Article delegate-en/2909 of [1-5169] on the server localhost:119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2907@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en

[DeleGate-En] Re: =?iso-8859-1?Q?Re:_Re:_[DeleGate-En]_Re:_[DeleGate-En:2906]_cookie_handling_in_sslway?=
13 Apr 2005 02:40:10 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project


Hi,

In message <_A2907@delegate-en.ML_> on 04/11/05(20:24:06)
you <pk4fqbdyi-hugik5vljnxr.ml@ml.delegate.org> wrote:
 |here is a part of the logfile, witch may clarify the problem we have
...
 |04/11 13:09:42.64 [26961] 1+1/2/1: Set-Cookie:
 |JSESSIONID=xxxx; Path=/directory; Secure
 |04/11 13:09:42.64 [26961] 1+1/2/1: ** / UNMOUNTED FROM https://some_ssl_server/ **
 |04/11 13:09:42.64 [26961] 1+1/2/1: rewriten-Cookie>
 |JSESSIONID=xxxx; Path=/directory; Secure

As I thought in the former message, the Cookie from the server includes
Path and Secure attributes.  But your DeleGate seems not to be modified
with my former patch.  It is obvious that the message "rewriten-Cookie>"
is put in the rewriteCookie() called from  MountCookieResponse(), 
but there is no message which should be put by the line in the function:

  + fprintf(stderr,">>>>>>> HTTPS / HTTP\n");

So I have a doubt if the patch has been applied to your DeleGate.  The
patch enclosed this time has one more line:

  + fprintf(stderr,">>>>>>> DST_PROTO[%s]/ CLNT_PROTO[%s]\n",DST_PROTO,CLNT_PROTO);

With this patch, we can confirm if or not the patch is applied, and if
it is applied, we can see why the inserted code is not activated.

Cheers,
Yutaka
--
  D G   Yutaka Sato <y.sato@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** dist/delegate8.11.2/src/httphead.c	Tue Mar 15 00:06:19 2005
--- src/httphead.c	Wed Apr 13 11:24:00 2005
***************
*** 1024,1069 ****
--- 1024,1111 ----
  	const char *dp;
  	CStr(opath,1024);
  	CStr(url,URLSZ);
  	CStr(valb,256);
  
  	lineScan(value,valb);
  	sv1log("Cookie: %s\n",valb);
  
  #ifdef RWCOOKIEREQ
  	HTTP_originalURLPath(Conn,opath);
  	if( !getsetDomPath(value,domain,opath,0) )
  		return;
  
  	strcpy(url,opath);
  	if( CTX_mount_url_to(Conn,Conn->cl_myhp,REQ_METHOD,url) )
  		rewriteCookie(value,url);
  #endif
  }
+ 
+ int delParam(PVStr(params),PCStr(name)){
+ 	refQStr(pp,params);
+ 	const char *dp;
+ 	CStr(name1,32);
+ 	CStr(val1,URLSZ);
+ 	int ndel = 0;
+ 
+ 	pp = params;
+ 	while( *pp != 0 ){
+ 		dp = wordscanY(pp,AVStr(name1),sizeof(name1),"^=;");
+ 		if( *dp == '=' ){
+ 			dp = valuescanX(dp+1,AVStr(val1),sizeof(val1));
+ 			if( *dp == '"' )
+ 				dp++;
+ 		}
+ 		if( *dp == ';' )
+ 			dp++;
+ 		if( *dp == ' ' )
+ 			dp++;
+ 		if( strcaseeq(name1,name) ){
+ 			ovstrcpy((char*)pp,dp);
+ 			ndel++;
+ 		}else{
+ 			pp = dp;
+ 		}
+ 	}
+ 	return ndel;
+ }
+ 
  void MountCookieResponse(Connection *Conn,PCStr(request),PVStr(value))
  {	CStr(dom,1024);
  	CStr(login,1024);
  	CStr(myhp,1024);
  	CStr(opath,1024);
  	CStr(url,URLSZ);
  	CStr(valb,256);
  
  	lineScan(value,valb);
  	sv1log("Set-Cookie: %s\n",valb);
+ 
+ fprintf(stderr,">>>>>>> DST_PROTO[%s]/ CLNT_PROTO[%s]\n",DST_PROTO,CLNT_PROTO);
+ 	if( strcaseeq(DST_PROTO,"https") && strcaseeq(CLNT_PROTO,"http") )
+ {
+ fprintf(stderr,">>>>>>> HTTPS / HTTP\n");
+ 	if( strcasestr(value,"Secure") )
+ 	{
+ 		if( delParam(AVStr(value),"Secure") ){
+ 			sv1log("Removed Secure attribute ... %s\n",value);
+ 		}
+ 	}
+ }
  
  	HTTP_originalURLPath(Conn,AVStr(opath));
  	if( !getsetDomPath(AVStr(value),AVStr(dom),AVStr(opath),0) )
  		return;
  
  	HTTP_ClientIF_HP(Conn,AVStr(myhp));
  	HostPort(AVStr(login),DST_PROTO,DST_HOST,DST_PORT);
  	if( opath[0] == '/' )
  		ovstrcpy(opath,opath+1);
  
  	if( DO_DELEGATE ){
  		sprintf(url,"%s://%s/-_-%s://%s/%s",
  			CLNT_PROTO,myhp,DST_PROTO,login,opath);
  		rewriteCookie(AVStr(value),url);
  	}else
  	if( CTX_mount_url_fromL(Conn,AVStr(url),DST_PROTO,login,opath,NULL,CLNT_PROTO,myhp) )
  		rewriteCookie(AVStr(value),url);
  }

  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V