modules/session/mod_session_dbd.c

fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/* Licensed to the Apache Software Foundation (ASF) under one or more
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * contributor license agreements.  See the NOTICE file distributed with
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * this work for additional information regarding copyright ownership.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * The ASF licenses this file to You under the Apache License, Version 2.0
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * (the "License"); you may not use this file except in compliance with
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * the License.  You may obtain a copy of the License at
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *     http://www.apache.org/licenses/LICENSE-2.0
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Unless required by applicable law or agreed to in writing, software
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * distributed under the License is distributed on an "AS IS" BASIS,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * See the License for the specific language governing permissions and
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * limitations under the License.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "mod_session.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "apr_lib.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "apr_strings.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "http_log.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "util_cookies.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "apr_dbd.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "mod_dbd.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#include "mpm_common.h"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin#define MOD_SESSION_DBD "mod_session_dbd"
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinmodule AP_MODULE_DECLARE_DATA session_dbd_module;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Structure to carry the per-dir session config.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrintypedef struct {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *name;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int name_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *name_attrs;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *name2;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int name2_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *name2_attrs;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int peruser;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int peruser_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int remove;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int remove_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *selectlabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *insertlabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *updatelabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *deletelabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin} session_dbd_dir_conf;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/* optional function - look it up once in post_config */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic ap_dbd_t *(*session_dbd_acquire_fn) (request_rec *) = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic void (*session_dbd_prepare_fn) (server_rec *, const char *, const char *) = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Initialise the database.
41abbbf0cbaef202fe1ba2dd671ea48990d6e012minfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * If the mod_dbd module is missing, this method will return APR_EGENERAL.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic apr_status_t dbd_init(request_rec *r, const char *query, ap_dbd_t **dbdp,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                             apr_dbd_prepared_t **statementp)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    ap_dbd_t *dbd;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_dbd_prepared_t *statement;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (!session_dbd_prepare_fn || !session_dbd_acquire_fn) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        session_dbd_prepare_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_prepare);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        session_dbd_acquire_fn = APR_RETRIEVE_OPTIONAL_FN(ap_dbd_acquire);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (!session_dbd_prepare_fn || !session_dbd_acquire_fn) {
185aa71728867671e105178b4c66fbc22b65ae26sf            ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01850)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                          "You must load mod_dbd to enable AuthDBD functions");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    dbd = session_dbd_acquire_fn(r);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (!dbd) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01851)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "failed to acquire database connection");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    statement = apr_hash_get(dbd->prepared, query, APR_HASH_KEY_STRING);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (!statement) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01852)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "failed to find the prepared statement called '%s'", query);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
41abbbf0cbaef202fe1ba2dd671ea48990d6e012minfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    *dbdp = dbd;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    *statementp = statement;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return APR_SUCCESS;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Load the session by the key specified.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic apr_status_t dbd_load(request_rec * r, const char *key, const char **val)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_status_t rv;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    ap_dbd_t *dbd = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_dbd_prepared_t *statement = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_dbd_results_t *res = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_dbd_row_t *row = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_int64_t expiry = (apr_int64_t) apr_time_now();
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = ap_get_module_config(r->per_dir_config,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                                                      &session_dbd_module);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (conf->selectlabel == NULL) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01853)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "no SessionDBDselectlabel has been specified");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    rv = dbd_init(r, conf->selectlabel, &dbd, &statement);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (rv) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return rv;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    rv = apr_dbd_pvbselect(dbd->driver, r->pool, dbd->handle, &res, statement,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                          0, key, &expiry, NULL);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (rv) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01854)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "query execution error saving session '%s' "
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "in database using query '%s': %s", key, conf->selectlabel,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      apr_dbd_error(dbd->driver, dbd->handle, rv));
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    for (rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin         rv != -1;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin         rv = apr_dbd_get_row(dbd->driver, r->pool, res, &row, -1)) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (rv != 0) {
185aa71728867671e105178b4c66fbc22b65ae26sf            ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01855)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                          "error retrieving results while saving '%s' "
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                          "in database using query '%s': %s", key, conf->selectlabel,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                           apr_dbd_error(dbd->driver, dbd->handle, rv));
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (*val == NULL) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            *val = apr_dbd_get_entry(dbd->driver, row, 0);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        /* we can't break out here or row won't get cleaned up */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return APR_SUCCESS;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Load the session by firing off a dbd query.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * If the session is anonymous, the session key will be extracted from
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * the cookie specified. Failing that, the session key will be extracted
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * from the GET parameters.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * If the session is keyed by the username, the session will be extracted
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * by that.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * If no session is found, an empty session will be created.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * On success, this returns OK.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
ca42f4cf489571eeb9c4ae3d83edebd2fb150fa8minfrinstatic apr_status_t session_dbd_load(request_rec * r, session_rec ** z)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = ap_get_module_config(r->per_dir_config,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                                                      &session_dbd_module);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_status_t ret = APR_SUCCESS;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_rec *zz = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *name = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *note = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *val = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    const char *key = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    request_rec *m = r->main ? r->main : r;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* is our session in a cookie? */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (conf->name2_set) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        name = conf->name2;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    else if (conf->name_set) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        name = conf->name;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    else if (conf->peruser_set && r->user) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        name = r->user;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    else {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return DECLINED;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* first look in the notes */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    note = apr_pstrcat(r->pool, MOD_SESSION_DBD, name, NULL);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    zz = (session_rec *)apr_table_get(m->notes, note);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (zz) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        *z = zz;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return OK;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* load anonymous sessions */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (conf->name_set || conf->name2_set) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
5edf72b75a8549a34c150eda3c37b6368301fcefminfrin        /* load an RFC2109 or RFC2965 compliant cookie */
5edf72b75a8549a34c150eda3c37b6368301fcefminfrin        ap_cookie_read(r, name, &key, conf->remove);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (key) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            ret = dbd_load(r, key, &val);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            if (ret != APR_SUCCESS) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                return ret;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* load named session */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    else if (conf->peruser) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (r->user) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            ret = dbd_load(r, r->user, &val);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            if (ret != APR_SUCCESS) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                return ret;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* otherwise not for us */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    else {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return DECLINED;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* create a new session and return it */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    zz = (session_rec *) apr_pcalloc(r->pool, sizeof(session_rec));
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    zz->pool = r->pool;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    zz->entries = apr_table_make(zz->pool, 10);
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin    if (key && val) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        apr_uuid_t *uuid = apr_pcalloc(zz->pool, sizeof(apr_uuid_t));
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        if (APR_SUCCESS == apr_uuid_parse(uuid, key)) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            zz->uuid = uuid;
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    zz->encoded = val;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    *z = zz;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* put the session in the notes so we don't have to parse it again */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_table_setn(m->notes, note, (char *)zz);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return OK;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Save the session by the key specified.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrinstatic apr_status_t dbd_save(request_rec * r, const char *oldkey,
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        const char *newkey, const char *val, apr_int64_t expiry)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_status_t rv;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    ap_dbd_t *dbd = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_dbd_prepared_t *statement;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int rows = 0;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = ap_get_module_config(r->per_dir_config,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                                                      &session_dbd_module);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (conf->updatelabel == NULL) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01856)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "no SessionDBDupdatelabel has been specified");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    rv = dbd_init(r, conf->updatelabel, &dbd, &statement);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (rv) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return rv;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin    if (oldkey) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        rv = apr_dbd_pvbquery(dbd->driver, r->pool, dbd->handle, &rows,
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin                statement, val, &expiry, newkey, oldkey, NULL);
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        if (rv) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            ap_log_rerror(
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin                    APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01857) "query execution error updating session '%s' "
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin                    "using database query '%s': %s/%s", oldkey, newkey, conf->updatelabel, apr_dbd_error(dbd->driver, dbd->handle, rv));
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            return APR_EGENERAL;
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        }
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        /*
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin         * if some rows were updated it means a session existed and was updated,
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin         * so we are done.
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin         */
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        if (rows != 0) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            return APR_SUCCESS;
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (conf->insertlabel == NULL) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01858)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "no SessionDBDinsertlabel has been specified");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    rv = dbd_init(r, conf->insertlabel, &dbd, &statement);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (rv) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return rv;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    rv = apr_dbd_pvbquery(dbd->driver, r->pool, dbd->handle, &rows, statement,
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin                          val, &expiry, newkey, NULL);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (rv) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01859)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "query execution error inserting session '%s' "
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin                      "in database with '%s': %s", newkey, conf->insertlabel,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      apr_dbd_error(dbd->driver, dbd->handle, rv));
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /*
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin     * if some rows were inserted it means a session was inserted, so we are
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin     * done.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin     */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (rows != 0) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_SUCCESS;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
185aa71728867671e105178b4c66fbc22b65ae26sf    ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01860)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                  "the session insert query did not cause any rows to be added "
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin                  "to the database for session '%s', session not inserted", newkey);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Remove the session by the key specified.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic apr_status_t dbd_remove(request_rec * r, const char *key)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_status_t rv;
ca8584db70d0ff4d85cbfd912573688c41be27cfjailletc    ap_dbd_t *dbd;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_dbd_prepared_t *statement;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    int rows = 0;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = ap_get_module_config(r->per_dir_config,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                                                      &session_dbd_module);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (conf->deletelabel == NULL) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01862)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "no SessionDBDdeletelabel has been specified");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return APR_EGENERAL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
ca8584db70d0ff4d85cbfd912573688c41be27cfjailletc    rv = dbd_init(r, conf->deletelabel, &dbd, &statement);
ca8584db70d0ff4d85cbfd912573688c41be27cfjailletc    if (rv != APR_SUCCESS) {
de4140a67ad59a391e40a6441ce3f040a17f17e5fuankg        /* No need to do additional error logging here, it has already
de4140a67ad59a391e40a6441ce3f040a17f17e5fuankg           been done in dbd_init if needed */
82b134ecfcd9ecebcd5d3e729f36632bd72c7422jailletc        return rv;
82b134ecfcd9ecebcd5d3e729f36632bd72c7422jailletc    }
ca8584db70d0ff4d85cbfd912573688c41be27cfjailletc
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    rv = apr_dbd_pvbquery(dbd->driver, r->pool, dbd->handle, &rows, statement,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                          key, NULL);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (rv != APR_SUCCESS) {
185aa71728867671e105178b4c66fbc22b65ae26sf        ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01864)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "query execution error removing session '%s' "
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                      "from database", key);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return rv;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return APR_SUCCESS;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Clean out expired sessions.
41abbbf0cbaef202fe1ba2dd671ea48990d6e012minfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * TODO: We need to figure out a way to clean out expired sessions from the database.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * The monitor hook doesn't help us that much, as we have no handle into the
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * server, and so we need to come up with a way to do this safely.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
40965c37b2fd320093215de6c3fbd516382077eajimstatic apr_status_t dbd_clean(apr_pool_t *p, server_rec *s)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return APR_ENOTIMPL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Save the session by firing off a dbd query.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * If the session is anonymous, save the session and write a cookie
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * containing the uuid.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * If the session is keyed to the username, save the session using
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * the username as a key.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * On success, this method will return APR_SUCCESS.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * @param r The request pointer.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * @param z A pointer to where the session will be written.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
ca42f4cf489571eeb9c4ae3d83edebd2fb150fa8minfrinstatic apr_status_t session_dbd_save(request_rec * r, session_rec * z)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    apr_status_t ret = APR_SUCCESS;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = ap_get_module_config(r->per_dir_config,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                                                      &session_dbd_module);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* support anonymous sessions */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (conf->name_set || conf->name2_set) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        char *oldkey = NULL, *newkey = NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        /* don't cache pages with a session */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        apr_table_addn(r->headers_out, "Cache-Control", "no-cache");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        /* if the session is new or changed, make a new session ID */
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        if (z->uuid) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            oldkey = apr_pcalloc(r->pool, APR_UUID_FORMATTED_LENGTH + 1);
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            apr_uuid_format(oldkey, z->uuid);
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        }
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        if (z->dirty || !oldkey) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            z->uuid = apr_pcalloc(z->pool, sizeof(apr_uuid_t));
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            apr_uuid_get(z->uuid);
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            newkey = apr_pcalloc(r->pool, APR_UUID_FORMATTED_LENGTH + 1);
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            apr_uuid_format(newkey, z->uuid);
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        }
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        else {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            newkey = oldkey;
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        /* save the session with the uuid as key */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (z->encoded && z->encoded[0]) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            ret = dbd_save(r, oldkey, newkey, z->encoded, z->expiry);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        else {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            ret = dbd_remove(r, oldkey);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (ret != APR_SUCCESS) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            return ret;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        /* create RFC2109 compliant cookie */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (conf->name_set) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            ap_cookie_write(r, conf->name, newkey, conf->name_attrs, z->maxage,
7a5599f6f10786c93eaf2ae22f9a1b70538bc631sf                            r->headers_out, r->err_headers_out, NULL);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        /* create RFC2965 compliant cookie */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (conf->name2_set) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            ap_cookie_write2(r, conf->name2, newkey, conf->name2_attrs, z->maxage,
7a5599f6f10786c93eaf2ae22f9a1b70538bc631sf                             r->headers_out, r->err_headers_out, NULL);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return OK;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* save named session */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    else if (conf->peruser) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        /* don't cache pages with a session */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        apr_table_addn(r->headers_out, "Cache-Control", "no-cache");
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        if (r->user) {
2e1a0fb12bdf1c20064ffe900a8f44979ec946fcminfrin            ret = dbd_save(r, r->user, r->user, z->encoded, z->expiry);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            if (ret != APR_SUCCESS) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                return ret;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin            return OK;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        else {
185aa71728867671e105178b4c66fbc22b65ae26sf            ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, APLOGNO(01865)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin               "peruser sessions can only be saved if a user is logged in, "
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                          "session not saved: %s", r->uri);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return DECLINED;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * This function performs housekeeping on the database, deleting expired
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * sessions.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
40965c37b2fd320093215de6c3fbd516382077eajimstatic int session_dbd_monitor(apr_pool_t *p, server_rec *s)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    /* TODO handle housekeeping */
40965c37b2fd320093215de6c3fbd516382077eajim    dbd_clean(p, s);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return OK;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic void *create_session_dbd_dir_config(apr_pool_t * p, char *dummy)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *new =
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    (session_dbd_dir_conf *) apr_pcalloc(p, sizeof(session_dbd_dir_conf));
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->remove = 1;
41abbbf0cbaef202fe1ba2dd671ea48990d6e012minfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->selectlabel = "selectsession";
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->insertlabel = "insertsession";
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->updatelabel = "updatesession";
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->deletelabel = "deletesession";
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return (void *) new;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic void *merge_session_dbd_dir_config(apr_pool_t * p, void *basev, void *addv)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *new = (session_dbd_dir_conf *) apr_pcalloc(p, sizeof(session_dbd_dir_conf));
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *add = (session_dbd_dir_conf *) addv;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *base = (session_dbd_dir_conf *) basev;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->name = (add->name_set == 0) ? base->name : add->name;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->name_attrs = (add->name_set == 0) ? base->name_attrs : add->name_attrs;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->name_set = add->name_set || base->name_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->name2 = (add->name2_set == 0) ? base->name2 : add->name2;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->name2_attrs = (add->name2_set == 0) ? base->name2_attrs : add->name2_attrs;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->name2_set = add->name2_set || base->name2_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->peruser = (add->peruser_set == 0) ? base->peruser : add->peruser;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->peruser_set = add->peruser_set || base->peruser_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->remove = (add->remove_set == 0) ? base->remove : add->remove;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->remove_set = add->remove_set || base->remove_set;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->selectlabel = (!add->selectlabel) ? base->selectlabel : add->selectlabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->updatelabel = (!add->updatelabel) ? base->updatelabel : add->updatelabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->insertlabel = (!add->insertlabel) ? base->insertlabel : add->insertlabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    new->deletelabel = (!add->deletelabel) ? base->deletelabel : add->deletelabel;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return new;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin/**
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * Sanity check a given string that it exists, is not empty,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin * and does not contain special characters.
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic const char *check_string(cmd_parms * cmd, const char *string)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    if (APR_SUCCESS != ap_cookie_check_string(string)) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        return apr_pstrcat(cmd->pool, cmd->directive->directive,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                           " cannot be empty, or contain '=', ';' or '&'.",
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                           NULL);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic const char *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin     set_dbd_peruser(cmd_parms * parms, void *dconf, int flag)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = dconf;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->peruser = flag;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->peruser_set = 1;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic const char *
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin     set_dbd_cookie_remove(cmd_parms * parms, void *dconf, int flag)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = dconf;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->remove = flag;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->remove_set = 1;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return NULL;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic const char *set_cookie_name(cmd_parms * cmd, void *config, const char *args)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    char *last;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    char *line = apr_pstrdup(cmd->pool, args);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = (session_dbd_dir_conf *) config;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    char *cookie = apr_strtok(line, " \t", &last);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->name = cookie;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->name_set = 1;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    while (apr_isspace(*last)) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        last++;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->name_attrs = last;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return check_string(cmd, cookie);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic const char *set_cookie_name2(cmd_parms * cmd, void *config, const char *args)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    char *last;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    char *line = apr_pstrdup(cmd->pool, args);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_dir_conf *conf = (session_dbd_dir_conf *) config;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    char *cookie = apr_strtok(line, " \t", &last);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->name2 = cookie;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->name2_set = 1;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    while (apr_isspace(*last)) {
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin        last++;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    }
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    conf->name2_attrs = last;
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    return check_string(cmd, cookie);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic const command_rec session_dbd_cmds[] =
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    AP_INIT_TAKE1("SessionDBDSelectLabel", ap_set_string_slot,
835d676191444a46d695171e8760d55a66c60fecminfrin      (void *) APR_OFFSETOF(session_dbd_dir_conf, selectlabel), RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                  "Query label used to select a new session"),
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    AP_INIT_TAKE1("SessionDBDInsertLabel", ap_set_string_slot,
835d676191444a46d695171e8760d55a66c60fecminfrin      (void *) APR_OFFSETOF(session_dbd_dir_conf, insertlabel), RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                  "Query label used to insert a new session"),
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    AP_INIT_TAKE1("SessionDBDUpdateLabel", ap_set_string_slot,
835d676191444a46d695171e8760d55a66c60fecminfrin      (void *) APR_OFFSETOF(session_dbd_dir_conf, updatelabel), RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                  "Query label used to update an existing session"),
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    AP_INIT_TAKE1("SessionDBDDeleteLabel", ap_set_string_slot,
835d676191444a46d695171e8760d55a66c60fecminfrin      (void *) APR_OFFSETOF(session_dbd_dir_conf, deletelabel), RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                  "Query label used to delete an existing session"),
835d676191444a46d695171e8760d55a66c60fecminfrin    AP_INIT_FLAG("SessionDBDPerUser", set_dbd_peruser, NULL, RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                 "Save the session per user"),
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    AP_INIT_FLAG("SessionDBDCookieRemove", set_dbd_cookie_remove, NULL, RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                 "Remove the session cookie after session load. On by default."),
835d676191444a46d695171e8760d55a66c60fecminfrin    AP_INIT_RAW_ARGS("SessionDBDCookieName", set_cookie_name, NULL, RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                 "The name of the RFC2109 cookie carrying the session key"),
835d676191444a46d695171e8760d55a66c60fecminfrin    AP_INIT_RAW_ARGS("SessionDBDCookieName2", set_cookie_name2, NULL, RSRC_CONF|OR_AUTHCFG,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                 "The name of the RFC2965 cookie carrying the session key"),
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    {NULL}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin};
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrinstatic void register_hooks(apr_pool_t * p)
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
c06b2c98d38fd12b953ea9404f5314b3fddf91d8wrowe    ap_hook_session_load(session_dbd_load, NULL, NULL, APR_HOOK_MIDDLE);
c06b2c98d38fd12b953ea9404f5314b3fddf91d8wrowe    ap_hook_session_save(session_dbd_save, NULL, NULL, APR_HOOK_MIDDLE);
c06b2c98d38fd12b953ea9404f5314b3fddf91d8wrowe    ap_hook_monitor(session_dbd_monitor, NULL, NULL, APR_HOOK_MIDDLE);
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin}
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin
36ef8f77bffe75d1aa327882be1b5bdbe2ff567asfAP_DECLARE_MODULE(session_dbd) =
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin{
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    STANDARD20_MODULE_STUFF,
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    create_session_dbd_dir_config, /* dir config creater */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    merge_session_dbd_dir_config,  /* dir merger --- default is to
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin                                    * override */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    NULL,                          /* server config */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    NULL,                          /* merge server config */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    session_dbd_cmds,              /* command apr_table_t */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin    register_hooks                 /* register hooks */
fd279fe992f7171dc3f6d4d40d6db5bb74f2d96eminfrin};