create_session, $encoded_session, 1;
132		146
133	# SessionEnv directive - requires mod_include	147	# SessionEnv directive - requires mod_include
134	if (have_module('include')) {	148	if (have_module('include')) {
135	check_custom 'SessionEnv Off', GET("/modules/session/env.shtml?$session"),	149	check_custom 'SessionEnv Off', GET("/modules/session/env.shtml?$session"),
136	$session, 0, 0, '(none)';	150	undef, 0, 0, '(none)';
137	check_get 'SessionEnv On', "/on/env/on/env.shtml?$session",	151	check_get 'SessionEnv On', "/on/env/on/env.shtml?$session",
138	$session, 0, 0, $session;	152	undef, 0, 0, $session;
139	}	153	}
140	else {	154	else {
141	for (1 .. 2 * $checks_per_test) {	155	for (1 .. 2 * $checks_per_test) {
Lines 149-157 Link Here
149	"$session&another=5&last=7", 1;	163	"$session&another=5&last=7", 1;
150		164
151	# SessionMaxAge directive	165	# SessionMaxAge directive
152	# Don't use math ops, the result is too big for 32 Bit Perl	166	my $future_expiry = expiry_from_seconds(time() + 200);
153	# Use adding of trailing "0"s instead
154	my $future_expiry = (time() + 100) . "0" x (length(APR_TIME_PER_SEC) - 1);
155		167
156	check_get 'SessionMaxAge adds expiry', "/on/expire?$session", $session, 0, 1;	168	check_get 'SessionMaxAge adds expiry', "/on/expire?$session", $session, 0, 1;
157	check_get 'Discard expired session', "/on/expire?$session&expiry=1", '', 0, 1;	169	check_get 'Discard expired session', "/on/expire?$session&expiry=1", '', 0, 1;
Lines 160-166 Link Here
160	check_post 'Session writable after expired', '/on/expire?expiry=1',	172	check_post 'Session writable after expired', '/on/expire?expiry=1',
161	$create_session, $session, 1, 1;	173	$create_session, $session, 1, 1;
162		174
		175	# SessionExpiryUpdateInterval directive - new in 2.5
		176	if (have_module('version') && have_min_apache_version('2.5')) {
		177	my $max_expiry = expiry_from_seconds(time() + 100);
		178	my $threshold_expiry = expiry_from_seconds(time() + 40);
		179
		180	check_get 'SessionExpiryUpdateInterval off by default',
		181	"/on/expire?$session&expiry=$max_expiry", $session, 0, 1;
		182	check_get 'SessionExpiryUpdateInterval skips save',
		183	"/on/expire/cache?$session&expiry=$max_expiry";
		184	check_post 'Session readable when save skipped',
		185	"/on/expire/cache?$session&expiry=$max_expiry", $read_session,
		186	undef, 0, 0, 'value';
		187	check_post 'Dirty overrides SessionExpiryUpdateInterval',
		188	"/on/expire/cache?$session&expiry=$max_expiry", $create_session,
		189	$session, 1, 1;
		190	check_get 'Old session always updates expiry',
		191	"/on/expire/cache?$session&expiry=$threshold_expiry", $session, 0, 1;
		192	check_get 'New empty session with expiry not saved', "/on/expire/cache";
		193	check_post 'Can create session with SessionExpiryUpdateInterval',
		194	"/on/expire/cache", $create_session, $session, 1, 1;
		195	}
		196	else {
		197	for (1 .. 7 * $checks_per_test) {
		198	skip "SessionExpiryUpdateInterval tests require backporting";
		199	}
		200	}
		201
163	# SessionInclude/Exclude directives	202	# SessionInclude/Exclude directives
164	check_get 'Not in SessionInclude', "/on/include?$session";	203	check_post 'Cannot write session when not included',
165	check_get 'SessionInclude', "/on/include/yes?$session", $session;	204	"/on/include?$session", $create_session;
166	check_get 'SessionExclude', "/on/include/yes/no?$session";	205	check_post 'Can read session when included',
		206	"/on/include/yes?$session", $read_session, undef, 0, 0, 'value';
		207	check_post 'SessionExclude overrides SessionInclude',
		208	"/on/include/yes/no?$session", $create_session;