Received: (qmail 47344 invoked by uid 65534); 23 Mar 2000 06:20:43 -0000
Message-Id: <20000323062043.47343.qmail@locus.apache.org>
Date: 23 Mar 2000 06:20:43 -0000
From: Greg Gerber <ggerber@crosswalk.com>
Reply-To: ggerber@crosswalk.com
To: submit@bugz.apache.org
Subject: mod_usertrack could allow cookie domain setting and hash the unique id
X-Send-Pr-Version: 3.110

>Number:         5920
>Category:       mod_usertrack
>Synopsis:       mod_usertrack could allow cookie domain setting and hash the unique id
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Wed Mar 22 22:30:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     ggerber@crosswalk.com
>Release:        1.3.12
>Organization:
apache
>Environment:
Linux hashbaz.didax.com 2.2.12-20 #1 Mon Sep 27 10:40:35 EDT 1999 i686 unknown
>Description:
Patch attached to:
1. Allow setting of the cookie domain with "CookieDomain" config parameter.
      a - Allow all hosts at a site to get the cookie.
      b - Leaving unspecified has previous behavior.
2. MD5 Hash the cookie value to:
      a - Give out less internal server information.
      b - Make the cookie value harder to guess.
      c - Avoid embedded dots "." or other potentential problem characters.
>How-To-Repeat:
Change Request
>Fix:
--- mod_usertrack-old.c Fri Oct 29 17:29:53 1999
+++ mod_usertrack.c     Thu Mar 23 00:24:17 2000
@@ -106,6 +106,8 @@
 #include <sys/time.h>
 #endif

+#include "util_md5.h"
+
 module MODULE_VAR_EXPORT usertrack_module;

 typedef struct {
@@ -116,6 +118,7 @@
 typedef struct {
     int enabled;
     char *cookie_name;
+    char *cookie_domain;
 } cookie_dir_rec;

 /* Define this to allow post-2000 cookies. Cookies use two-digit dates,
@@ -146,6 +149,7 @@
     /* 1024 == hardcoded constant */
     char cookiebuf[1024];
     char *new_cookie;
+    char *new_cookie_hash;
     const char *rname = ap_get_remote_host(r->connection, r->per_dir_config,
                                           REMOTE_NAME);
     cookie_dir_rec *dcfg;
@@ -184,6 +188,8 @@
                 (long) tv.tv_sec, (int) tv.tv_usec / 1000);
 #endif

+    new_cookie_hash = ap_md5(r->pool,cookiebuf);
+
     if (cls->expires) {
         struct tm *tms;
         time_t when = r->request_time + cls->expires;
@@ -201,20 +207,35 @@
         tms = gmtime(&when);

         /* Cookie with date; as strftime '%a, %d-%h-%y %H:%M:%S GMT' */
-        new_cookie = ap_psprintf(r->pool,
+
+        if ( dcfg->cookie_domain ) {
+           new_cookie = ap_psprintf(r->pool,
+                "%s=%s; domain=%s; path=/; expires=%s, %.2d-%s-%.2d %.2d:%.2d:%.2d GMT",
+                    dcfg->cookie_name, new_cookie_hash, dcfg->cookie_domain, ap_day_snames[tms->tm_wday],
+                    tms->tm_mday, ap_month_snames[tms->tm_mon],
+                   tms->tm_year % 100,
+                    tms->tm_hour, tms->tm_min, tms->tm_sec);
+        } else {
+           new_cookie = ap_psprintf(r->pool,
                 "%s=%s; path=/; expires=%s, %.2d-%s-%.2d %.2d:%.2d:%.2d GMT",
-                    dcfg->cookie_name, cookiebuf, ap_day_snames[tms->tm_wday],
+                    dcfg->cookie_name, new_cookie_hash, ap_day_snames[tms->tm_wday],
                     tms->tm_mday, ap_month_snames[tms->tm_mon],
                    tms->tm_year % 100,
                     tms->tm_hour, tms->tm_min, tms->tm_sec);
+        }
     }
     else {
-       new_cookie = ap_psprintf(r->pool, "%s=%s; path=/",
-                                dcfg->cookie_name, cookiebuf);
+        if ( dcfg->cookie_domain ) {
+          new_cookie = ap_psprintf(r->pool, "%s=%s; domain=%s; path=/",
+                                dcfg->cookie_name, new_cookie_hash, dcfg->cookie_domain);
+        } else {
+          new_cookie = ap_psprintf(r->pool, "%s=%s; path=/",
+                                dcfg->cookie_name, new_cookie_hash);
+        }
     }

     ap_table_setn(r->headers_out, "Set-Cookie", new_cookie);
-    ap_table_setn(r->notes, "cookie", ap_pstrdup(r->pool, cookiebuf));   /* log first time */
+    ap_table_setn(r->notes, "cookie", ap_pstrdup(r->pool, new_cookie_hash));   /* log first time */
     return;
 }

@@ -264,6 +285,7 @@

     dcfg = (cookie_dir_rec *) ap_pcalloc(p, sizeof(cookie_dir_rec));
     dcfg->cookie_name = COOKIE_NAME;
+    dcfg->cookie_domain = 0;
     dcfg->enabled = 0;
     return dcfg;
 }
@@ -351,6 +373,14 @@
     return NULL;
 }

+static const char *set_cookie_domain(cmd_parms *cmd, void *mconfig, char *name)
+{
+    cookie_dir_rec *dcfg = (cookie_dir_rec *) mconfig;
+
+    dcfg->cookie_domain = ap_pstrdup(cmd->pool, name);
+    return NULL;
+}
+
 static const command_rec cookie_log_cmds[] = {
     {"CookieExpires", set_cookie_exp, NULL, RSRC_CONF, TAKE1,
      "an expiry date code"},
@@ -358,6 +388,8 @@
      "whether or not to enable cookies"},
     {"CookieName", set_cookie_name, NULL, OR_FILEINFO, TAKE1,
      "name of the tracking cookie"},
+    {"CookieDomain", set_cookie_domain, NULL, OR_FILEINFO, TAKE1,
+     "domain for the tracking cookie"},
     {NULL}
 };

>Release-Note:
>Audit-Trail:
>Unformatted:
 [In order for any reply to be added to the PR database, you need]
 [to include <apbugs@Apache.Org> in the Cc line and make sure the]
 [subject line starts with the report component and number, with ]
 [or without any 'Re:' prefixes (such as "general/1098:" or      ]
 ["Re: general/1098:").  If the subject doesn't match this       ]
 [pattern, your message will be misfiled and ignored.  The       ]
 ["apbugs" address is not added to the Cc line of messages from  ]
 [the database automatically because of the potential for mail   ]
 [loops.  If you do not include this Cc, your reply may be ig-   ]
 [nored unless you are responding to an explicit request from a  ]
 [developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]