diff options
Diffstat (limited to 'src/sp_session.c')
| -rw-r--r-- | src/sp_session.c | 60 |
1 files changed, 30 insertions, 30 deletions
diff --git a/src/sp_session.c b/src/sp_session.c index b2f4a43..6335838 100644 --- a/src/sp_session.c +++ b/src/sp_session.c | |||
| @@ -1,7 +1,5 @@ | |||
| 1 | #include "php_snuffleupagus.h" | 1 | #include "php_snuffleupagus.h" |
| 2 | 2 | ||
| 3 | #if (HAVE_PHP_SESSION && !defined(COMPILE_DL_SESSION)) | ||
| 4 | |||
| 5 | #ifdef ZTS | 3 | #ifdef ZTS |
| 6 | static ts_rsrc_id session_globals_id = 0; | 4 | static ts_rsrc_id session_globals_id = 0; |
| 7 | #define SESSION_G(v) ZEND_TSRMG(session_globals_id, php_ps_globals *, v) | 5 | #define SESSION_G(v) ZEND_TSRMG(session_globals_id, php_ps_globals *, v) |
| @@ -10,7 +8,7 @@ ZEND_TSRMLS_CACHE_EXTERN(); | |||
| 10 | #endif | 8 | #endif |
| 11 | #else | 9 | #else |
| 12 | static php_ps_globals *session_globals = NULL; | 10 | static php_ps_globals *session_globals = NULL; |
| 13 | #define SESSION_G(v) (ps_globals.v) | 11 | #define SESSION_G(v) (session_globals->v) |
| 14 | #endif | 12 | #endif |
| 15 | 13 | ||
| 16 | static ps_module *s_module; | 14 | static ps_module *s_module; |
| @@ -24,21 +22,35 @@ static int (*old_s_write)(PS_WRITE_ARGS); | |||
| 24 | static int (*previous_sessionRINIT)(INIT_FUNC_ARGS) = NULL; | 22 | static int (*previous_sessionRINIT)(INIT_FUNC_ARGS) = NULL; |
| 25 | static ZEND_INI_MH((*old_OnUpdateSaveHandler)) = NULL; | 23 | static ZEND_INI_MH((*old_OnUpdateSaveHandler)) = NULL; |
| 26 | 24 | ||
| 25 | static void check_sid_length(zend_string *sid) { | ||
| 26 | const sp_config_session *cfg = &(SPCFG(session)); | ||
| 27 | |||
| 28 | if (sid) { | ||
| 29 | if (cfg->sid_min_length && ZSTR_LEN(sid) < cfg->sid_min_length) { | ||
| 30 | sp_log_auto("session", cfg->simulation, "Session ID is too short"); | ||
| 31 | } | ||
| 32 | if (cfg->sid_max_length && ZSTR_LEN(sid) > cfg->sid_max_length) { | ||
| 33 | sp_log_auto("session", cfg->simulation, "Session ID is too long"); | ||
| 34 | } | ||
| 35 | } | ||
| 36 | } | ||
| 37 | |||
| 27 | static int sp_hook_s_read(PS_READ_ARGS) { | 38 | static int sp_hook_s_read(PS_READ_ARGS) { |
| 39 | const sp_config_session *cfg = &(SPCFG(session)); | ||
| 40 | check_sid_length(key); | ||
| 41 | |||
| 28 | int r = old_s_read(mod_data, key, val, maxlifetime); | 42 | int r = old_s_read(mod_data, key, val, maxlifetime); |
| 29 | const sp_config_session *config_session = | ||
| 30 | SNUFFLEUPAGUS_G(config).config_session; | ||
| 31 | 43 | ||
| 32 | if ((NULL == val) || (NULL == *val) || (0 == ZSTR_LEN(*val))) { | 44 | if ((NULL == val) || (NULL == *val) || (0 == ZSTR_LEN(*val))) { |
| 33 | return r; | 45 | return r; |
| 34 | } | 46 | } |
| 35 | 47 | ||
| 36 | if (r == SUCCESS && config_session->encrypt) { | 48 | if (r == SUCCESS && cfg->encrypt) { |
| 37 | zend_string *orig_val = *val; | 49 | zend_string *orig_val = *val; |
| 38 | zval val_zval; | 50 | zval val_zval; |
| 39 | ZVAL_PSTRINGL(&val_zval, ZSTR_VAL(*val), ZSTR_LEN(*val)); | 51 | ZVAL_PSTRINGL(&val_zval, ZSTR_VAL(*val), ZSTR_LEN(*val)); |
| 40 | 52 | ||
| 41 | int ret = decrypt_zval(&val_zval, config_session->simulation, NULL); | 53 | int ret = decrypt_zval(&val_zval, cfg->simulation, NULL); |
| 42 | if (ZEND_HASH_APPLY_KEEP != ret) { | 54 | if (ZEND_HASH_APPLY_KEEP != ret) { |
| 43 | zend_bailout(); | 55 | zend_bailout(); |
| 44 | } | 56 | } |
| @@ -51,7 +63,10 @@ static int sp_hook_s_read(PS_READ_ARGS) { | |||
| 51 | } | 63 | } |
| 52 | 64 | ||
| 53 | static int sp_hook_s_write(PS_WRITE_ARGS) { | 65 | static int sp_hook_s_write(PS_WRITE_ARGS) { |
| 54 | if (ZSTR_LEN(val) > 0 && SNUFFLEUPAGUS_G(config).config_session->encrypt) { | 66 | const sp_config_session *cfg = &(SPCFG(session)); |
| 67 | check_sid_length(key); | ||
| 68 | |||
| 69 | if (ZSTR_LEN(val) > 0 && cfg->encrypt) { | ||
| 55 | zend_string *new_val = encrypt_zval(val); | 70 | zend_string *new_val = encrypt_zval(val); |
| 56 | return old_s_write(mod_data, key, new_val, maxlifetime); | 71 | return old_s_write(mod_data, key, new_val, maxlifetime); |
| 57 | } | 72 | } |
| @@ -104,8 +119,7 @@ static PHP_INI_MH(sp_OnUpdateSaveHandler) { | |||
| 104 | 119 | ||
| 105 | SESSION_G(mod) = s_original_mod; | 120 | SESSION_G(mod) = s_original_mod; |
| 106 | 121 | ||
| 107 | int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3, | 122 | int r = old_OnUpdateSaveHandler(entry, new_value, mh_arg1, mh_arg2, mh_arg3, stage); |
| 108 | stage); | ||
| 109 | 123 | ||
| 110 | sp_hook_session_module(); | 124 | sp_hook_session_module(); |
| 111 | 125 | ||
| @@ -113,23 +127,16 @@ static PHP_INI_MH(sp_OnUpdateSaveHandler) { | |||
| 113 | } | 127 | } |
| 114 | 128 | ||
| 115 | static int sp_hook_session_RINIT(INIT_FUNC_ARGS) { | 129 | static int sp_hook_session_RINIT(INIT_FUNC_ARGS) { |
| 116 | if (SESSION_G(mod) == NULL) { | 130 | int ret = previous_sessionRINIT(INIT_FUNC_ARGS_PASSTHRU); |
| 117 | zend_ini_entry *ini_entry; | 131 | sp_hook_session_module(); |
| 118 | if ((ini_entry = zend_hash_str_find_ptr( | 132 | return ret; |
| 119 | EG(ini_directives), ZEND_STRL("session.save_handler")))) { | ||
| 120 | if (ini_entry && ini_entry->value) { | ||
| 121 | sp_OnUpdateSaveHandler(NULL, ini_entry->value, NULL, NULL, NULL, 0); | ||
| 122 | } | ||
| 123 | } | ||
| 124 | } | ||
| 125 | return previous_sessionRINIT(INIT_FUNC_ARGS_PASSTHRU); | ||
| 126 | } | 133 | } |
| 127 | 134 | ||
| 128 | void hook_session() { | 135 | void hook_session() { |
| 129 | zend_module_entry *module; | 136 | zend_module_entry *module; |
| 130 | 137 | ||
| 131 | if ((module = zend_hash_str_find_ptr(&module_registry, | 138 | if ((module = zend_hash_str_find_ptr(&module_registry, ZEND_STRL("session"))) == NULL) { |
| 132 | ZEND_STRL("session"))) == NULL) { | 139 | sp_log_err("session", "You are trying to use session encryption or session ID restrictions, but your PHP installation has no session support. Please install the PHP session module or recompile PHP with session support."); |
| 133 | return; // LCOV_EXCL_LINE | 140 | return; // LCOV_EXCL_LINE |
| 134 | } | 141 | } |
| 135 | 142 | ||
| @@ -150,8 +157,7 @@ void hook_session() { | |||
| 150 | module->request_startup_func = sp_hook_session_RINIT; | 157 | module->request_startup_func = sp_hook_session_RINIT; |
| 151 | 158 | ||
| 152 | zend_ini_entry *ini_entry; | 159 | zend_ini_entry *ini_entry; |
| 153 | if ((ini_entry = zend_hash_str_find_ptr( | 160 | if ((ini_entry = zend_hash_str_find_ptr(EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) { |
| 154 | EG(ini_directives), ZEND_STRL("session.save_handler"))) != NULL) { | ||
| 155 | old_OnUpdateSaveHandler = ini_entry->on_modify; | 161 | old_OnUpdateSaveHandler = ini_entry->on_modify; |
| 156 | ini_entry->on_modify = sp_OnUpdateSaveHandler; | 162 | ini_entry->on_modify = sp_OnUpdateSaveHandler; |
| 157 | } | 163 | } |
| @@ -159,9 +165,3 @@ void hook_session() { | |||
| 159 | 165 | ||
| 160 | sp_hook_session_module(); | 166 | sp_hook_session_module(); |
| 161 | } | 167 | } |
| 162 | |||
| 163 | #else | ||
| 164 | |||
| 165 | void hook_session() {} | ||
| 166 | |||
| 167 | #endif // HAVE_PHP_SESSION && !defined(COMPILE_DL_SESSION) | ||