Attachment #4674 for bug #16661

View | Details | Raw Unified | Return to bug 16661
Collapse All | Expand All

Lines 119-124 Link Here

(-)mod_usertrack.c (-19 / +47 lines)
119	cookie_type_e style;	119	cookie_type_e style;
120	char *cookie_name;	120	char *cookie_name;
121	char *cookie_domain;	121	char *cookie_domain;
		122	char regexp_string; / used to compile regexp; save for debugging */
		123	regex_t regexp; / used to find usertrack cookie in cookie header */
122	} cookie_dir_rec;	124	} cookie_dir_rec;
123		125
124	/* Define this to allow post-2000 cookies. Cookies use two-digit dates,	126	/* Define this to allow post-2000 cookies. Cookies use two-digit dates,
Lines 250-280 Link Here
250	{	252	{
251	cookie_dir_rec *dcfg = ap_get_module_config(r->per_dir_config,	253	cookie_dir_rec *dcfg = ap_get_module_config(r->per_dir_config,
252	&usertrack_module);	254	&usertrack_module);
253	const char *cookie;	255	const char *cookie_header;
254	char *value;	256
		257	/* There are only three possibilities from the regexp
		258	* ^cookie_name=([^;]+)\|;[ \t]+cookie_name=([^;]+)
		259	* because $0 is always filled with the whole match, and $1 and $2 will
		260	* be filled with either of the parenthesis matches. So, I
		261	* allocate regm[3] to cover all these cases. */
		262	regmatch_t regm[3];
		263	int i;
255		264
256	if (!dcfg->enabled) {	265	if (!dcfg->enabled) {
257	return DECLINED;	266	return DECLINED;
258	}	267	}
259		268
260	if ((cookie = ap_table_get(r->headers_in,	269	if ((cookie_header = ap_table_get(r->headers_in,
261	(dcfg->style == CT_COOKIE2	270	(dcfg->style == CT_COOKIE2
262	? "Cookie2"	271	? "Cookie2"
263	: "Cookie"))))	272	: "Cookie")))) {
264	if ((value = strstr(cookie, dcfg->cookie_name))) {	273	if (!ap_regexec(dcfg->regexp, cookie_header, dcfg->regexp->re_nsub + 1, regm, 0)) {
265	char cookiebuf, cookieend;	274	char *cookieval = NULL;
266		275	/* Our regexp,
267	value += strlen(dcfg->cookie_name) + 1; /* Skip over the '=' */	276	* ^cookie_name=([^;]+)\|;[ \t]+cookie_name=([^;]+)
268	cookiebuf = ap_pstrdup(r->pool, value);	277	* only allows for $1 or $2 to be available. ($0 is always
269	cookieend = strchr(cookiebuf, ';');	278	* filled with the entire matched expression, not just
270	if (cookieend)	279	* the part in parentheses.) So just check for either one
271	cookieend = '\0'; / Ignore anything after a ; */	280	* and assign to cookieval if present. */
272		281	if (regm[1].rm_so != -1) {
273	/* Set the cookie in a note, for logging */	282	cookieval = ap_pregsub(r->pool, "$1", cookie_header, dcfg->regexp->re_nsub + 1, regm);
274	ap_table_setn(r->notes, "cookie", cookiebuf);	283	}
		284	if (regm[2].rm_so != -1) {
		285	cookieval = ap_pregsub(r->pool, "$2", cookie_header, dcfg->regexp->re_nsub + 1, regm);
		286	}
		287	/* Set the cookie in a note, for logging */
		288	ap_table_setn(r->notes, "cookie", cookieval);
275		289
276	return DECLINED; /* There's already a cookie, no new one */	290	return DECLINED; /* There's already a cookie, no new one */
277	}	291	}
		292	}
278	make_cookie(r);	293	make_cookie(r);
279	return OK; /* We set our cookie */	294	return OK; /* We set our cookie */
280	}	295	}
Lines 382-388 Link Here
382	{	397	{
383	cookie_dir_rec dcfg = (cookie_dir_rec ) mconfig;	398	cookie_dir_rec dcfg = (cookie_dir_rec ) mconfig;
384		399
		400	/* The goal is to end up with this regexp,
		401	* ^cookie_name=([^;]+)\|;[ \t]+cookie_name=([^;]+)
		402	* with cookie_name
		403	* obviously substituted with the real cookie name set by the
		404	* user in httpd.conf. */
		405	dcfg->regexp_string = ap_pstrcat(cmd->pool, "^", name, "=([^;]+)\|;[ \t]+", name, "=([^;]+)", NULL);
		406
385	dcfg->cookie_name = ap_pstrdup(cmd->pool, name);	407	dcfg->cookie_name = ap_pstrdup(cmd->pool, name);
		408
		409	dcfg->regexp = ap_pregcomp(cmd->pool, dcfg->regexp_string, REG_EXTENDED);
		410	if (dcfg->regexp == NULL) {
		411	return "Regular expression could not be compiled.";
		412	}
		413
386	return NULL;	414	return NULL;
387	}	415	}
388		416

Return to bug 16661