diff options
| author | Ben Fuhrmannek | 2021-09-03 13:25:33 +0200 |
|---|---|---|
| committer | Ben Fuhrmannek | 2021-09-03 13:25:33 +0200 |
| commit | 2e4fda2c67ce98c9be9092effe2522c1de9f7efc (patch) | |
| tree | 334d38d09c70220db4c2b3f6fd442638d305d3a7 /src | |
| parent | 6900dbd5573d7ddb04c2ccb59a4aefca841e124b (diff) | |
fixed session encryption in php8 + related test cases
Diffstat (limited to 'src')
8 files changed, 61 insertions, 25 deletions
diff --git a/src/sp_crypt.c b/src/sp_crypt.c index eeffe33..ff8f65e 100644 --- a/src/sp_crypt.c +++ b/src/sp_crypt.c | |||
| @@ -43,8 +43,7 @@ int decrypt_zval(zval *pDest, bool simulation, zend_hash_key *hash_key) { | |||
| 43 | unsigned char *decrypted = NULL, *backup = NULL; | 43 | unsigned char *decrypted = NULL, *backup = NULL; |
| 44 | int ret = 0; | 44 | int ret = 0; |
| 45 | 45 | ||
| 46 | zend_string *debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), | 46 | zend_string *debase64 = php_base64_decode((unsigned char *)(Z_STRVAL_P(pDest)), Z_STRLEN_P(pDest)); |
| 47 | Z_STRLEN_P(pDest)); | ||
| 48 | 47 | ||
| 49 | if (ZSTR_LEN(debase64) < crypto_secretbox_NONCEBYTES) { | 48 | if (ZSTR_LEN(debase64) < crypto_secretbox_NONCEBYTES) { |
| 50 | if (true == simulation) { | 49 | if (true == simulation) { |
diff --git a/src/sp_session.c b/src/sp_session.c index b2f4a43..7fa4937 100644 --- a/src/sp_session.c +++ b/src/sp_session.c | |||
| @@ -113,16 +113,9 @@ static PHP_INI_MH(sp_OnUpdateSaveHandler) { | |||
| 113 | } | 113 | } |
| 114 | 114 | ||
| 115 | static int sp_hook_session_RINIT(INIT_FUNC_ARGS) { | 115 | static int sp_hook_session_RINIT(INIT_FUNC_ARGS) { |
| 116 | if (SESSION_G(mod) == NULL) { | 116 | int ret = previous_sessionRINIT(INIT_FUNC_ARGS_PASSTHRU); |
| 117 | zend_ini_entry *ini_entry; | 117 | sp_hook_session_module(); |
| 118 | if ((ini_entry = zend_hash_str_find_ptr( | 118 | return ret; |
| 119 | EG(ini_directives), ZEND_STRL("session.save_handler")))) { | ||
| 120 | if (ini_entry && ini_entry->value) { | ||
| 121 | sp_OnUpdateSaveHandler(NULL, ini_entry->value, NULL, NULL, NULL, 0); | ||
| 122 | } | ||
| 123 | } | ||
| 124 | } | ||
| 125 | return previous_sessionRINIT(INIT_FUNC_ARGS_PASSTHRU); | ||
| 126 | } | 119 | } |
| 127 | 120 | ||
| 128 | void hook_session() { | 121 | void hook_session() { |
diff --git a/src/tests/session_encryption/crypt_session_corrupted_session.phpt b/src/tests/session_encryption/crypt_session_corrupted_session.phpt index 6f9c287..db3f949 100644 --- a/src/tests/session_encryption/crypt_session_corrupted_session.phpt +++ b/src/tests/session_encryption/crypt_session_corrupted_session.phpt | |||
| @@ -6,7 +6,7 @@ Set a custom session handler | |||
| 6 | <?php if (PHP_VERSION_ID >= 70400) print "skip"; ?> | 6 | <?php if (PHP_VERSION_ID >= 70400) print "skip"; ?> |
| 7 | --INI-- | 7 | --INI-- |
| 8 | sp.configuration_file={PWD}/config/config_crypt_session.ini | 8 | sp.configuration_file={PWD}/config/config_crypt_session.ini |
| 9 | session.save_path = "/tmp" | 9 | session.save_path="/tmp" |
| 10 | --ENV-- | 10 | --ENV-- |
| 11 | return <<<EOF | 11 | return <<<EOF |
| 12 | REMOTE_ADDR=127.0.0.1 | 12 | REMOTE_ADDR=127.0.0.1 |
diff --git a/src/tests/session_encryption/crypt_session_invalid_simul.phpt b/src/tests/session_encryption/crypt_session_invalid_simul.phpt index cbb80dc..80edb8a 100644 --- a/src/tests/session_encryption/crypt_session_invalid_simul.phpt +++ b/src/tests/session_encryption/crypt_session_invalid_simul.phpt | |||
| @@ -1,9 +1,12 @@ | |||
| 1 | --TEST-- | 1 | --TEST-- |
| 2 | SESSION crypt and bad decrypt | 2 | SESSION crypt and bad decrypt |
| 3 | --SKIPIF-- | 3 | --SKIPIF-- |
| 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> | 4 | <?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID < 70400) print "skip"; ?> |
| 5 | --INI-- | 5 | --INI-- |
| 6 | sp.configuration_file={PWD}/config/config_crypt_session_simul.ini | 6 | sp.configuration_file={PWD}/config/config_crypt_session_simul.ini |
| 7 | display_errors=0 | ||
| 8 | log_errors=1 | ||
| 9 | error_log="{PWD}"/crypt_session_invalid_simul.tmp | ||
| 7 | --ENV-- | 10 | --ENV-- |
| 8 | return <<<EOF | 11 | return <<<EOF |
| 9 | REMOTE_ADDR=127.0.0.1 | 12 | REMOTE_ADDR=127.0.0.1 |
| @@ -19,9 +22,13 @@ putenv("REMOTE_ADDR=127.0.0.2"); | |||
| 19 | session_id($id); // Recover the session with the previous session_id | 22 | session_id($id); // Recover the session with the previous session_id |
| 20 | session_start(); // Re start the session, It will read and decrypt the non empty session | 23 | session_start(); // Re start the session, It will read and decrypt the non empty session |
| 21 | var_dump($_SESSION); // Dump the session | 24 | var_dump($_SESSION); // Dump the session |
| 25 | |||
| 26 | echo file_get_contents(dirname(__FILE__) . "/crypt_session_invalid_simul.tmp"); | ||
| 27 | unlink(dirname(__FILE__) . "/crypt_session_invalid_simul.tmp"); | ||
| 28 | |||
| 22 | ?> | 29 | ?> |
| 23 | --EXPECTF-- | 30 | --EXPECTF-- |
| 24 | array(1) { | 31 | array(0) { |
| 25 | ["toto"]=> | ||
| 26 | string(4) "tata" | ||
| 27 | } | 32 | } |
| 33 | %aPHP Warning: [snuffleupagus][127.0.0.2][cookie_encryption][simulation] Something went wrong with the decryption of the session. Using the cookie 'as is' instead of decrypting it in %a/crypt_session_invalid_simul.php on line 9 | ||
| 34 | %aPHP Warning: session_start(): Failed to decode session object. Session has been destroyed in %a/crypt_session_invalid_simul.php on line 9 | ||
diff --git a/src/tests/session_encryption/crypt_session_invalid_simul_php73.phpt b/src/tests/session_encryption/crypt_session_invalid_simul_php73.phpt new file mode 100644 index 0000000..4d1f747 --- /dev/null +++ b/src/tests/session_encryption/crypt_session_invalid_simul_php73.phpt | |||
| @@ -0,0 +1,33 @@ | |||
| 1 | --TEST-- | ||
| 2 | SESSION crypt and bad decrypt | ||
| 3 | --SKIPIF-- | ||
| 4 | <?php if (!extension_loaded("snuffleupagus") || PHP_VERSION_ID >= 70400) print "skip"; ?> | ||
| 5 | --INI-- | ||
| 6 | sp.configuration_file={PWD}/config/config_crypt_session_simul.ini | ||
| 7 | display_errors=0 | ||
| 8 | log_errors=1 | ||
| 9 | error_log="{PWD}"/crypt_session_invalid_simul.tmp | ||
| 10 | --ENV-- | ||
| 11 | return <<<EOF | ||
| 12 | REMOTE_ADDR=127.0.0.1 | ||
| 13 | EOF; | ||
| 14 | --FILE-- | ||
| 15 | <?php | ||
| 16 | // Do it like that to write (encrypt) the session and then to read (decrypt) the session | ||
| 17 | session_start(); // Start new_session , it will read an empty session | ||
| 18 | $_SESSION["toto"] = "tata"; // Encrypt and write the session | ||
| 19 | $id = session_id(); // Get the session_id to use it later | ||
| 20 | session_write_close(); // Close the session | ||
| 21 | putenv("REMOTE_ADDR=127.0.0.2"); | ||
| 22 | session_id($id); // Recover the session with the previous session_id | ||
| 23 | session_start(); // Re start the session, It will read and decrypt the non empty session | ||
| 24 | var_dump($_SESSION); // Dump the session | ||
| 25 | |||
| 26 | echo file_get_contents(dirname(__FILE__) . "/crypt_session_invalid_simul.tmp"); | ||
| 27 | unlink(dirname(__FILE__) . "/crypt_session_invalid_simul.tmp"); | ||
| 28 | |||
| 29 | ?> | ||
| 30 | --EXPECTF-- | ||
| 31 | array(0) { | ||
| 32 | } | ||
| 33 | %aPHP Warning: [snuffleupagus][127.0.0.2][cookie_encryption][simulation] Something went wrong with the decryption of the session. Using the cookie 'as is' instead of decrypting it in %a/crypt_session_invalid_simul%a.php on line 9 | ||
diff --git a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt index 5e81b52..e2e1737 100644 --- a/src/tests/session_encryption/crypt_session_read_uncrypt.phpt +++ b/src/tests/session_encryption/crypt_session_read_uncrypt.phpt | |||
| @@ -4,25 +4,28 @@ SESSION crypt/decrypt valid | |||
| 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> | 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> |
| 5 | --INI-- | 5 | --INI-- |
| 6 | sp.configuration_file={PWD}/config/config_crypt_session_simul.ini | 6 | sp.configuration_file={PWD}/config/config_crypt_session_simul.ini |
| 7 | session.save_path="{PWD}" | ||
| 8 | display_errors=0 | ||
| 9 | log_errors=1 | ||
| 10 | error_log="{PWD}"/crypt_session_read_uncrypt.tmp | ||
| 7 | --ENV-- | 11 | --ENV-- |
| 8 | return <<<EOF | 12 | return <<<EOF |
| 9 | REMOTE_ADDR=127.0.0.1 | 13 | REMOTE_ADDR=127.0.0.1 |
| 10 | EOF; | 14 | EOF; |
| 11 | --FILE-- | 15 | --FILE-- |
| 12 | <?php | 16 | <?php |
| 13 | $current_path = dirname(getcwd()) . "/src/tests/" ; | ||
| 14 | ini_set("session.save_path", $current_path); | ||
| 15 | |||
| 16 | session_start(); | 17 | session_start(); |
| 17 | $id = session_id(); // Get the session_id to use it later | 18 | $id = session_id(); // Get the session_id to use it later |
| 18 | $filename_sess = $current_path . "sess_" . $id; | 19 | $filename_sess = dirname(__FILE__) . "/sess_" . $id; |
| 19 | file_put_contents($filename_sess, "toto|s:4:\"tata\";"); // Write a unencrypted session | 20 | file_put_contents($filename_sess, "toto|s:4:\"tata\";"); // Write unencrypted session |
| 20 | session_write_close(); // Close the session | 21 | session_write_close(); // Close the session |
| 21 | 22 | ||
| 22 | session_id($id); | 23 | session_id($id); |
| 23 | session_start(); // Try to read the unencrypted session, it will fail to decrypt but it must return the session | 24 | session_start(); // Try to read the unencrypted session, it will fail to decrypt but it must return the session |
| 24 | var_dump($_SESSION); | 25 | var_dump($_SESSION); |
| 25 | echo "OK"; | 26 | echo "OK\n"; |
| 27 | echo file_get_contents(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp"); | ||
| 28 | unlink(dirname(__FILE__) . "/crypt_session_read_uncrypt.tmp"); | ||
| 26 | unlink($filename_sess); | 29 | unlink($filename_sess); |
| 27 | ?> | 30 | ?> |
| 28 | --EXPECTF-- | 31 | --EXPECTF-- |
| @@ -31,3 +34,4 @@ array(1) { | |||
| 31 | string(4) "tata" | 34 | string(4) "tata" |
| 32 | } | 35 | } |
| 33 | OK | 36 | OK |
| 37 | %aPHP Warning: [snuffleupagus][127.0.0.1][cookie_encryption][simulation] Buffer underflow tentative detected in cookie encryption handling for the session. Using the cookie 'as is' instead of decrypting it in %a/crypt_session_read_uncrypt.php on line 9 | ||
diff --git a/src/tests/session_encryption/set_custom_session_handler.phpt b/src/tests/session_encryption/set_custom_session_handler.phpt index 725ee43..1b81a04 100644 --- a/src/tests/session_encryption/set_custom_session_handler.phpt +++ b/src/tests/session_encryption/set_custom_session_handler.phpt | |||
| @@ -4,7 +4,7 @@ Set a custom session handler | |||
| 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> | 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> |
| 5 | --INI-- | 5 | --INI-- |
| 6 | sp.configuration_file={PWD}/config/config_crypt_session.ini | 6 | sp.configuration_file={PWD}/config/config_crypt_session.ini |
| 7 | session.save_path = "/tmp" | 7 | session.save_path="/tmp" |
| 8 | --ENV-- | 8 | --ENV-- |
| 9 | return <<<EOF | 9 | return <<<EOF |
| 10 | REMOTE_ADDR=127.0.0.1 | 10 | REMOTE_ADDR=127.0.0.1 |
diff --git a/src/tests/session_encryption/set_custom_session_handler2.phpt b/src/tests/session_encryption/set_custom_session_handler2.phpt index 8cc6786..58b6595 100644 --- a/src/tests/session_encryption/set_custom_session_handler2.phpt +++ b/src/tests/session_encryption/set_custom_session_handler2.phpt | |||
| @@ -4,7 +4,7 @@ Set a custom session handler, twice | |||
| 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> | 4 | <?php if (!extension_loaded("snuffleupagus")) print "skip"; ?> |
| 5 | --INI-- | 5 | --INI-- |
| 6 | sp.configuration_file={PWD}/config/config_crypt_session.ini | 6 | sp.configuration_file={PWD}/config/config_crypt_session.ini |
| 7 | session.save_path = "/tmp" | 7 | session.save_path="/tmp" |
| 8 | --ENV-- | 8 | --ENV-- |
| 9 | return <<<EOF | 9 | return <<<EOF |
| 10 | REMOTE_ADDR=127.0.0.1 | 10 | REMOTE_ADDR=127.0.0.1 |