View | Details | Raw Unified | Return to bug 16661
Collapse All | Expand All

(-)mod_usertrack.c (-19 / +47 lines)
Lines 119-124 Link Here
119
    cookie_type_e style;
119
    cookie_type_e style;
120
    char *cookie_name;
120
    char *cookie_name;
121
    char *cookie_domain;
121
    char *cookie_domain;
122
    char *regexp_string;  /* used to compile regexp; save for debugging */
123
    regex_t *regexp;  /* used to find usertrack cookie in cookie header */
122
} cookie_dir_rec;
124
} cookie_dir_rec;
123
125
124
/* Define this to allow post-2000 cookies. Cookies use two-digit dates,
126
/* Define this to allow post-2000 cookies. Cookies use two-digit dates,
Lines 250-280 Link Here
250
{
252
{
251
    cookie_dir_rec *dcfg = ap_get_module_config(r->per_dir_config,
253
    cookie_dir_rec *dcfg = ap_get_module_config(r->per_dir_config,
252
						&usertrack_module);
254
						&usertrack_module);
253
    const char *cookie;
255
    const char *cookie_header;
254
    char *value;
256
257
    /* There are only three possibilities from the regexp
258
     * ^cookie_name=([^;]+)|;[ \t]+cookie_name=([^;]+)
259
     * because $0 is always filled with the whole match, and $1 and $2 will
260
     * be filled with either of the parenthesis matches. So, I 
261
     * allocate regm[3] to cover all these cases. */
262
    regmatch_t regm[3];
263
    int i;
255
264
256
    if (!dcfg->enabled) {
265
    if (!dcfg->enabled) {
257
        return DECLINED;
266
        return DECLINED;
258
    }
267
    }
259
268
260
    if ((cookie = ap_table_get(r->headers_in,
269
    if ((cookie_header = ap_table_get(r->headers_in,
261
                               (dcfg->style == CT_COOKIE2
270
                                      (dcfg->style == CT_COOKIE2
262
                                ? "Cookie2"
271
                                       ? "Cookie2"
263
                                : "Cookie"))))
272
                                       : "Cookie")))) {
264
        if ((value = strstr(cookie, dcfg->cookie_name))) {
273
	if (!ap_regexec(dcfg->regexp, cookie_header, dcfg->regexp->re_nsub + 1, regm, 0)) {
265
            char *cookiebuf, *cookieend;
274
	    char *cookieval = NULL;
266
275
	    /* Our regexp,
267
            value += strlen(dcfg->cookie_name) + 1;  /* Skip over the '=' */
276
	     * ^cookie_name=([^;]+)|;[ \t]+cookie_name=([^;]+)
268
            cookiebuf = ap_pstrdup(r->pool, value);
277
	     * only allows for $1 or $2 to be available. ($0 is always
269
            cookieend = strchr(cookiebuf, ';');
278
	     * filled with the entire matched expression, not just
270
            if (cookieend)
279
	     * the part in parentheses.) So just check for either one
271
                *cookieend = '\0';      /* Ignore anything after a ; */
280
	     * and assign to cookieval if present. */
272
281
	    if (regm[1].rm_so != -1) {
273
            /* Set the cookie in a note, for logging */
282
		cookieval = ap_pregsub(r->pool, "$1", cookie_header, dcfg->regexp->re_nsub + 1, regm);
274
            ap_table_setn(r->notes, "cookie", cookiebuf);
283
	    }
284
	    if (regm[2].rm_so != -1) {
285
		cookieval = ap_pregsub(r->pool, "$2", cookie_header, dcfg->regexp->re_nsub + 1, regm);
286
	    }
287
	    /* Set the cookie in a note, for logging */
288
	    ap_table_setn(r->notes, "cookie", cookieval);
275
289
276
            return DECLINED;    /* There's already a cookie, no new one */
290
	    return DECLINED;    /* There's already a cookie, no new one */
277
        }
291
	}
292
    }
278
    make_cookie(r);
293
    make_cookie(r);
279
    return OK;                  /* We set our cookie */
294
    return OK;                  /* We set our cookie */
280
}
295
}
Lines 382-388 Link Here
382
{
397
{
383
    cookie_dir_rec *dcfg = (cookie_dir_rec *) mconfig;
398
    cookie_dir_rec *dcfg = (cookie_dir_rec *) mconfig;
384
399
400
    /* The goal is to end up with this regexp, 
401
     * ^cookie_name=([^;]+)|;[ \t]+cookie_name=([^;]+)
402
     * with cookie_name
403
     * obviously substituted with the real cookie name set by the
404
     * user in httpd.conf. */
405
    dcfg->regexp_string = ap_pstrcat(cmd->pool, "^", name, "=([^;]+)|;[ \t]+", name, "=([^;]+)", NULL);
406
385
    dcfg->cookie_name = ap_pstrdup(cmd->pool, name);
407
    dcfg->cookie_name = ap_pstrdup(cmd->pool, name);
408
409
    dcfg->regexp = ap_pregcomp(cmd->pool, dcfg->regexp_string, REG_EXTENDED);
410
    if (dcfg->regexp == NULL) {
411
	return "Regular expression could not be compiled.";
412
    }
413
386
    return NULL;
414
    return NULL;
387
}
415
}
388
416

Return to bug 16661