diff options
| author | Ben Fuhrmannek | 2016-10-12 14:57:47 +0200 |
|---|---|---|
| committer | Ben Fuhrmannek | 2016-10-12 14:57:47 +0200 |
| commit | 1a3fd5eeb9a5859aefedb9302adb6ecd6a1873a7 (patch) | |
| tree | a8925768de344632ec89e051a3c71a3c7c61ffd3 /session.c | |
| parent | 2e4fbdbdd8ff3b1d1a0edb579392506ef3ed98e2 (diff) | |
comments and whitespace cleanup
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 47 |
1 files changed, 22 insertions, 25 deletions
| @@ -17,9 +17,6 @@ | |||
| 17 | | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | | 17 | | Ben Fuhrmannek <ben.fuhrmannek@sektioneins.de> | |
| 18 | +----------------------------------------------------------------------+ | 18 | +----------------------------------------------------------------------+ |
| 19 | */ | 19 | */ |
| 20 | /* | ||
| 21 | $Id: session.c,v 1.1.1.1 2007-11-28 01:15:35 sesser Exp $ | ||
| 22 | */ | ||
| 23 | 20 | ||
| 24 | #ifdef HAVE_CONFIG_H | 21 | #ifdef HAVE_CONFIG_H |
| 25 | #include "config.h" | 22 | #include "config.h" |
| @@ -59,8 +56,8 @@ static void suhosin_send_cookie() | |||
| 59 | int * session_send_cookie = &SESSION_G(send_cookie); | 56 | int * session_send_cookie = &SESSION_G(send_cookie); |
| 60 | char * base; | 57 | char * base; |
| 61 | zend_ini_entry *ini_entry; | 58 | zend_ini_entry *ini_entry; |
| 62 | 59 | ||
| 63 | /* The following is requires to be 100% compatible to PHP | 60 | /* The following is requires to be 100% compatible to PHP |
| 64 | versions where the hash extension is not available by default */ | 61 | versions where the hash extension is not available by default */ |
| 65 | if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.hash_bits_per_character"))) != NULL) { | 62 | if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.hash_bits_per_character"))) != NULL) { |
| 66 | #ifndef ZTS | 63 | #ifndef ZTS |
| @@ -81,12 +78,12 @@ static int (*old_SessionRINIT)(INIT_FUNC_ARGS) = NULL; | |||
| 81 | static int suhosin_hook_s_read(PS_READ_ARGS) | 78 | static int suhosin_hook_s_read(PS_READ_ARGS) |
| 82 | { | 79 | { |
| 83 | zend_string *new_key = key; | 80 | zend_string *new_key = key; |
| 84 | 81 | ||
| 85 | /* protect session vars */ | 82 | /* protect session vars */ |
| 86 | /* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) { | 83 | /* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) { |
| 87 | SESSION_G(http_session_vars)->refcount++; | 84 | SESSION_G(http_session_vars)->refcount++; |
| 88 | }*/ | 85 | }*/ |
| 89 | 86 | ||
| 90 | /* protect dumb session handlers */ | 87 | /* protect dumb session handlers */ |
| 91 | if (COND_DUMB_SH) { | 88 | if (COND_DUMB_SH) { |
| 92 | regenerate: | 89 | regenerate: |
| @@ -105,10 +102,10 @@ regenerate: | |||
| 105 | 102 | ||
| 106 | if (r == SUCCESS && SUHOSIN7_G(session_encrypt) && val != NULL && *val != NULL && ZSTR_LEN(*val)) { | 103 | if (r == SUCCESS && SUHOSIN7_G(session_encrypt) && val != NULL && *val != NULL && ZSTR_LEN(*val)) { |
| 107 | char cryptkey[33]; | 104 | char cryptkey[33]; |
| 108 | 105 | ||
| 109 | // SUHOSIN7_G(do_not_scan) = 1; | 106 | // SUHOSIN7_G(do_not_scan) = 1; |
| 110 | S7_GENERATE_KEY(session, cryptkey); | 107 | S7_GENERATE_KEY(session, cryptkey); |
| 111 | 108 | ||
| 112 | zend_string *orig_val = *val; | 109 | zend_string *orig_val = *val; |
| 113 | *val = suhosin_decrypt_string(ZSTR_VAL(*val), ZSTR_LEN(*val), "", 0, (char *)cryptkey, SUHOSIN7_G(session_checkraddr)); | 110 | *val = suhosin_decrypt_string(ZSTR_VAL(*val), ZSTR_LEN(*val), "", 0, (char *)cryptkey, SUHOSIN7_G(session_checkraddr)); |
| 114 | // SUHOSIN7_G(do_not_scan) = 0; | 111 | // SUHOSIN7_G(do_not_scan) = 0; |
| @@ -117,7 +114,7 @@ regenerate: | |||
| 117 | } | 114 | } |
| 118 | zend_string_release(orig_val); | 115 | zend_string_release(orig_val); |
| 119 | } | 116 | } |
| 120 | 117 | ||
| 121 | return r; | 118 | return r; |
| 122 | } | 119 | } |
| 123 | 120 | ||
| @@ -132,7 +129,7 @@ static int suhosin_hook_s_write(PS_WRITE_ARGS) | |||
| 132 | char cryptkey[33]; | 129 | char cryptkey[33]; |
| 133 | // SUHOSIN7_G(do_not_scan) = 1; | 130 | // SUHOSIN7_G(do_not_scan) = 1; |
| 134 | S7_GENERATE_KEY(session, cryptkey); | 131 | S7_GENERATE_KEY(session, cryptkey); |
| 135 | 132 | ||
| 136 | zend_string *v = suhosin_encrypt_string(ZSTR_VAL(val), ZSTR_LEN(val), "", 0, cryptkey); | 133 | zend_string *v = suhosin_encrypt_string(ZSTR_VAL(val), ZSTR_LEN(val), "", 0, cryptkey); |
| 137 | 134 | ||
| 138 | // SUHOSIN7_G(do_not_scan) = 0; | 135 | // SUHOSIN7_G(do_not_scan) = 0; |
| @@ -140,7 +137,7 @@ static int suhosin_hook_s_write(PS_WRITE_ARGS) | |||
| 140 | } | 137 | } |
| 141 | 138 | ||
| 142 | return SUHOSIN7_G(old_s_write)(mod_data, key, val, maxlifetime); | 139 | return SUHOSIN7_G(old_s_write)(mod_data, key, val, maxlifetime); |
| 143 | 140 | ||
| 144 | // return_write: | 141 | // return_write: |
| 145 | /* protect session vars */ | 142 | /* protect session vars */ |
| 146 | /* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) { | 143 | /* if (SESSION_G(http_session_vars) && SESSION_G(http_session_vars)->type == IS_ARRAY) { |
| @@ -163,7 +160,7 @@ static int suhosin_hook_s_destroy(PS_DESTROY_ARGS) | |||
| 163 | if (COND_DUMB_SH) { | 160 | if (COND_DUMB_SH) { |
| 164 | return FAILURE; | 161 | return FAILURE; |
| 165 | } | 162 | } |
| 166 | 163 | ||
| 167 | return SUHOSIN7_G(old_s_destroy)(mod_data, key); | 164 | return SUHOSIN7_G(old_s_destroy)(mod_data, key); |
| 168 | } | 165 | } |
| 169 | 166 | ||
| @@ -171,7 +168,7 @@ static void suhosin_hook_session_module() | |||
| 171 | { | 168 | { |
| 172 | ps_module *old_mod = SESSION_G(mod); | 169 | ps_module *old_mod = SESSION_G(mod); |
| 173 | ps_module *mod; | 170 | ps_module *mod; |
| 174 | 171 | ||
| 175 | if (old_mod == NULL || SUHOSIN7_G(s_module) == old_mod) { | 172 | if (old_mod == NULL || SUHOSIN7_G(s_module) == old_mod) { |
| 176 | return; | 173 | return; |
| 177 | } | 174 | } |
| @@ -182,19 +179,19 @@ static void suhosin_hook_session_module() | |||
| 182 | return; | 179 | return; |
| 183 | } | 180 | } |
| 184 | } | 181 | } |
| 185 | 182 | ||
| 186 | SUHOSIN7_G(s_original_mod) = old_mod; | 183 | SUHOSIN7_G(s_original_mod) = old_mod; |
| 187 | 184 | ||
| 188 | mod = SUHOSIN7_G(s_module); | 185 | mod = SUHOSIN7_G(s_module); |
| 189 | memcpy(mod, old_mod, sizeof(ps_module)); | 186 | memcpy(mod, old_mod, sizeof(ps_module)); |
| 190 | 187 | ||
| 191 | SUHOSIN7_G(old_s_read) = mod->s_read; | 188 | SUHOSIN7_G(old_s_read) = mod->s_read; |
| 192 | mod->s_read = suhosin_hook_s_read; | 189 | mod->s_read = suhosin_hook_s_read; |
| 193 | SUHOSIN7_G(old_s_write) = mod->s_write; | 190 | SUHOSIN7_G(old_s_write) = mod->s_write; |
| 194 | mod->s_write = suhosin_hook_s_write; | 191 | mod->s_write = suhosin_hook_s_write; |
| 195 | SUHOSIN7_G(old_s_destroy) = mod->s_destroy; | 192 | SUHOSIN7_G(old_s_destroy) = mod->s_destroy; |
| 196 | mod->s_destroy = suhosin_hook_s_destroy; | 193 | mod->s_destroy = suhosin_hook_s_destroy; |
| 197 | 194 | ||
| 198 | SESSION_G(mod) = mod; | 195 | SESSION_G(mod) = mod; |
| 199 | } | 196 | } |
| 200 | 197 | ||
| @@ -211,7 +208,7 @@ static PHP_INI_MH(suhosin_OnUpdateSaveHandler) | |||
| 211 | SESSION_G(mod) = SUHOSIN7_G(s_original_mod); | 208 | SESSION_G(mod) = SUHOSIN7_G(s_original_mod); |
| 212 | 209 | ||
| 213 | int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); | 210 | int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); |
| 214 | 211 | ||
| 215 | suhosin_hook_session_module(); | 212 | suhosin_hook_session_module(); |
| 216 | 213 | ||
| 217 | return r; | 214 | return r; |
| @@ -234,7 +231,7 @@ static int suhosin_hook_session_RINIT(INIT_FUNC_ARGS) | |||
| 234 | void suhosin_hook_session() | 231 | void suhosin_hook_session() |
| 235 | { | 232 | { |
| 236 | zend_module_entry *module; | 233 | zend_module_entry *module; |
| 237 | 234 | ||
| 238 | if ((module = zend_hash_str_find_ptr(&module_registry, ZEND_STRL("session"))) == NULL) { | 235 | if ((module = zend_hash_str_find_ptr(&module_registry, ZEND_STRL("session"))) == NULL) { |
| 239 | return; | 236 | return; |
| 240 | } | 237 | } |
| @@ -248,15 +245,15 @@ void suhosin_hook_session() | |||
| 248 | session_globals = module->globals_ptr; | 245 | session_globals = module->globals_ptr; |
| 249 | } | 246 | } |
| 250 | #endif | 247 | #endif |
| 251 | 248 | ||
| 252 | if (old_OnUpdateSaveHandler != NULL) { | 249 | if (old_OnUpdateSaveHandler != NULL) { |
| 253 | return; | 250 | return; |
| 254 | } | 251 | } |
| 255 | 252 | ||
| 256 | /* hook request startup function of session module */ | 253 | /* hook request startup function of session module */ |
| 257 | old_SessionRINIT = module->request_startup_func; | 254 | old_SessionRINIT = module->request_startup_func; |
| 258 | module->request_startup_func = suhosin_hook_session_RINIT; | 255 | module->request_startup_func = suhosin_hook_session_RINIT; |
| 259 | 256 | ||
| 260 | /* retrieve pointer to session.save_handler ini entry */ | 257 | /* retrieve pointer to session.save_handler ini entry */ |
| 261 | zend_ini_entry *ini_entry; | 258 | zend_ini_entry *ini_entry; |
| 262 | if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) { | 259 | if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) { |
| @@ -282,14 +279,14 @@ void suhosin_hook_session() | |||
| 282 | // if (old_OnUpdateSaveHandler == NULL) { | 279 | // if (old_OnUpdateSaveHandler == NULL) { |
| 283 | // return; | 280 | // return; |
| 284 | // } | 281 | // } |
| 285 | // | 282 | // |
| 286 | // /* retrieve pointer to session.save_handler ini entry */ | 283 | // /* retrieve pointer to session.save_handler ini entry */ |
| 287 | // zend_ini_entry *ini_entry; | 284 | // zend_ini_entry *ini_entry; |
| 288 | // if ((ini_entry = zend_hash_find(EG(ini_directives), ZEND_STRL("session.save_handler"))) == NULL) { | 285 | // if ((ini_entry = zend_hash_find(EG(ini_directives), ZEND_STRL("session.save_handler"))) == NULL) { |
| 289 | // return; | 286 | // return; |
| 290 | // } | 287 | // } |
| 291 | // ini_entry->on_modify = old_OnUpdateSaveHandler; | 288 | // ini_entry->on_modify = old_OnUpdateSaveHandler; |
| 292 | // old_OnUpdateSaveHandler = NULL; | 289 | // old_OnUpdateSaveHandler = NULL; |
| 293 | // } | 290 | // } |
| 294 | 291 | ||
| 295 | #else /* HAVE_PHP_SESSION */ | 292 | #else /* HAVE_PHP_SESSION */ |