httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From minf...@apache.org
Subject svn commit: r644751 - in /httpd/httpd/trunk: CHANGES docs/manual/mod/mod_session_crypto.xml modules/session/config.m4 modules/session/mod_session_crypto.c
Date Fri, 04 Apr 2008 16:11:35 GMT
Author: minfrin
Date: Fri Apr  4 09:11:31 2008
New Revision: 644751

URL: http://svn.apache.org/viewvc?rev=644751&view=rev
Log:
mod_session_crypto: Add a session encoding implementation capable
of encrypting and decrypting sessions wherever they may be stored.
Introduces a level of privacy when sessions are stored on the
browser.

Added:
    httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
    httpd/httpd/trunk/modules/session/mod_session_crypto.c
Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/session/config.m4

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=644751&r1=644750&r2=644751&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Apr  4 09:11:31 2008
@@ -2,6 +2,11 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_session_crypto: Add a session encoding implementation capable
+     of encrypting and decrypting sessions wherever they may be stored.
+     Introduces a level of privacy when sessions are stored on the
+     browser. [Graham Leggett]
+
   *) mod_session_cookie: Add a session implementation capable of storing
      session information within cookies on the browser. Useful for high
      volume sites where server bound sessions are too resource intensive.

Added: httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml?rev=644751&view=auto
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml (added)
+++ httpd/httpd/trunk/docs/manual/mod/mod_session_crypto.xml Fri Apr  4 09:11:31 2008
@@ -0,0 +1,200 @@
+<?xml version="1.0"?>
+<!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
+<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?>
+<!-- $LastChangedRevision: 634760 $ -->
+
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements.  See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+
+<modulesynopsis metafile="mod_session_crypto.xml.meta">
+
+<name>mod_session_crypto</name>
+<description>Session encryption support</description>
+<status>Extension</status>
+<sourcefile>mod_session_crypto.c</sourcefile>
+<identifier>session_crypto_module</identifier>
+
+<summary>
+    <note type="warning"><title>Warning</title>
+      <p>The session modules make use of HTTP cookies, and as such can fall
+      victim to Cross Site Scripting attacks, or expose potentially private
+      information to clients. Please ensure that the relevant risks have
+      been taken into account before enabling the session functionality on
+      your server.</p>
+    </note>
+
+    <p>This submodule of <module>mod_session</module> provides support
for the
+    encryption of user sessions before being written to a local database, or
+    written to a remove browser via an HTTP cookie.</p>
+    
+    <p>This can help provide privacy to user sessions where the contents of
+    the session should be kept private from the user, or where protection is
+    needed against the effects of cross site scripting attacks.</p>
+    
+    <p>For more details on the session interface, see the documentation for
+    the <module>mod_session</module> module.</p>
+    
+</summary>
+<seealso><module>mod_session</module></seealso>
+<seealso><module>mod_session_cookie</module></seealso>
+<seealso><module>mod_session_dbd</module></seealso>
+
+    <section id="basicusage"><title>Basic Usage</title>
+    
+      <p>To create a simple encrypted session and store it in a cookie called
+      <var>session</var>, configure the session as follows:</p>
+      
+      <example><title>Browser based encrypted session</title>
+        Session On<br />
+        SessionCookieName session path=/<br />
+        SessionCryptoPassphrase secret
+      </example>
+      
+      <p>The session will be encrypted with the given key. Different servers can
+      be configured to share sessions by ensuring the same encryption key is used
+      on each server.</p>
+      
+      <p>If the encryption key is changed, sessions will be invalidated
+      automatically.</p>
+      
+      <p>For documentation on how the session can be used to store username
+      and password details, see the <module>mod_auth_form</module> module.</p>
+
+    </section>
+
+<directivesynopsis>
+<name>SessionCryptoPassphrase</name>
+<description>The key used to encrypt the session</description>
+<syntax>SessionCryptoPassphrase <var>secret</var></syntax>
+<default>none</default>
+<contextlist><context>directory</context>
+</contextlist>
+<compatibility>Available in Apache 2.3.0 and later</compatibility>
+
+<usage>
+    <p>The <directive>SessionCryptoPassphrase</directive> directive specifies
the key
+    to be used to encrypt the contents of the session before writing the session, or
+    decrypting the contents of the session after reading the session.</p>
+    
+    <p>Keys are more secure when they are long, and consist of truly random characters.
+    Changing the key on a server has the effect of invalidating all existing sessions.</p>
+    
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>SessionCryptoCertificateFile</name>
+<description>The certificate used to encrypt and decrypt the session</description>
+<syntax>SessionCryptoCertificateFile <var>file</var></syntax>
+<default>none</default>
+<contextlist><context>directory</context>
+</contextlist>
+<compatibility>Available in Apache 2.3.0 and later</compatibility>
+
+<usage>
+    <p>The <directive>SessionCryptoCertificateFile</directive> directive
specifies the name
+    of a certificate to be used to encrypt the contents of the session before writing
+    the session, or decrypting the content of the session after reading the session.</p>
+    
+    <p>Changing the certificate on a server has the effect of invalidating all existing
+    sessions.</p>
+
+    <note type="warning"><title>Experimental</title>
+      <p>This directive is dependent on experimental support for assymetrical encryption
+      support currently available in prerelease versions of OpenSSL, and will only be
+      available on platforms that support it.</p>
+    </note>
+    
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>SessionCryptoCertificateKeyFile</name>
+<description>The certificate key used to encrypt and decrypt the session</description>
+<syntax>SessionCryptoCertificateKeyFile <var>file</var></syntax>
+<default>none</default>
+<contextlist><context>directory</context>
+</contextlist>
+<compatibility>Available in Apache 2.3.0 and later</compatibility>
+
+<usage>
+    <p>The <directive>SessionCryptoCertificateKeyFile</directive> directive
specifies the name
+    of a certificate key to be used alongside a certificate to encrypt the contents of the
+    session before writing the session, or decrypting the content of the session after reading
+    the session.</p>
+    
+    <p>Changing the certificate or key on a server has the effect of invalidating all
existing
+    sessions.</p>
+
+    <note type="warning"><title>Experimental</title>
+      <p>This directive is dependent on experimental support for asymmetrical encryption
+      support currently available in prerelease versions of OpenSSL, and will only be
+      available on platforms that support it.</p>
+    </note>
+    
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>SessionCryptoCipher</name>
+<description>The name of the cipher to use during encryption / decryption</description>
+<syntax>SessionCryptoCipher <var>cipher</var></syntax>
+<default>AES256</default>
+<contextlist><context>directory</context>
+</contextlist>
+<compatibility>Available in Apache 2.3.0 and later</compatibility>
+
+<usage>
+    <p>The <directive>SessionCryptoCipher</directive> directive specifies
the name
+    of the cipher to use during encryption. The ciphers available will depend on the
+    underlying encryption toolkit on the server platform.</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>SessionCryptoDigest</name>
+<description>The name of the digest to use during encryption / decryption</description>
+<syntax>SessionCryptoDigest <var>cipher</var></syntax>
+<default>SHA</default>
+<contextlist><context>directory</context>
+</contextlist>
+<compatibility>Available in Apache 2.3.0 and later</compatibility>
+
+<usage>
+    <p>The <directive>SessionCryptoDigest</directive> directive specifies
the name
+    of the digest to use during encryption. The list of digests available will depend
+    on the underlying encryption toolkit on the server platform.</p>
+</usage>
+</directivesynopsis>
+
+<directivesynopsis>
+<name>SessionCryptoEngine</name>
+<description>The name of the engine to use during encryption / decryption</description>
+<syntax>SessionCryptoEngine <var>engine</var></syntax>
+<default>none</default>
+<contextlist><context>directory</context>
+</contextlist>
+<compatibility>Available in Apache 2.3.0 and later</compatibility>
+
+<usage>
+    <p>The <directive>SessionCryptoEngine</directive> directive specifies
the name
+    of the engine to use during encryption, depending on the capabilities of the
+    underlying encryption toolkit on the server platform.</p>
+</usage>
+</directivesynopsis>
+
+</modulesynopsis>

Modified: httpd/httpd/trunk/modules/session/config.m4
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/config.m4?rev=644751&r1=644750&r2=644751&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/config.m4 (original)
+++ httpd/httpd/trunk/modules/session/config.m4 Fri Apr  4 09:11:31 2008
@@ -11,7 +11,7 @@
 dnl
 APACHE_MODULE(session, session module, , , most)
 APACHE_MODULE(session_cookie, session cookie module, , , most)
-dnl APACHE_MODULE(session_crypto, session crypto module, , , most)
+APACHE_MODULE(session_crypto, session crypto module, , , most)
 dnl APACHE_MODULE(session_dbd, session dbd module, , , most)
 dnl APACHE_MODULE(session_ldap, session ldap module, , , most)
 

Added: httpd/httpd/trunk/modules/session/mod_session_crypto.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session_crypto.c?rev=644751&view=auto
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session_crypto.c (added)
+++ httpd/httpd/trunk/modules/session/mod_session_crypto.c Fri Apr  4 09:11:31 2008
@@ -0,0 +1,468 @@
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define CORE_PRIVATE
+
+#include "mod_session.h"
+#include "apu_version.h"
+#include "apr_base64.h"                /* for apr_base64_decode et al */
+#include "apr_ssl.h"                /* for apr_*_encrypt et al */
+#include "apr_lib.h"
+#include "apr_strings.h"
+#include "http_log.h"
+
+#define LOG_PREFIX "mod_session_crypto: "
+#define DEFAULT_CIPHER "AES256"
+#define DEFAULT_DIGEST "SHA"
+
+module AP_MODULE_DECLARE_DATA session_crypto_module;
+
+/**
+ * Structure to carry the per-dir session config.
+ */
+typedef struct {
+    const char *passphrase;
+    int passphrase_set;
+    const char *certfile;
+    int certfile_set;
+    const char *keyfile;
+    int keyfile_set;
+    const char *cipher;
+    int cipher_set;
+    const char *digest;
+    int digest_set;
+    const char *engine;
+    int engine_set;
+} session_crypto_dir_conf;
+
+/**
+ * Initialise the encryption as per the current config.
+ *
+ * Returns APR_SUCCESS if successful.
+ */
+#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >=
3)
+static apr_status_t crypt_init(request_rec * r, apr_evp_factory_t ** f, apr_evp_crypt_key_e
* key, session_crypto_dir_conf * conf)
+{
+    apr_status_t res;
+
+    if (!conf->certfile_set && !conf->keyfile_set && !conf->passphrase_set)
{
+        ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, LOG_PREFIX
+                      "encryption not configured, "
+                      "no passphrase or certfile/keyfile set");
+        return APR_EGENERAL;
+    }
+
+    /* set up */
+    if (conf->certfile_set) {
+        *key = APR_EVP_KEY_PUBLIC;
+        res = apr_evp_factory_create(f, conf->keyfile, conf->certfile, NULL,
+                   NULL, NULL, conf->digest, APR_EVP_FACTORY_ASYM, r->pool);
+        if (APR_ENOTIMPL == res) {
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                "generic public/private key encryption is not supported by "
+                    "this version of APR. session encryption not possible");
+        }
+    }
+    if (conf->passphrase) {
+        *key = APR_EVP_KEY_SYM;
+        res = apr_evp_factory_create(f, NULL, NULL, conf->cipher,
+        conf->passphrase, NULL, conf->digest, APR_EVP_FACTORY_SYM, r->pool);
+        if (APR_ENOTIMPL == res) {
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                  "generic symmetrical encryption is not supported by this "
+                          "version of APR. session encryption not possible");
+        }
+    }
+    if (APR_STATUS_IS_ENOCIPHER(res)) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "the cipher '%s' was not found", conf->cipher);
+    }
+    if (APR_STATUS_IS_ENODIGEST(res)) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "the digest '%s' was not found", conf->digest);
+    }
+    if (APR_STATUS_IS_ENOCERT(res)) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                   "the public and private key could not be extracted from "
+                      "the certificates");
+    }
+    if (APR_STATUS_IS_ENOENGINE(res)) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "the engine '%s' was not found", conf->engine);
+    }
+    if (APR_SUCCESS != res) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "encryption could not be configured. Please check the "
+                      "certificates and/or passphrase as appropriate");
+        apr_evp_factory_cleanup(*f);
+        return APR_EGENERAL;
+    }
+
+    return APR_SUCCESS;
+}
+#endif
+
+/**
+ * Encrypt the string given as per the current config.
+ *
+ * Returns APR_SUCCESS if successful.
+ */
+static apr_status_t encrypt_string(request_rec * r, const char *in, char **out)
+{
+#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >=
3)
+    apr_status_t res;
+    apr_evp_factory_t *f = NULL;
+    apr_evp_crypt_t *e = NULL;
+    apr_evp_crypt_key_e key;
+    unsigned char *encrypt = NULL;
+    apr_size_t encryptlen, tlen;
+    char *base64;
+
+    session_crypto_dir_conf *conf = ap_get_module_config(r->per_dir_config,
+                                                    &session_crypto_module);
+
+    /* don't attempt to encrypt an empty string, trying to do so causes a segfault */
+    if (!in || !*in) {
+        return APR_SUCCESS;
+    }
+
+    res = crypt_init(r, &f, &key, conf);
+    if (res != APR_SUCCESS) {
+        return res;
+    }
+
+    res = apr_evp_crypt_init(f, &e, APR_EVP_ENCRYPT, key, r->pool);
+    if (APR_SUCCESS != res) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "encryption could be configured but not initialised");
+        apr_evp_factory_cleanup(f);
+        return res;
+    }
+
+    /* encrypt the given string */
+    res = apr_evp_crypt(e, &encrypt, &encryptlen, (unsigned char *) in, strlen(in));
+    if (APR_SUCCESS != res) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "attempt to encrypt failed");
+        apr_evp_factory_cleanup(f);
+        apr_evp_crypt_cleanup(e);
+        return res;
+    }
+    res = apr_evp_crypt_finish(e, encrypt + encryptlen, &tlen);
+    if (APR_SUCCESS != res) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "attempt to finish the encryption failed");
+        apr_evp_factory_cleanup(f);
+        apr_evp_crypt_cleanup(e);
+        return res;
+    }
+    encryptlen += tlen;
+
+    /* base64 encode the result */
+    base64 = apr_pcalloc(r->pool, apr_base64_encode_len(encryptlen + 1) * sizeof(char));
+    apr_base64_encode(base64, (const char *) encrypt, encryptlen);
+    *out = base64;
+
+    /* clean up afterwards */
+    apr_evp_factory_cleanup(f);
+    apr_evp_crypt_cleanup(e);
+
+    return res;
+
+#else
+    ap_log_rerror(APLOG_MARK, APLOG_ERR, APR_ENOTIMPL, r, LOG_PREFIX
+                  "crypto is not supported by APR on this platform");
+    return APR_ENOTIMPL;
+#endif
+}
+
+/**
+ * Decrypt the string given as per the current config.
+ *
+ * Returns APR_SUCCESS if successful.
+ */
+static apr_status_t decrypt_string(request_rec * r, const char *in, char **out)
+{
+#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >=
3)
+    apr_status_t res;
+    apr_evp_factory_t *f = NULL;
+    apr_evp_crypt_t *e = NULL;
+    apr_evp_crypt_key_e key;
+    unsigned char *decrypted = NULL;
+    apr_size_t decryptedlen, tlen;
+    apr_size_t decodedlen;
+    char *decoded;
+
+    session_crypto_dir_conf *conf = ap_get_module_config(r->per_dir_config,
+                                                    &session_crypto_module);
+
+    res = crypt_init(r, &f, &key, conf);
+    if (res != APR_SUCCESS) {
+        return res;
+    }
+
+    res = apr_evp_crypt_init(f, &e, APR_EVP_DECRYPT, key, r->pool);
+    if (APR_SUCCESS != res) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "decryption could be configured but not initialised");
+        apr_evp_factory_cleanup(f);
+        return res;
+    }
+
+    /* strip base64 from the string */
+    decoded = apr_palloc(r->pool, apr_base64_decode_len(in));
+    decodedlen = apr_base64_decode(decoded, in);
+    decoded[decodedlen] = '\0';
+
+    /* decrypt the given string */
+    res = apr_evp_crypt(e, &decrypted, &decryptedlen, (unsigned char *) decoded,
decodedlen);
+    if (res) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "decrypt: attempt to decrypt failed");
+        return res;
+    }
+    *out = (char *) decrypted;
+
+    res = apr_evp_crypt_finish(e, decrypted + decryptedlen, &tlen);
+    if (APR_SUCCESS != res) {
+        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                      "attempt to finish the decryption failed");
+        apr_evp_factory_cleanup(f);
+        apr_evp_crypt_cleanup(e);
+        return res;
+    }
+    decryptedlen += tlen;
+    decrypted[decryptedlen] = 0;
+
+    return APR_SUCCESS;
+
+#else
+    ap_log_rerror(APLOG_MARK, APLOG_ERR, APR_ENOTIMPL, r, LOG_PREFIX
+                  "crypto is not supported by APR on this platform");
+    return APR_ENOTIMPL;
+#endif
+}
+
+
+/**
+ * Crypto encoding for the session.
+ *
+ * @param r The request pointer.
+ * @param z A pointer to where the session will be written.
+ */
+AP_DECLARE(int) ap_session_crypto_encode(request_rec * r, session_rec * z)
+{
+
+    char *encoded = NULL;
+    apr_status_t res;
+    session_crypto_dir_conf *conf = ap_get_module_config(r->per_dir_config,
+                                                    &session_crypto_module);
+
+    if (conf->passphrase_set || conf->certfile_set) {
+        res = encrypt_string(r, z->encoded, &encoded);
+        if (res != OK) {
+            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, LOG_PREFIX
+                          "encrypt session failed");
+            return res;
+        }
+        z->encoded = encoded;
+    }
+
+    return OK;
+
+}
+
+/**
+ * Crypto decoding for the session.
+ *
+ * @param r The request pointer.
+ * @param z A pointer to where the session will be written.
+ */
+AP_DECLARE(int) ap_session_crypto_decode(request_rec * r, session_rec * z)
+{
+
+    char *encoded = NULL;
+    apr_status_t res;
+    session_crypto_dir_conf *conf = ap_get_module_config(r->per_dir_config,
+                                                    &session_crypto_module);
+
+    if ((conf->passphrase_set || conf->certfile_set) && z->encoded) {
+        res = decrypt_string(r, z->encoded, &encoded);
+        if (res != APR_SUCCESS) {
+            ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, LOG_PREFIX
+                          "decrypt session failed, wrong passphrase?");
+            return res;
+        }
+        z->encoded = encoded;
+    }
+
+    return OK;
+
+}
+
+
+
+
+static void *create_session_crypto_dir_config(apr_pool_t * p, char *dummy)
+{
+    session_crypto_dir_conf *new =
+    (session_crypto_dir_conf *) apr_pcalloc(p, sizeof(session_crypto_dir_conf));
+
+    /* default cipher AES256-SHA */
+    new->cipher = DEFAULT_CIPHER;
+    new->cipher_set = 1;
+
+    new->digest = DEFAULT_DIGEST;
+    new->digest_set = 1;
+
+    /* initialise SSL */
+    apr_ssl_init();
+
+    return (void *) new;
+}
+
+static void *merge_session_crypto_dir_config(apr_pool_t * p, void *basev, void *addv)
+{
+    session_crypto_dir_conf *new = (session_crypto_dir_conf *) apr_pcalloc(p, sizeof(session_crypto_dir_conf));
+    session_crypto_dir_conf *add = (session_crypto_dir_conf *) addv;
+    session_crypto_dir_conf *base = (session_crypto_dir_conf *) basev;
+
+    new->passphrase = (add->passphrase_set == 0) ? base->passphrase : add->passphrase;
+    new->passphrase_set = add->passphrase_set || base->passphrase_set;
+    new->certfile = (add->certfile_set == 0) ? base->certfile : add->certfile;
+    new->certfile_set = add->certfile_set || base->certfile_set;
+    new->keyfile = (add->keyfile_set == 0) ? base->keyfile : add->keyfile;
+    new->keyfile_set = add->keyfile_set || base->keyfile_set;
+    new->cipher = (add->cipher_set == 0) ? base->cipher : add->cipher;
+    new->cipher_set = add->cipher_set || base->cipher_set;
+    new->digest = (add->digest_set == 0) ? base->digest : add->digest;
+    new->digest_set = add->digest_set || base->digest_set;
+    new->engine = (add->engine_set == 0) ? base->engine : add->engine;
+    new->engine_set = add->engine_set || base->engine_set;
+
+    return new;
+}
+
+static const char *check_file(cmd_parms * cmd, const char **file)
+{
+    apr_finfo_t finfo;
+    const char *filepath = ap_server_root_relative(cmd->pool, *file);
+
+    if (!filepath) {
+        return apr_pstrcat(cmd->pool, cmd->directive->directive,
+                           ": Invalid file path ", *file, NULL);
+    }
+    if (apr_stat(&finfo, filepath,
+                 APR_FINFO_TYPE | APR_FINFO_SIZE, cmd->pool) != 0 ||
+        finfo.filetype != APR_REG || finfo.size <= 0) {
+        return apr_pstrcat(cmd->pool, cmd->directive->directive,
+                           ": File empty or missing ", *file, NULL);
+    }
+    *file = filepath;
+
+    return NULL;
+}
+
+static const char *set_crypto_passphrase(cmd_parms * cmd, void *config, const char *passphrase)
+{
+    session_crypto_dir_conf *conf = (session_crypto_dir_conf *) config;
+    conf->passphrase = passphrase;
+    conf->passphrase_set = 1;
+    return NULL;
+}
+
+static const char *set_crypto_certificate_file(cmd_parms * cmd, void *config, const char
*file)
+{
+    const char *res = check_file(cmd, &file);
+    if (!res) {
+        session_crypto_dir_conf *conf = (session_crypto_dir_conf *) config;
+        conf->certfile = file;
+        conf->certfile_set = 1;
+    }
+    return res;
+}
+
+static const char *set_crypto_certificate_keyfile(cmd_parms * cmd, void *config, const char
*file)
+{
+    const char *res = check_file(cmd, &file);
+    if (!res) {
+        session_crypto_dir_conf *conf = (session_crypto_dir_conf *) config;
+        conf->keyfile = file;
+        conf->keyfile_set = 1;
+    }
+    return res;
+}
+
+static const char *set_crypto_cipher(cmd_parms * cmd, void *config, const char *cipher)
+{
+    session_crypto_dir_conf *conf = (session_crypto_dir_conf *) config;
+    conf->cipher = cipher;
+    conf->cipher_set = 1;
+    return NULL;
+}
+
+static const char *set_crypto_digest(cmd_parms * cmd, void *config, const char *digest)
+{
+    session_crypto_dir_conf *conf = (session_crypto_dir_conf *) config;
+    conf->digest = digest;
+    conf->digest_set = 1;
+    return NULL;
+}
+
+static const char *set_crypto_engine(cmd_parms * cmd, void *config, const char *engine)
+{
+    session_crypto_dir_conf *conf = (session_crypto_dir_conf *) config;
+    conf->engine = engine;
+    conf->engine_set = 1;
+    return NULL;
+}
+
+
+static const command_rec session_crypto_cmds[] =
+{
+    AP_INIT_TAKE1("SessionCryptoPassphrase", set_crypto_passphrase, NULL, RSRC_CONF|OR_AUTHCFG,
+                  "The passphrase used to encrypt cookies"),
+    AP_INIT_TAKE1("SessionCryptoCertificateFile", set_crypto_certificate_file, NULL, RSRC_CONF|OR_AUTHCFG,
+                  "The name of a certificate whose public key will be used to encrypt cookies"),
+    AP_INIT_TAKE1("SessionCryptoCertificateKeyFile", set_crypto_certificate_keyfile, NULL,
RSRC_CONF|OR_AUTHCFG,
+                  "The name of a private key which will be used to decrypt cookies"),
+    AP_INIT_TAKE1("SessionCryptoCipher", set_crypto_cipher, NULL, RSRC_CONF|OR_AUTHCFG,
+                  "The cipher used to encrypt cookies. Defaults to " DEFAULT_CIPHER),
+    AP_INIT_TAKE1("SessionCryptoDigest", set_crypto_digest, NULL, RSRC_CONF|OR_AUTHCFG,
+                  "The digest used to encrypt cookies. Defaults to " DEFAULT_DIGEST),
+    AP_INIT_TAKE1("SessionCryptoEngine", set_crypto_engine, NULL, RSRC_CONF|OR_AUTHCFG,
+                  "The optional engine used to encrypt cookies, if supported by the underlying
crypto "
+                  "toolkit"),
+    {NULL}
+};
+
+static void register_hooks(apr_pool_t * p)
+{
+    ap_hook_session_encode(ap_session_crypto_encode, NULL, NULL, APR_HOOK_LAST);
+    ap_hook_session_decode(ap_session_crypto_decode, NULL, NULL, APR_HOOK_FIRST);
+}
+
+module AP_MODULE_DECLARE_DATA session_crypto_module =
+{
+    STANDARD20_MODULE_STUFF,
+    create_session_crypto_dir_config, /* dir config creater */
+    merge_session_crypto_dir_config,  /* dir merger --- default is to
+                                       * override */
+    NULL,                             /* server config */
+    NULL,                             /* merge server config */
+    session_crypto_cmds,              /* command apr_table_t */
+    register_hooks                    /* register hooks */
+};



Mime
View raw message