lighttpd 1.4.x https://www.lighttpd.net/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

244 lines
8.0 KiB

#include "first.h"
#include "base.h"
#include "log.h"
#include "buffer.h"
#include "rand.h"
#include "http_header.h"
#include "plugin.h"
#include "sys-crypto-md.h"
#include <stdlib.h>
#include <string.h>
typedef struct {
const buffer *cookie_name;
const buffer *cookie_attrs;
const buffer *cookie_domain;
unsigned int cookie_max_age;
} plugin_config;
typedef struct {
PLUGIN_DATA;
plugin_config defaults;
plugin_config conf;
} plugin_data;
INIT_FUNC(mod_usertrack_init) {
return calloc(1, sizeof(plugin_data));
}
static void mod_usertrack_merge_config_cpv(plugin_config * const pconf, const config_plugin_value_t * const cpv) {
switch (cpv->k_id) { /* index into static config_plugin_keys_t cpk[] */
case 0: /* usertrack.cookie-name */
pconf->cookie_name = cpv->v.b;
break;
case 1: /* usertrack.cookie-max-age */
pconf->cookie_max_age = cpv->v.u;
break;
case 2: /* usertrack.cookie-domain */
pconf->cookie_domain = cpv->v.b;
break;
case 3: /* usertrack.cookie-attrs */
pconf->cookie_attrs = cpv->v.b;
break;
default:/* should not happen */
return;
}
}
static void mod_usertrack_merge_config(plugin_config * const pconf, const config_plugin_value_t *cpv) {
do {
mod_usertrack_merge_config_cpv(pconf, cpv);
} while ((++cpv)->k_id != -1);
}
static void mod_usertrack_patch_config(request_st * const r, plugin_data * const p) {
p->conf = p->defaults; /* copy small struct instead of memcpy() */
/*memcpy(&p->conf, &p->defaults, sizeof(plugin_config));*/
for (int i = 1, used = p->nconfig; i < used; ++i) {
if (config_check_cond(r, (uint32_t)p->cvlist[i].k_id))
mod_usertrack_merge_config(&p->conf, p->cvlist + p->cvlist[i].v.u2[0]);
}
}
SETDEFAULTS_FUNC(mod_usertrack_set_defaults) {
static const config_plugin_keys_t cpk[] = {
{ CONST_STR_LEN("usertrack.cookie-name"),
T_CONFIG_STRING,
T_CONFIG_SCOPE_CONNECTION }
,{ CONST_STR_LEN("usertrack.cookie-max-age"),
T_CONFIG_INT,
T_CONFIG_SCOPE_CONNECTION }
,{ CONST_STR_LEN("usertrack.cookie-domain"),
T_CONFIG_STRING,
T_CONFIG_SCOPE_CONNECTION }
,{ CONST_STR_LEN("usertrack.cookie-attrs"),
T_CONFIG_STRING,
T_CONFIG_SCOPE_CONNECTION }
,{ NULL, 0,
T_CONFIG_UNSET,
T_CONFIG_SCOPE_UNSET }
};
plugin_data * const p = p_d;
if (!config_plugin_values_init(srv, p, cpk, "mod_usertrack"))
return HANDLER_ERROR;
/* process and validate config directives
* (init i to 0 if global context; to 1 to skip empty global context) */
for (int i = !p->cvlist[0].v.u2[1]; i < p->nconfig; ++i) {
const config_plugin_value_t *cpv = p->cvlist + p->cvlist[i].v.u2[0];
for (; -1 != cpv->k_id; ++cpv) {
switch (cpv->k_id) {
case 0: /* usertrack.cookie-name */
if (!buffer_string_is_empty(cpv->v.b)) {
const char * const ptr = cpv->v.b->ptr;
const size_t len = buffer_string_length(cpv->v.b);
for (size_t j = 0; j < len; ++j) {
if (!light_isalpha(ptr[j])) {
log_error(srv->errh, __FILE__, __LINE__,
"invalid character in %s: %s",
cpk[cpv->k_id].k, ptr);
return HANDLER_ERROR;
}
}
}
break;
case 1: /* usertrack.cookie-max-age */
break;
case 2: /* usertrack.cookie-domain */
if (!buffer_string_is_empty(cpv->v.b)) {
const char * const ptr = cpv->v.b->ptr;
const size_t len = buffer_string_length(cpv->v.b);
for (size_t j = 0; j < len; ++j) {
const char c = ptr[j];
if (c <= 32 || c >= 127 || c == '"' || c == '\\') {
log_error(srv->errh, __FILE__, __LINE__,
"invalid character in %s: %s",
cpk[cpv->k_id].k, ptr);
return HANDLER_ERROR;
}
}
}
break;
case 3: /* usertrack.cookie-attrs */
break;
default:/* should not happen */
break;
}
}
}
/* initialize p->defaults from global config context */
if (p->nconfig > 0 && p->cvlist->v.u2[1]) {
const config_plugin_value_t *cpv = p->cvlist + p->cvlist->v.u2[0];
if (-1 != cpv->k_id)
mod_usertrack_merge_config(&p->defaults, cpv);
}
if (buffer_string_is_empty(p->defaults.cookie_name)) {
static const struct { const char *ptr; uint32_t used; uint32_t size; }
default_cookie_name = { "TRACKID", sizeof("TRACKID"), 0 };
*((const buffer **)&p->defaults.cookie_name) =
(const buffer *)&default_cookie_name;
}
return HANDLER_GO_ON;
}
__attribute_noinline__
static handler_t mod_usertrack_set_cookie(request_st * const r, plugin_data * const p) {
buffer *cookie;
size_t len;
unsigned char h[16];
li_MD5_CTX Md5Ctx;
char hh[LI_ITOSTRING_LENGTH];
/* set a cookie */
cookie = r->tmp_buf;
buffer_copy_buffer(cookie, p->conf.cookie_name);
buffer_append_string_len(cookie, CONST_STR_LEN("="));
/* taken from mod_auth.c */
/* generate shared-secret */
li_MD5_Init(&Md5Ctx);
li_MD5_Update(&Md5Ctx, CONST_BUF_LEN(&r->uri.path));
li_MD5_Update(&Md5Ctx, CONST_STR_LEN("+"));
len = li_itostrn(hh, sizeof(hh), log_epoch_secs);
li_MD5_Update(&Md5Ctx, (unsigned char *)hh, len);
len = li_itostrn(hh, sizeof(hh), li_rand_pseudo());
li_MD5_Update(&Md5Ctx, (unsigned char *)hh, len);
li_MD5_Final(h, &Md5Ctx);
buffer_append_string_encoded_hex_lc(cookie, (char *)h, 16);
/* usertrack.cookie-attrs, if set, replaces all other attrs */
if (!buffer_string_is_empty(p->conf.cookie_attrs)) {
buffer_append_string_buffer(cookie, p->conf.cookie_attrs);
http_header_response_insert(r, HTTP_HEADER_SET_COOKIE, CONST_STR_LEN("Set-Cookie"), CONST_BUF_LEN(cookie));
return HANDLER_GO_ON;
}
buffer_append_string_len(cookie, CONST_STR_LEN("; Path=/"));
buffer_append_string_len(cookie, CONST_STR_LEN("; Version=1"));
if (!buffer_string_is_empty(p->conf.cookie_domain)) {
buffer_append_string_len(cookie, CONST_STR_LEN("; Domain="));
buffer_append_string_encoded(cookie, CONST_BUF_LEN(p->conf.cookie_domain), ENCODING_REL_URI);
}
if (p->conf.cookie_max_age) {
buffer_append_string_len(cookie, CONST_STR_LEN("; max-age="));
buffer_append_int(cookie, p->conf.cookie_max_age);
}
http_header_response_insert(r, HTTP_HEADER_SET_COOKIE, CONST_STR_LEN("Set-Cookie"), CONST_BUF_LEN(cookie));
return HANDLER_GO_ON;
}
URIHANDLER_FUNC(mod_usertrack_uri_handler) {
plugin_data * const p = p_d;
mod_usertrack_patch_config(r, p);
const buffer * const b =
http_header_request_get(r, HTTP_HEADER_COOKIE, CONST_STR_LEN("Cookie"));
if (NULL != b) {
/* parse the cookie (fuzzy; not precise using strstr() below)
* check for cookiename + (WS | '=')
*/
const char * const g = strstr(b->ptr, p->conf.cookie_name->ptr);
if (NULL != g) {
const char *nc = g+buffer_string_length(p->conf.cookie_name);
while (*nc == ' ' || *nc == '\t') ++nc; /* skip WS */
if (*nc == '=') { /* ok, found the key of our own cookie */
if (strlen(nc) > 32) {
/* i'm lazy */
return HANDLER_GO_ON;
}
}
}
}
return mod_usertrack_set_cookie(r, p);
}
int mod_usertrack_plugin_init(plugin *p);
int mod_usertrack_plugin_init(plugin *p) {
p->version = LIGHTTPD_VERSION_ID;
p->name = "usertrack";
p->init = mod_usertrack_init;
p->handle_uri_clean = mod_usertrack_uri_handler;
p->set_defaults = mod_usertrack_set_defaults;
return 0;
}