1#include "base.h" 2#include "log.h" 3#include "buffer.h" 4 5#include "plugin.h" 6 7#include <ctype.h> 8#include <stdlib.h> 9#include <string.h> 10 11#include "md5.h" 12 13/* plugin config for all request/connections */ 14 15typedef struct { 16 buffer *cookie_name; 17 buffer *cookie_domain; 18 unsigned int cookie_max_age; 19} plugin_config; 20 21typedef struct { 22 PLUGIN_DATA; 23 24 plugin_config **config_storage; 25 26 plugin_config conf; 27} plugin_data; 28 29/* init the plugin data */ 30INIT_FUNC(mod_usertrack_init) { 31 plugin_data *p; 32 33 p = calloc(1, sizeof(*p)); 34 35 return p; 36} 37 38/* detroy the plugin data */ 39FREE_FUNC(mod_usertrack_free) { 40 plugin_data *p = p_d; 41 42 UNUSED(srv); 43 44 if (!p) return HANDLER_GO_ON; 45 46 if (p->config_storage) { 47 size_t i; 48 for (i = 0; i < srv->config_context->used; i++) { 49 plugin_config *s = p->config_storage[i]; 50 51 if (NULL == s) continue; 52 53 buffer_free(s->cookie_name); 54 buffer_free(s->cookie_domain); 55 56 free(s); 57 } 58 free(p->config_storage); 59 } 60 61 free(p); 62 63 return HANDLER_GO_ON; 64} 65 66/* handle plugin config and check values */ 67 68SETDEFAULTS_FUNC(mod_usertrack_set_defaults) { 69 plugin_data *p = p_d; 70 size_t i = 0; 71 72 config_values_t cv[] = { 73 { "usertrack.cookie-name", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 0 */ 74 { "usertrack.cookie-max-age", NULL, T_CONFIG_INT, T_CONFIG_SCOPE_CONNECTION }, /* 1 */ 75 { "usertrack.cookie-domain", NULL, T_CONFIG_STRING, T_CONFIG_SCOPE_CONNECTION }, /* 2 */ 76 77 { "usertrack.cookiename", NULL, T_CONFIG_DEPRECATED, T_CONFIG_SCOPE_CONNECTION }, 78 { NULL, NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET } 79 }; 80 81 if (!p) return HANDLER_ERROR; 82 83 p->config_storage = calloc(1, srv->config_context->used * sizeof(plugin_config *)); 84 85 for (i = 0; i < srv->config_context->used; i++) { 86 data_config const* config = (data_config const*)srv->config_context->data[i]; 87 plugin_config *s; 88 89 s = calloc(1, sizeof(plugin_config)); 90 s->cookie_name = buffer_init(); 91 s->cookie_domain = buffer_init(); 92 s->cookie_max_age = 0; 93 94 cv[0].destination = s->cookie_name; 95 cv[1].destination = &(s->cookie_max_age); 96 cv[2].destination = s->cookie_domain; 97 98 p->config_storage[i] = s; 99 100 if (0 != config_insert_values_global(srv, config->value, cv, i == 0 ? T_CONFIG_SCOPE_SERVER : T_CONFIG_SCOPE_CONNECTION)) { 101 return HANDLER_ERROR; 102 } 103 104 if (buffer_string_is_empty(s->cookie_name)) { 105 buffer_copy_string_len(s->cookie_name, CONST_STR_LEN("TRACKID")); 106 } else { 107 size_t j, len = buffer_string_length(s->cookie_name); 108 for (j = 0; j < len; j++) { 109 char c = s->cookie_name->ptr[j] | 32; 110 if (c < 'a' || c > 'z') { 111 log_error_write(srv, __FILE__, __LINE__, "sb", 112 "invalid character in usertrack.cookie-name:", 113 s->cookie_name); 114 115 return HANDLER_ERROR; 116 } 117 } 118 } 119 120 if (!buffer_string_is_empty(s->cookie_domain)) { 121 size_t j, len = buffer_string_length(s->cookie_domain); 122 for (j = 0; j < len; j++) { 123 char c = s->cookie_domain->ptr[j]; 124 if (c <= 32 || c >= 127 || c == '"' || c == '\\') { 125 log_error_write(srv, __FILE__, __LINE__, "sb", 126 "invalid character in usertrack.cookie-domain:", 127 s->cookie_domain); 128 129 return HANDLER_ERROR; 130 } 131 } 132 } 133 } 134 135 return HANDLER_GO_ON; 136} 137 138#define PATCH(x) \ 139 p->conf.x = s->x; 140static int mod_usertrack_patch_connection(server *srv, connection *con, plugin_data *p) { 141 size_t i, j; 142 plugin_config *s = p->config_storage[0]; 143 144 PATCH(cookie_name); 145 PATCH(cookie_domain); 146 PATCH(cookie_max_age); 147 148 /* skip the first, the global context */ 149 for (i = 1; i < srv->config_context->used; i++) { 150 data_config *dc = (data_config *)srv->config_context->data[i]; 151 s = p->config_storage[i]; 152 153 /* condition didn't match */ 154 if (!config_check_cond(srv, con, dc)) continue; 155 156 /* merge config */ 157 for (j = 0; j < dc->value->used; j++) { 158 data_unset *du = dc->value->data[j]; 159 160 if (buffer_is_equal_string(du->key, CONST_STR_LEN("usertrack.cookie-name"))) { 161 PATCH(cookie_name); 162 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("usertrack.cookie-max-age"))) { 163 PATCH(cookie_max_age); 164 } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("usertrack.cookie-domain"))) { 165 PATCH(cookie_domain); 166 } 167 } 168 } 169 170 return 0; 171} 172#undef PATCH 173 174URIHANDLER_FUNC(mod_usertrack_uri_handler) { 175 plugin_data *p = p_d; 176 data_string *ds; 177 unsigned char h[16]; 178 li_MD5_CTX Md5Ctx; 179 char hh[LI_ITOSTRING_LENGTH]; 180 181 if (buffer_is_empty(con->uri.path)) return HANDLER_GO_ON; 182 183 mod_usertrack_patch_connection(srv, con, p); 184 185 if (NULL != (ds = (data_string *)array_get_element(con->request.headers, "Cookie"))) { 186 char *g; 187 /* we have a cookie, does it contain a valid name ? */ 188 189 /* parse the cookie 190 * 191 * check for cookiename + (WS | '=') 192 * 193 */ 194 195 if (NULL != (g = strstr(ds->value->ptr, p->conf.cookie_name->ptr))) { 196 char *nc; 197 198 /* skip WS */ 199 for (nc = g + buffer_string_length(p->conf.cookie_name); *nc == ' ' || *nc == '\t'; nc++); 200 201 if (*nc == '=') { 202 /* ok, found the key of our own cookie */ 203 204 if (strlen(nc) > 32) { 205 /* i'm lazy */ 206 return HANDLER_GO_ON; 207 } 208 } 209 } 210 } 211 212 /* set a cookie */ 213 if (NULL == (ds = (data_string *)array_get_unused_element(con->response.headers, TYPE_STRING))) { 214 ds = data_response_init(); 215 } 216 buffer_copy_string_len(ds->key, CONST_STR_LEN("Set-Cookie")); 217 buffer_copy_buffer(ds->value, p->conf.cookie_name); 218 buffer_append_string_len(ds->value, CONST_STR_LEN("=")); 219 220 221 /* taken from mod_auth.c */ 222 223 /* generate shared-secret */ 224 li_MD5_Init(&Md5Ctx); 225 li_MD5_Update(&Md5Ctx, CONST_BUF_LEN(con->uri.path)); 226 li_MD5_Update(&Md5Ctx, CONST_STR_LEN("+")); 227 228 /* we assume sizeof(time_t) == 4 here, but if not it ain't a problem at all */ 229 li_itostr(hh, srv->cur_ts); 230 li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); 231 li_MD5_Update(&Md5Ctx, (unsigned char *)srv->entropy, sizeof(srv->entropy)); 232 li_itostr(hh, rand()); 233 li_MD5_Update(&Md5Ctx, (unsigned char *)hh, strlen(hh)); 234 235 li_MD5_Final(h, &Md5Ctx); 236 237 buffer_append_string_encoded(ds->value, (char *)h, 16, ENCODING_HEX); 238 buffer_append_string_len(ds->value, CONST_STR_LEN("; Path=/")); 239 buffer_append_string_len(ds->value, CONST_STR_LEN("; Version=1")); 240 241 if (!buffer_string_is_empty(p->conf.cookie_domain)) { 242 buffer_append_string_len(ds->value, CONST_STR_LEN("; Domain=")); 243 buffer_append_string_encoded(ds->value, CONST_BUF_LEN(p->conf.cookie_domain), ENCODING_REL_URI); 244 } 245 246 if (p->conf.cookie_max_age) { 247 buffer_append_string_len(ds->value, CONST_STR_LEN("; max-age=")); 248 buffer_append_int(ds->value, p->conf.cookie_max_age); 249 } 250 251 array_insert_unique(con->response.headers, (data_unset *)ds); 252 253 return HANDLER_GO_ON; 254} 255 256/* this function is called at dlopen() time and inits the callbacks */ 257 258int mod_usertrack_plugin_init(plugin *p); 259int mod_usertrack_plugin_init(plugin *p) { 260 p->version = LIGHTTPD_VERSION_ID; 261 p->name = buffer_init_string("usertrack"); 262 263 p->init = mod_usertrack_init; 264 p->handle_uri_clean = mod_usertrack_uri_handler; 265 p->set_defaults = mod_usertrack_set_defaults; 266 p->cleanup = mod_usertrack_free; 267 268 p->data = NULL; 269 270 return 0; 271} 272