summaryrefslogtreecommitdiff
path: root/module
diff options
context:
space:
mode:
Diffstat (limited to 'module')
-rw-r--r--module/mod_auth_singleid.c26
1 files changed, 19 insertions, 7 deletions
diff --git a/module/mod_auth_singleid.c b/module/mod_auth_singleid.c
index e8b7e14..8167139 100644
--- a/module/mod_auth_singleid.c
+++ b/module/mod_auth_singleid.c
@@ -636,14 +636,23 @@ session_validate_sig (apr_pool_t *p, const char *sig, const char *value)
}
static sid_session_t*
-session_parse_info (sid_context_t *ctx, request_rec *r, const char *value)
+session_parse_info (sid_context_t *ctx, request_rec *r, char *data)
{
sid_session_t *sess;
+ const char *value;
char *token, *sig, *end;
char *identifier;
char **here;
long expiry;
+ if (ap_unescape_url_keep2f (data) != 0) {
+ ap_log_rerror (APLOG_MARK, APLOG_WARNING, 0, r,
+ "auth-singleid: invalidly encoded cookie: %s", data);
+ return NULL;
+ }
+
+ value = data;
+
sig = get_token (r->pool, &value, " ");
if (!sig || !session_validate_sig (r->pool, sig, value)) {
ap_log_rerror (APLOG_MARK, APLOG_WARNING, 0, r,
@@ -705,7 +714,7 @@ session_load_info (sid_context_t *ctx, request_rec *r)
{
sid_session_t *sess;
const char *cookies;
- const char *value;
+ char *value;
char *pair;
cookies = apr_table_get (r->headers_in, "Cookie");
@@ -719,7 +728,7 @@ session_load_info (sid_context_t *ctx, request_rec *r)
if (pair[0] == '$')
continue;
- value = ap_stripprefix (pair, ctx->cookie_name);
+ value = (char*)ap_stripprefix (pair, ctx->cookie_name);
if (value == pair)
continue;
while (isspace (*value))
@@ -731,7 +740,7 @@ session_load_info (sid_context_t *ctx, request_rec *r)
while (isspace (*value))
++value;
- /* Try to parse this cookie */
+ /* Try to parse this cookie, modifies value */
sess = session_parse_info (ctx, r, value);
if (sess != NULL)
return sess;
@@ -743,7 +752,7 @@ session_load_info (sid_context_t *ctx, request_rec *r)
static void
session_send_info (sid_context_t *ctx, request_rec *r, sid_session_t *sess)
{
- char *cookie, *sig, *payload, *values;
+ char *cookie, *sig, *payload, *values, *value;
/* All the values */
if (sess->values)
@@ -757,9 +766,12 @@ session_send_info (sid_context_t *ctx, request_rec *r, sid_session_t *sess)
values && values[0] ? " " : "", values);
sig = session_create_sig (r->pool, payload);
+ /* Build up and escape the cookie value */
+ value = ap_escape_path_segment (r->pool, apr_psprintf (r->pool, "%s %s", sig, payload));
+
/* Build up the full cookie spec */
- cookie = apr_psprintf (r->pool, "%s=%s %s; httponly%s%s%s%s%s",
- ctx->cookie_name, sig, payload,
+ cookie = apr_psprintf (r->pool, "%s=%s; httponly%s%s%s%s%s",
+ ctx->cookie_name, value,
ctx->cookie_domain ? "; domain=" : "",
ctx->cookie_domain ? ctx->cookie_domain : "",
ctx->cookie_path ? "; path=" : "",