From 3f5c7763b40db760bdf2bd486965c68019e7c5c3 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Thu, 11 Feb 2010 19:34:10 +0000 Subject: URL encode the cookie value. --- module/mod_auth_singleid.c | 26 +++++++++++++++++++------- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/module/mod_auth_singleid.c b/module/mod_auth_singleid.c index e8b7e14..8167139 100644 --- a/module/mod_auth_singleid.c +++ b/module/mod_auth_singleid.c @@ -636,14 +636,23 @@ session_validate_sig (apr_pool_t *p, const char *sig, const char *value) } static sid_session_t* -session_parse_info (sid_context_t *ctx, request_rec *r, const char *value) +session_parse_info (sid_context_t *ctx, request_rec *r, char *data) { sid_session_t *sess; + const char *value; char *token, *sig, *end; char *identifier; char **here; long expiry; + if (ap_unescape_url_keep2f (data) != 0) { + ap_log_rerror (APLOG_MARK, APLOG_WARNING, 0, r, + "auth-singleid: invalidly encoded cookie: %s", data); + return NULL; + } + + value = data; + sig = get_token (r->pool, &value, " "); if (!sig || !session_validate_sig (r->pool, sig, value)) { ap_log_rerror (APLOG_MARK, APLOG_WARNING, 0, r, @@ -705,7 +714,7 @@ session_load_info (sid_context_t *ctx, request_rec *r) { sid_session_t *sess; const char *cookies; - const char *value; + char *value; char *pair; cookies = apr_table_get (r->headers_in, "Cookie"); @@ -719,7 +728,7 @@ session_load_info (sid_context_t *ctx, request_rec *r) if (pair[0] == '$') continue; - value = ap_stripprefix (pair, ctx->cookie_name); + value = (char*)ap_stripprefix (pair, ctx->cookie_name); if (value == pair) continue; while (isspace (*value)) @@ -731,7 +740,7 @@ session_load_info (sid_context_t *ctx, request_rec *r) while (isspace (*value)) ++value; - /* Try to parse this cookie */ + /* Try to parse this cookie, modifies value */ sess = session_parse_info (ctx, r, value); if (sess != NULL) return sess; @@ -743,7 +752,7 @@ session_load_info (sid_context_t *ctx, request_rec *r) static void session_send_info (sid_context_t *ctx, request_rec *r, sid_session_t *sess) { - char *cookie, *sig, *payload, *values; + char *cookie, *sig, *payload, *values, *value; /* All the values */ if (sess->values) @@ -757,9 +766,12 @@ session_send_info (sid_context_t *ctx, request_rec *r, sid_session_t *sess) values && values[0] ? " " : "", values); sig = session_create_sig (r->pool, payload); + /* Build up and escape the cookie value */ + value = ap_escape_path_segment (r->pool, apr_psprintf (r->pool, "%s %s", sig, payload)); + /* Build up the full cookie spec */ - cookie = apr_psprintf (r->pool, "%s=%s %s; httponly%s%s%s%s%s", - ctx->cookie_name, sig, payload, + cookie = apr_psprintf (r->pool, "%s=%s; httponly%s%s%s%s%s", + ctx->cookie_name, value, ctx->cookie_domain ? "; domain=" : "", ctx->cookie_domain ? ctx->cookie_domain : "", ctx->cookie_path ? "; path=" : "", -- cgit v1.2.3