Article delegate-en/2914 of [1-4224] on the server localhost:7119
  upper oldest olders older1 this newer1 newers latest
search
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
[Reference:<_A2913@delegate-en.ML_>]
Newsgroups: mail-lists.delegate-en
[DeleGate-En] Re: =?iso-8859-1?Q?Re:_Re:_[DeleGate-En:2910]_Re:_Re:_[DeleGate-En]_Re:_[DeleGate-En:2906]_cookie_handling_in_sslway?
13 Apr 2005 14:12:29 GMT feedback@delegate.org (Yutaka Sato)
The DeleGate Project 
Hallo,

In message <_A2913@delegate-en.ML_> on 04/13/05(21:38:02)
you <pk4fqbdyi-mxhgu432b33w.ml@delegate.org> wrote:
 |it seems that the patch was compiled into the delegate, but i still get
 |no connection. I still get an cookie with the secure flag set on the
 |client side. 
...
 |04/13 14:08:38.98 [3460] 2+1/1: Set-Cookie: JSESSIONID=xxxx; Path=/directory; Secure
 |>>>>>>> DST_PROTO[https]/ CLNT_PROTO[http]
 |>>>>>>> HTTPS / HTTP
 |04/13 14:08:38.98 [3460] 2+1/1: MOUNT DIRMATCH patn[directory/] url[directory] 4
 |04/13 14:08:38.98 [3460] 2+1/1: ** /directory/ UNMOUNTED FROM https://some_ssl_server.de/directory/ **
 |04/13 14:08:38.98 [3460] 2+1/1: rewriten-Cookie> JSESSIONID=xxxx; Path=/directory; Secure

oops...
I forgot to care CR/LF at the end of the HTTP header line.  The patch
must be modified as the enclosed one.

By the way, when you send your log to here, "pficabdyi-mxhgu432b33w.ml@delegate.org" which
is open to anyone, be careful to hide sensitive values in Cookie which
should not be known by others.

Cheers,
Yutaka
--
  D G   Yutaka Sato <pfqcabdyi-mxhgu432b33w.ml@delegate.org> http://delegate.org/y.sato/
 ( - )  National Institute of Advanced Industrial Science and Technology
_<   >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller


*** dist/delegate8.11.2/src/httphead.c	Tue Mar 15 00:06:19 2005
--- src/httphead.c	Wed Apr 13 23:04:04 2005
***************
*** 1039,1044 ****
--- 1039,1074 ----
  		rewriteCookie(value,url);
  #endif
  }
+ 
+ int delParam(PVStr(params),PCStr(name)){
+ 	refQStr(pp,params);
+ 	const char *dp;
+ 	CStr(name1,32);
+ 	CStr(val1,URLSZ);
+ 	int ndel = 0;
+ 
+ 	pp = params;
+ 	while( *pp != 0 ){
+ 		dp = wordscanY(pp,AVStr(name1),sizeof(name1),"^=;\r\n");
+ 		if( *dp == '=' ){
+ 			dp = valuescanX(dp+1,AVStr(val1),sizeof(val1));
+ 			if( *dp == '"' )
+ 				dp++;
+ 		}
+ 		if( *dp == ';' )
+ 			dp++;
+ 		while( isspace(*dp) )
+ 			dp++;
+ 		if( strcaseeq(name1,name) ){
+ 			ovstrcpy((char*)pp,dp);
+ 			ndel++;
+ 		}else{
+ 			pp = dp;
+ 		}
+ 	}
+ 	return ndel;
+ }
+ 
  void MountCookieResponse(Connection *Conn,PCStr(request),PVStr(value))
  {	CStr(dom,1024);
  	CStr(login,1024);
***************
*** 1049,1054 ****
--- 1079,1097 ----
  
  	lineScan(value,valb);
  	sv1log("Set-Cookie: %s\n",valb);
+ 
+ sv1log(">>>>>>> DST_PROTO[%s]/ CLNT_PROTO[%s]\n",DST_PROTO,CLNT_PROTO);
+ 	if( strcaseeq(DST_PROTO,"https") && strcaseeq(CLNT_PROTO,"http") )
+ {
+ sv1log(">>>>>>> HTTPS / HTTP, Set-Cookie[%s]\n",value);
+ 	if( strcasestr(value,"Secure") )
+ 	{
+ sv1log(">>>>>>> delParam ...\n");
+ 		if( delParam(AVStr(value),"Secure") ){
+ 			sv1log("Removed Secure attribute ... %s\n",value);
+ 		}
+ 	}
+ }
  
  	HTTP_originalURLPath(Conn,AVStr(opath));
  	if( !getsetDomPath(AVStr(value),AVStr(dom),AVStr(opath),0) )
  admin search upper oldest olders older1 this newer1 newers latest
[Top/Up] [oldest] - [Older+chunk] - [Newer+chunk] - [newest + Check]
@_@V