From d35835eabeda75dffe58b6bad50790e6adfbd156 Mon Sep 17 00:00:00 2001 From: Ben Fuhrmannek Date: Wed, 12 Nov 2014 18:06:42 +0100 Subject: removed session structs + split crypt funcs --- session.c | 760 +++----------------------------------------------------------- 1 file changed, 30 insertions(+), 730 deletions(-) (limited to 'session.c') diff --git a/session.c b/session.c index 827c6b7..548786f 100644 --- a/session.c +++ b/session.c @@ -1,19 +1,20 @@ /* +----------------------------------------------------------------------+ - | Suhosin Version 1 | + | Suhosin Version 1 | +----------------------------------------------------------------------+ - | Copyright (c) 2006-2007 The Hardened-PHP Project | - | Copyright (c) 2007-2014 SektionEins GmbH | + | Copyright (c) 2006-2007 The Hardened-PHP Project | + | Copyright (c) 2007-2014 SektionEins GmbH | +----------------------------------------------------------------------+ - | This source file is subject to version 3.01 of the PHP license, | - | that is bundled with this package in the file LICENSE, and is | - | available through the world-wide-web at the following url: | - | http://www.php.net/license/3_01.txt | + | This source file is subject to version 3.01 of the PHP license, | + | that is bundled with this package in the file LICENSE, and is | + | available through the world-wide-web at the following url: | + | http://www.php.net/license/3_01.txt | | If you did not receive a copy of the PHP license and are unable to | - | obtain it through the world-wide-web, please send a note to | - | license@php.net so we can mail you a copy immediately. | + | obtain it through the world-wide-web, please send a note to | + | license@php.net so we can mail you a copy immediately. | +----------------------------------------------------------------------+ - | Author: Stefan Esser | + | Authors: Stefan Esser | + | Ben Fuhrmannek | +----------------------------------------------------------------------+ */ /* @@ -29,10 +30,8 @@ #include "SAPI.h" #include "php_ini.h" #include "php_suhosin.h" -#include "ext/standard/base64.h" #include "ext/standard/php_smart_str.h" #include "ext/standard/php_var.h" -#include "sha256.h" #include @@ -40,480 +39,19 @@ # include "ext/hash/php_hash.h" #endif -#define PS_OPEN_ARGS void **mod_data, const char *save_path, const char *session_name TSRMLS_DC -#define PS_CLOSE_ARGS void **mod_data TSRMLS_DC -#define PS_READ_ARGS void **mod_data, const char *key, char **val, int *vallen TSRMLS_DC -#define PS_WRITE_ARGS void **mod_data, const char *key, const char *val, const int vallen TSRMLS_DC -#define PS_DESTROY_ARGS void **mod_data, const char *key TSRMLS_DC -#define PS_GC_ARGS void **mod_data, int maxlifetime, int *nrdels TSRMLS_DC -#define PS_CREATE_SID_ARGS void **mod_data, int *newlen TSRMLS_DC - -typedef struct ps_module_struct { - const char *s_name; - int (*s_open)(PS_OPEN_ARGS); - int (*s_close)(PS_CLOSE_ARGS); - int (*s_read)(PS_READ_ARGS); - int (*s_write)(PS_WRITE_ARGS); - int (*s_destroy)(PS_DESTROY_ARGS); - int (*s_gc)(PS_GC_ARGS); - char *(*s_create_sid)(PS_CREATE_SID_ARGS); -} ps_module; - -typedef enum { - php_session_disabled, - php_session_none, - php_session_active -} php_session_status; - -#define PS_SERIALIZER_ENCODE_ARGS char **newstr, int *newlen TSRMLS_DC -#define PS_SERIALIZER_DECODE_ARGS const char *val, int vallen TSRMLS_DC - -typedef struct ps_serializer_struct { - const char *name; - int (*encode)(PS_SERIALIZER_ENCODE_ARGS); - int (*decode)(PS_SERIALIZER_DECODE_ARGS); -} ps_serializer; - -typedef struct _php_ps_globals_43_44 { - char *save_path; - char *session_name; - char *id; - char *extern_referer_chk; - char *entropy_file; - char *cache_limiter; - long entropy_length; - long cookie_lifetime; - char *cookie_path; - char *cookie_domain; - zend_bool cookie_secure; - ps_module *mod; - void *mod_data; - php_session_status session_status; - long gc_probability; - long gc_divisor; - long gc_maxlifetime; - int module_number; - long cache_expire; - zend_bool bug_compat; /* Whether to behave like PHP 4.2 and earlier */ - zend_bool bug_compat_warn; /* Whether to warn about it */ - const struct ps_serializer_struct *serializer; - zval *http_session_vars; - zend_bool auto_start; - zend_bool use_cookies; - zend_bool use_only_cookies; - zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ - zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ - int send_cookie; - int define_sid; -} php_ps_globals_43_44; - -typedef struct _php_ps_globals_50_51 { - char *save_path; - char *session_name; - char *id; - char *extern_referer_chk; - char *entropy_file; - char *cache_limiter; - long entropy_length; - long cookie_lifetime; - char *cookie_path; - char *cookie_domain; - zend_bool cookie_secure; - ps_module *mod; - void *mod_data; - php_session_status session_status; - long gc_probability; - long gc_divisor; - long gc_maxlifetime; - int module_number; - long cache_expire; - zend_bool bug_compat; /* Whether to behave like PHP 4.2 and earlier */ - zend_bool bug_compat_warn; /* Whether to warn about it */ - const struct ps_serializer_struct *serializer; - zval *http_session_vars; - zend_bool auto_start; - zend_bool use_cookies; - zend_bool use_only_cookies; - zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ - zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ - - long hash_func; - long hash_bits_per_character; - int send_cookie; - int define_sid; -} php_ps_globals_50_51; - -typedef struct _php_ps_globals_52 { - char *save_path; - char *session_name; - char *id; - char *extern_referer_chk; - char *entropy_file; - char *cache_limiter; - long entropy_length; - long cookie_lifetime; - char *cookie_path; - char *cookie_domain; - zend_bool cookie_secure; - zend_bool cookie_httponly; - ps_module *mod; - void *mod_data; - php_session_status session_status; - long gc_probability; - long gc_divisor; - long gc_maxlifetime; - int module_number; - long cache_expire; - zend_bool bug_compat; /* Whether to behave like PHP 4.2 and earlier */ - zend_bool bug_compat_warn; /* Whether to warn about it */ - const struct ps_serializer_struct *serializer; - zval *http_session_vars; - zend_bool auto_start; - zend_bool use_cookies; - zend_bool use_only_cookies; - zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ - zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ - - long hash_func; - long hash_bits_per_character; - int send_cookie; - int define_sid; - zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ -} php_ps_globals_52; - -typedef struct _php_ps_globals_53 { - char *save_path; - char *session_name; - char *id; - char *extern_referer_chk; - char *entropy_file; - char *cache_limiter; - long entropy_length; - long cookie_lifetime; - char *cookie_path; - char *cookie_domain; - zend_bool cookie_secure; - zend_bool cookie_httponly; - ps_module *mod; - void *mod_data; - php_session_status session_status; - long gc_probability; - long gc_divisor; - long gc_maxlifetime; - int module_number; - long cache_expire; - union { - zval *names[6]; - struct { - zval *ps_open; - zval *ps_close; - zval *ps_read; - zval *ps_write; - zval *ps_destroy; - zval *ps_gc; - } name; - } mod_user_names; - zend_bool bug_compat; /* Whether to behave like PHP 4.2 and earlier */ - zend_bool bug_compat_warn; /* Whether to warn about it */ - const struct ps_serializer_struct *serializer; - zval *http_session_vars; - zend_bool auto_start; - zend_bool use_cookies; - zend_bool use_only_cookies; - zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ - zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ - - long hash_func; -#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) - php_hash_ops *hash_ops; -#endif - long hash_bits_per_character; - int send_cookie; - int define_sid; - zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ -} php_ps_globals_53; - -#if PHP_VERSION_ID >= 50400 -typedef struct _php_session_rfc1867_progress_54_55_56 { - - size_t sname_len; - zval sid; - smart_str key; - - long update_step; - long next_update; - double next_update_time; - zend_bool cancel_upload; - zend_bool apply_trans_sid; - size_t content_length; - - zval *data; /* the array exported to session data */ - zval *post_bytes_processed; /* data["bytes_processed"] */ - zval *files; /* data["files"] array */ - zval *current_file; /* array of currently uploading file */ - zval *current_file_bytes_processed; -} php_session_rfc1867_progress_54_55_56; - -typedef struct _php_ps_globals_54 { - char *save_path; - char *session_name; - char *id; - char *extern_referer_chk; - char *entropy_file; - char *cache_limiter; - long entropy_length; - long cookie_lifetime; - char *cookie_path; - char *cookie_domain; - zend_bool cookie_secure; - zend_bool cookie_httponly; - ps_module *mod; - ps_module *default_mod; - void *mod_data; - php_session_status session_status; - long gc_probability; - long gc_divisor; - long gc_maxlifetime; - int module_number; - long cache_expire; - union { - zval *names[6]; - struct { - zval *ps_open; - zval *ps_close; - zval *ps_read; - zval *ps_write; - zval *ps_destroy; - zval *ps_gc; - } name; - } mod_user_names; - int mod_user_implemented; - int mod_user_is_open; - const struct ps_serializer_struct *serializer; - zval *http_session_vars; - zend_bool auto_start; - zend_bool use_cookies; - zend_bool use_only_cookies; - zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ - zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ - - long hash_func; -#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) - php_hash_ops *hash_ops; -#endif - long hash_bits_per_character; - int send_cookie; - int define_sid; - zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ - - php_session_rfc1867_progress_54_55_56 *rfc1867_progress; - zend_bool rfc1867_enabled; /* session.upload_progress.enabled */ - zend_bool rfc1867_cleanup; /* session.upload_progress.cleanup */ - smart_str rfc1867_prefix; /* session.upload_progress.prefix */ - smart_str rfc1867_name; /* session.upload_progress.name */ - long rfc1867_freq; /* session.upload_progress.freq */ - double rfc1867_min_freq; /* session.upload_progress.min_freq */ -} php_ps_globals_54; -#endif - -#if PHP_VERSION_ID >= 50500 -typedef struct _php_ps_globals_55 { - char *save_path; - char *session_name; - char *id; - char *extern_referer_chk; - char *entropy_file; - char *cache_limiter; - long entropy_length; - long cookie_lifetime; - char *cookie_path; - char *cookie_domain; - zend_bool cookie_secure; - zend_bool cookie_httponly; - ps_module *mod; - ps_module *default_mod; - void *mod_data; - php_session_status session_status; - long gc_probability; - long gc_divisor; - long gc_maxlifetime; - int module_number; - long cache_expire; - union { - zval *names[7]; - struct { - zval *ps_open; - zval *ps_close; - zval *ps_read; - zval *ps_write; - zval *ps_destroy; - zval *ps_gc; - zval *ps_create_sid; - } name; - } mod_user_names; - int mod_user_implemented; - int mod_user_is_open; - const struct ps_serializer_struct *serializer; - zval *http_session_vars; - zend_bool auto_start; - zend_bool use_cookies; - zend_bool use_only_cookies; - zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ - zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ - - long hash_func; -#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) - php_hash_ops *hash_ops; -#endif - long hash_bits_per_character; - int send_cookie; - int define_sid; - zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ - - php_session_rfc1867_progress_54_55_56 *rfc1867_progress; - zend_bool rfc1867_enabled; /* session.upload_progress.enabled */ - zend_bool rfc1867_cleanup; /* session.upload_progress.cleanup */ - smart_str rfc1867_prefix; /* session.upload_progress.prefix */ - smart_str rfc1867_name; /* session.upload_progress.name */ - long rfc1867_freq; /* session.upload_progress.freq */ - double rfc1867_min_freq; /* session.upload_progress.min_freq */ - - zend_bool use_strict_mode; /* whether or not PHP accepts unknown session ids */ -} php_ps_globals_55; - -typedef struct _php_ps_globals_56 { - char *save_path; - char *session_name; - char *id; - char *extern_referer_chk; - char *entropy_file; - char *cache_limiter; - long entropy_length; - long cookie_lifetime; - char *cookie_path; - char *cookie_domain; - zend_bool cookie_secure; - zend_bool cookie_httponly; - ps_module *mod; - ps_module *default_mod; - void *mod_data; - php_session_status session_status; - long gc_probability; - long gc_divisor; - long gc_maxlifetime; - int module_number; - long cache_expire; - union { - zval *names[7]; - struct { - zval *ps_open; - zval *ps_close; - zval *ps_read; - zval *ps_write; - zval *ps_destroy; - zval *ps_gc; - zval *ps_create_sid; - } name; - } mod_user_names; - int mod_user_implemented; - int mod_user_is_open; - const struct ps_serializer_struct *serializer; - zval *http_session_vars; - zend_bool auto_start; - zend_bool use_cookies; - zend_bool use_only_cookies; - zend_bool use_trans_sid; /* contains the INI value of whether to use trans-sid */ - zend_bool apply_trans_sid; /* whether or not to enable trans-sid for the current request */ - - long hash_func; -#if defined(HAVE_HASH_EXT) && !defined(COMPILE_DL_HASH) - php_hash_ops *hash_ops; -#endif - long hash_bits_per_character; - int send_cookie; - int define_sid; - zend_bool invalid_session_id; /* allows the driver to report about an invalid session id and request id regeneration */ - - php_session_rfc1867_progress_54_55_56 *rfc1867_progress; - zend_bool rfc1867_enabled; /* session.upload_progress.enabled */ - zend_bool rfc1867_cleanup; /* session.upload_progress.cleanup */ - smart_str rfc1867_prefix; /* session.upload_progress.prefix */ - smart_str rfc1867_name; /* session.upload_progress.name */ - long rfc1867_freq; /* session.upload_progress.freq */ - double rfc1867_min_freq; /* session.upload_progress.min_freq */ - - zend_bool use_strict_mode; /* whether or not PHP accepts unknown session ids */ - unsigned char session_data_hash[16]; /* binary MD5 hash length */ -} php_ps_globals_56; -#endif +#ifdef HAVE_PHP_SESSION +#include "ext/session/php_session.h" #ifdef ZTS static ts_rsrc_id session_globals_id = 0; -# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 6) -# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_56 *, v) -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 5) -# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_55 *, v) -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4) -# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_54 *, v) -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3) -# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_53 *, v) -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2) -# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_52 *, v) -# elif (PHP_MAJOR_VERSION == 5) -# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_50_51 *, v) -# elif (PHP_MAJOR_VERSION == 4 && PHP_MINOR_VERSION >= 3) -# define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals_43_44 *, v) -# else - UNSUPPORTED PHP VERSION -# endif +#define SESSION_G(v) TSRMG(session_globals_id, php_ps_globals *, v) #else -# if (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 6) -static php_ps_globals_56 *session_globals = NULL; -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 5) -static php_ps_globals_55 *session_globals = NULL; -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 4) -static php_ps_globals_54 *session_globals = NULL; -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 3) -static php_ps_globals_53 *session_globals = NULL; -# elif (PHP_MAJOR_VERSION == 5 && PHP_MINOR_VERSION >= 2) -static php_ps_globals_52 *session_globals = NULL; -# elif (PHP_MAJOR_VERSION == 5) -static php_ps_globals_50_51 *session_globals = NULL; -# elif (PHP_MAJOR_VERSION == 4 && PHP_MINOR_VERSION >= 3) -static php_ps_globals_43_44 *session_globals = NULL; -# else - UNSUPPORTED PHP VERSION -# endif +static php_ps_globals *session_globals = NULL; #define SESSION_G(v) (session_globals->v) #endif - ps_serializer *(*suhosin_find_ps_serializer)(char *name TSRMLS_DC) = NULL; -#define PS_ENCODE_VARS \ - char *key; \ - uint key_length; \ - ulong num_key; \ - zval **struc; - -#define PS_ENCODE_LOOP(code) do { \ - HashTable *_ht = Z_ARRVAL_P(SESSION_G(http_session_vars)); \ - int key_type; \ - \ - for (zend_hash_internal_pointer_reset(_ht); \ - (key_type = zend_hash_get_current_key_ex(_ht, &key, &key_length, &num_key, 0, NULL)) != HASH_KEY_NON_EXISTANT; \ - zend_hash_move_forward(_ht)) { \ - if (key_type == HASH_KEY_IS_LONG) { \ - php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Skipping numeric key %ld", num_key); \ - continue; \ - } \ - key_length--; \ - if (suhosin_get_session_var(key, key_length, &struc TSRMLS_CC) == SUCCESS) { \ - code; \ - } \ - } \ - } while(0) - static int suhosin_get_session_var(char *name, size_t namelen, zval ***state_var TSRMLS_DC) /* {{{ */ { int ret = FAILURE; @@ -598,259 +136,6 @@ static void suhosin_send_cookie(TSRMLS_D) *session_send_cookie = 1; } -void suhosin_get_ipv4(char *buf TSRMLS_DC) -{ - char *raddr = suhosin_getenv("REMOTE_ADDR", sizeof("REMOTE_ADDR")-1 TSRMLS_CC); - int i; - - - if (raddr == NULL) { - memset(buf, 0, 4); - return; - } - - for (i=0; i<4; i++) { - if (raddr[0] == 0) { - buf[i] = 0; - } else { - buf[i] = strtol(raddr, &raddr, 10); - if (raddr[0] == '.') { - raddr++; - } - } - } -} - -char *suhosin_encrypt_string(char *str, int len, char *var, int vlen, char *key TSRMLS_DC) -{ - int padded_len, i, slen; - unsigned char *crypted, *tmp; - unsigned int check = 0x13579BDF; - - if (str == NULL) { - return NULL; - } - if (len == 0) { - return estrndup("", 0); - } - - - suhosin_aes_gkey(4,8,key TSRMLS_CC); - - padded_len = ((len+15) & ~0xF); - crypted = emalloc(16+padded_len+1); - memset(crypted, 0xff, 16+padded_len+1); - memcpy(crypted+16, str, len+1); - - /* calculate check value */ - for (i = 0; i> (32-3)); - check += check << 1; - check ^= (unsigned char)var[i]; - } - for (i = 0; i> (32-3)); - check += check << 1; - check ^= (unsigned char)str[i]; - } - - /* store ip value */ - suhosin_get_ipv4((char *)crypted+4 TSRMLS_CC); - - /* store check value */ - crypted[8] = check & 0xff; - crypted[9] = (check >> 8) & 0xff; - crypted[10] = (check >> 16) & 0xff; - crypted[11] = (check >> 24) & 0xff; - - /* store original length */ - crypted[12] = len & 0xff; - crypted[13] = (len >> 8) & 0xff; - crypted[14] = (len >> 16) & 0xff; - crypted[15] = (len >> 24) & 0xff; - - for (i=0, tmp=crypted; i 0) { - int j; - for (j=0; j<16; j++) tmp[j] ^= tmp[j-16]; - } - suhosin_aes_encrypt((char *)tmp TSRMLS_CC); - } - - tmp = php_base64_encode(crypted, padded_len+16, NULL); - efree(crypted); - slen=strlen((char *)tmp); - for (i=0; i=0; i-=16, tmp-=16) { - suhosin_aes_decrypt((char *)tmp TSRMLS_CC); - if (i > 0) { - int j; - for (j=0; j<16; j++) tmp[j] ^= tmp[j-16]; - } - } - - /* retrieve orig_len */ - o_len = decrypted[15]; - o_len <<= 8; - o_len |= decrypted[14]; - o_len <<= 8; - o_len |= decrypted[13]; - o_len <<= 8; - o_len |= decrypted[12]; - - if (o_len < 0 || o_len > len-16) { - goto error_out; - } - - /* calculate check value */ - for (i = 0; i> (32-3)); - check += check << 1; - check ^= (unsigned char)var[i]; - } - for (i = 0; i> (32-3)); - check += check << 1; - check ^= decrypted[16+i]; - } - - /* check value */ - invalid = (decrypted[8] != (check & 0xff)) || - (decrypted[9] != ((check >> 8) & 0xff)) || - (decrypted[10] != ((check >> 16) & 0xff)) || - (decrypted[11] != ((check >> 24) & 0xff)); - - /* check IP */ - if (check_ra > 0) { - if (check_ra > 4) { - check_ra = 4; - } - suhosin_get_ipv4(&buf[0] TSRMLS_CC); - if (memcmp(buf, decrypted+4, check_ra) != 0) { - goto error_out; - } - } - - if (invalid) { - goto error_out; - } - - if (orig_len) { - *orig_len = o_len; - } - - memmove(decrypted, decrypted+16, o_len); - decrypted[o_len] = 0; - /* we do not realloc() here because 16 byte less - is simply not worth the overhead */ - return (char *)decrypted; -} - -char *suhosin_generate_key(char *key, zend_bool ua, zend_bool dr, long raddr, char *cryptkey TSRMLS_DC) -{ - char *_ua = NULL; - char *_dr = NULL; - char *_ra = NULL; - suhosin_SHA256_CTX ctx; - - if (ua) { - _ua = suhosin_getenv("HTTP_USER_AGENT", sizeof("HTTP_USER_AGENT")-1 TSRMLS_CC); - } - - if (dr) { - _dr = suhosin_getenv("DOCUMENT_ROOT", sizeof("DOCUMENT_ROOT")-1 TSRMLS_CC); - } - - if (raddr > 0) { - _ra = suhosin_getenv("REMOTE_ADDR", sizeof("REMOTE_ADDR")-1 TSRMLS_CC); - } - - SDEBUG("(suhosin_generate_key) KEY: %s - UA: %s - DR: %s - RA: %s", key,_ua,_dr,_ra); - - suhosin_SHA256Init(&ctx); - if (key == NULL || *key == 0) { - suhosin_SHA256Update(&ctx, (unsigned char*)"D3F4UL7", strlen("D3F4UL7")); - } else { - suhosin_SHA256Update(&ctx, (unsigned char*)key, strlen(key)); - } - if (_ua) { - suhosin_SHA256Update(&ctx, (unsigned char*)_ua, strlen(_ua)); - } - if (_dr) { - suhosin_SHA256Update(&ctx, (unsigned char*)_dr, strlen(_dr)); - } - if (_ra) { - if (raddr >= 4) { - suhosin_SHA256Update(&ctx, (unsigned char*)_ra, strlen(_ra)); - } else { - long dots = 0; - char *tmp = _ra; - - while (*tmp) { - if (*tmp == '.') { - dots++; - if (dots == raddr) { - break; - } - } - tmp++; - } - suhosin_SHA256Update(&ctx, (unsigned char*)_ra, tmp-_ra); - } - } - suhosin_SHA256Final((unsigned char *)cryptkey, &ctx); - cryptkey[32] = 0; /* uhmm... not really a string */ - - return cryptkey; -} static int (*old_OnUpdateSaveHandler)(zend_ini_entry *entry, char *new_value, uint new_value_length, void *mh_arg1, void *mh_arg2, void *mh_arg3, int stage TSRMLS_DC) = NULL; @@ -1152,6 +437,21 @@ void suhosin_unhook_session(TSRMLS_D) } +#else /* HAVE_PHP_SESSION */ + +#warning BUILDING SUHOSIN WITHOUT SESSION SUPPORT + +void suhosin_hook_session(TSRMLS_D) +{ +} + +void suhosin_unhook_session(TSRMLS_D) +{ +} + +#endif /* HAVE_PHP_SESSION */ + + /* * Local variables: * tab-width: 4 -- cgit v1.3