static void cookiejar_changed(SoupCookieJar *self, SoupCookie *old_cookie, SoupCookie *new_cookie)
{
FLOCK(COOKIEJAR(self)->lock, F_WRLCK);
SoupDate *expire;
if (new_cookie) {
/* session-expire-time handling */
if (vb.config.cookie_expire_time == 0) {
soup_cookie_set_expires(new_cookie, NULL);
} else if (vb.config.cookie_expire_time > 0 && new_cookie->expires) {
expire = soup_date_new_from_now(vb.config.cookie_expire_time);
if (soup_date_to_time_t(expire) < soup_date_to_time_t(new_cookie->expires)) {
soup_cookie_set_expires(new_cookie, expire);
}
soup_date_free(expire);
}
/* session-cookie handling */
if (!new_cookie->expires && vb.config.cookie_timeout) {
expire = soup_date_new_from_now(vb.config.cookie_timeout);
soup_cookie_set_expires(new_cookie, expire);
soup_date_free(expire);
}
}
SOUP_COOKIE_JAR_CLASS(cookiejar_parent_class)->changed(self, old_cookie, new_cookie);
FLOCK(COOKIEJAR(self)->lock, F_UNLCK);
}
/**
* Parses the hsts directives from given header like specified in RFC 6797 6.1
*/
static void parse_hsts_header(HSTSProvider *provider,
const char *host, const char *header)
{
GHashTable *directives = soup_header_parse_semi_param_list(header);
HSTSEntry *entry;
int max_age = G_MAXINT;
gboolean include_sub_domains = false;
GHashTableIter iter;
gpointer key, value;
gboolean success = true;
HSTSProviderClass *klass = g_type_class_ref(HSTS_TYPE_PROVIDER);
g_hash_table_iter_init(&iter, directives);
while (g_hash_table_iter_next(&iter, &key, &value)) {
/* parse the max-age directive */
if (!g_ascii_strncasecmp(key, "max-age", 7)) {
/* max age needs a value */
if (value) {
max_age = g_ascii_strtoll(value, NULL, 10);
if (max_age < 0) {
success = false;
break;
}
} else {
success = false;
break;
}
} else if (g_ascii_strncasecmp(key, "includeSubDomains", 17)) {
/* includeSubDomains must not have a value */
if (!value) {
include_sub_domains = true;
} else {
success = false;
break;
}
}
}
soup_header_free_param_list(directives);
g_type_class_unref(klass);
if (success) {
/* remove host if max-age = 0 RFC 6797 6.1.1 */
if (max_age == 0) {
remove_host_entry(provider, host);
} else {
entry = g_slice_new(HSTSEntry);
entry->expires_at = soup_date_new_from_now(max_age);
entry->include_sub_domains = include_sub_domains;
add_host_entry(provider, host, entry);
add_host_entry_to_file(provider, host, entry);
}
}
}
static void
katze_http_cookies_jar_changed_cb (SoupCookieJar* jar,
SoupCookie* old_cookie,
SoupCookie* new_cookie,
KatzeHttpCookies* http_cookies)
{
GObject* settings;
guint accept_cookies;
if (old_cookie)
soup_cookie_set_max_age (old_cookie, 0);
if (new_cookie)
{
settings = g_object_get_data (G_OBJECT (jar), "midori-settings");
accept_cookies = katze_object_get_enum (settings, "accept-cookies");
if (accept_cookies == 2 /* MIDORI_ACCEPT_COOKIES_NONE */)
{
soup_cookie_set_max_age (new_cookie, 0);
}
else if (accept_cookies == 1 /* MIDORI_ACCEPT_COOKIES_SESSION */
&& new_cookie->expires)
{
soup_cookie_set_max_age (new_cookie, -1);
}
else if (new_cookie->expires)
{
gint age = katze_object_get_int (settings, "maximum-cookie-age");
if (age > 0)
{
SoupDate* max_date = soup_date_new_from_now (
age * SOUP_COOKIE_MAX_AGE_ONE_DAY);
if (soup_date_to_time_t (new_cookie->expires)
> soup_date_to_time_t (max_date))
soup_cookie_set_expires (new_cookie, max_date);
}
else
{
/* An age of 0 to SoupCookie means already-expired
A user choosing 0 days probably expects 1 hour. */
soup_cookie_set_max_age (new_cookie, SOUP_COOKIE_MAX_AGE_ONE_HOUR);
}
}
}
if (g_getenv ("MIDORI_COOKIES_DEBUG") != NULL)
http_cookies->counter++;
if (!http_cookies->timeout && (old_cookie || new_cookie->expires))
http_cookies->timeout = g_timeout_add_seconds (5,
(GSourceFunc)katze_http_cookies_update_jar, http_cookies);
}
/*
* Send a discovery response
*/
static gboolean
discovery_response_timeout (gpointer user_data)
{
DiscoveryResponse *response = user_data;
GSSDPClient *client;
SoupDate *date;
char *al, *date_str, *message;
guint max_age;
char *usn;
GSSDPResourceGroup *self = response->resource->resource_group;
GSSDPResourceGroupPrivate *priv;
priv = gssdp_resource_group_get_instance_private (self);
/* Send message */
client = priv->client;
max_age = priv->max_age;
al = construct_al (response->resource);
usn = construct_usn (response->resource->usn,
response->target,
response->resource->target);
date = soup_date_new_from_now (0);
date_str = soup_date_to_string (date, SOUP_DATE_HTTP);
soup_date_free (date);
message = g_strdup_printf (SSDP_DISCOVERY_RESPONSE,
(char *) response->resource->locations->data,
al ? al : "",
usn,
gssdp_client_get_server_id (client),
max_age,
response->target,
date_str);
_gssdp_client_send_message (client,
response->dest_ip,
response->dest_port,
message,
_GSSDP_DISCOVERY_RESPONSE);
g_free (message);
g_free (date_str);
g_free (al);
g_free (usn);
discovery_response_free (response);
return FALSE;
}
void
soup_cookie_jar_add_cookie(SoupCookieJar *jar, SoupCookie *cookie)
{
struct wl_entry *w = NULL;
SoupCookie *c;
FILE *r_cookie_f;
char *public_suffix;
DNPRINTF(XT_D_COOKIE, "soup_cookie_jar_add_cookie: %p %p %p\n",
jar, p_cookiejar, s_cookiejar);
if (cookies_enabled == 0)
return;
/* see if we are up and running */
if (p_cookiejar == NULL) {
_soup_cookie_jar_add_cookie(jar, cookie);
return;
}
/* disallow p_cookiejar adds, shouldn't happen */
if (jar == p_cookiejar)
return;
/* sanity */
if (jar == NULL || cookie == NULL)
return;
/* check if domain is valid */
public_suffix = tld_get_suffix(cookie->domain[0] == '.' ?
cookie->domain + 1 : cookie->domain);
if (public_suffix == NULL ||
(enable_cookie_whitelist &&
(w = wl_find(cookie->domain, &c_wl)) == NULL)) {
blocked_cookies++;
DNPRINTF(XT_D_COOKIE,
"soup_cookie_jar_add_cookie: reject %s\n",
cookie->domain);
if (save_rejected_cookies) {
if ((r_cookie_f = fopen(rc_fname, "a+")) == NULL) {
show_oops(NULL, "can't open reject cookie file");
return;
}
fseek(r_cookie_f, 0, SEEK_END);
fprintf(r_cookie_f, "%s%s\t%s\t%s\t%s\t%lu\t%s\t%s\n",
cookie->http_only ? "#HttpOnly_" : "",
cookie->domain,
*cookie->domain == '.' ? "TRUE" : "FALSE",
cookie->path,
cookie->secure ? "TRUE" : "FALSE",
cookie->expires ?
(gulong)soup_date_to_time_t(cookie->expires) :
0,
cookie->name,
cookie->value);
fflush(r_cookie_f);
fclose(r_cookie_f);
}
if (!allow_volatile_cookies)
return;
}
if (cookie->expires == NULL && session_timeout) {
soup_cookie_set_expires(cookie,
soup_date_new_from_now(session_timeout));
print_cookie("modified add cookie", cookie);
}
/* see if we are white listed for persistence */
if ((w && w->handy) || (enable_cookie_whitelist == 0)) {
/* add to persistent jar */
c = soup_cookie_copy(cookie);
print_cookie("soup_cookie_jar_add_cookie p_cookiejar", c);
_soup_cookie_jar_add_cookie(p_cookiejar, c);
}
/* add to session jar */
print_cookie("soup_cookie_jar_add_cookie s_cookiejar", cookie);
_soup_cookie_jar_add_cookie(s_cookiejar, cookie);
}
static void
got_headers (SoupMessage *req, SoupClientContext *client)
{
SoupServer *server = client->server;
SoupServerPrivate *priv = SOUP_SERVER_GET_PRIVATE (server);
SoupURI *uri;
SoupDate *date;
char *date_string;
SoupAuthDomain *domain;
GSList *iter;
gboolean rejected = FALSE;
char *auth_user;
if (!priv->raw_paths) {
char *decoded_path;
uri = soup_message_get_uri (req);
decoded_path = soup_uri_decode (uri->path);
soup_uri_set_path (uri, decoded_path);
g_free (decoded_path);
}
/* Add required response headers */
date = soup_date_new_from_now (0);
date_string = soup_date_to_string (date, SOUP_DATE_HTTP);
soup_message_headers_replace (req->response_headers, "Date",
date_string);
g_free (date_string);
soup_date_free (date);
/* Now handle authentication. (We do this here so that if
* the request uses "Expect: 100-continue", we can reject it
* immediately rather than waiting for the request body to
* be sent.
*/
for (iter = priv->auth_domains; iter; iter = iter->next) {
domain = iter->data;
if (soup_auth_domain_covers (domain, req)) {
auth_user = soup_auth_domain_accepts (domain, req);
if (auth_user) {
client->auth_domain = g_object_ref (domain);
client->auth_user = auth_user;
return;
}
rejected = TRUE;
}
}
/* If no auth domain rejected it, then it's ok. */
if (!rejected)
return;
for (iter = priv->auth_domains; iter; iter = iter->next) {
domain = iter->data;
if (soup_auth_domain_covers (domain, req))
soup_auth_domain_challenge (domain, req);
}
}
void
aws_s3_client_read_async (AwsS3Client *client,
const gchar *bucket,
const gchar *path,
AwsS3ClientDataHandler handler,
gpointer handler_data,
GDestroyNotify handler_notify,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data)
{
AwsS3ClientPrivate *priv = aws_s3_client_get_instance_private (client);
g_autoptr(GTask) task = NULL;
g_autofree gchar *auth = NULL;
g_autofree gchar *date_str = NULL;
g_autofree gchar *signature = NULL;
g_autofree gchar *uri = NULL;
g_autoptr(SoupDate) date = NULL;
g_autoptr(GString) str = NULL;
g_autoptr(SoupMessage) message = NULL;
ReadState *state;
guint16 port;
g_return_if_fail (AWS_IS_S3_CLIENT(client));
g_return_if_fail (bucket);
g_return_if_fail (path);
g_return_if_fail (g_utf8_validate(bucket, -1, NULL));
g_return_if_fail (g_utf8_validate(path, -1, NULL));
g_return_if_fail (handler != NULL);
task = g_task_new (client, cancellable, callback, user_data);
g_task_set_source_tag (task, aws_s3_client_read_async);
state = read_state_new (handler, handler_data, handler_notify);
g_task_set_task_data (task, state, read_state_free);
/*
* Strip leading '/' from the path.
*/
while (g_utf8_get_char (path) == '/')
path = g_utf8_next_char (path);
/*
* Determine our connection port.
*/
port = priv->port_set ? priv->port : (priv->secure ? 443 : 80);
/*
* Build our HTTP request message.
*/
uri = g_strdup_printf ("%s://%s:%d/%s/%s",
priv->secure ? "https" : "http",
priv->host,
port,
bucket,
path);
message = soup_message_new (SOUP_METHOD_GET, uri);
soup_message_body_set_accumulate (message->response_body, FALSE);
g_signal_connect_object (message,
"got-chunk",
G_CALLBACK (aws_s3_client_read_got_chunk),
task,
0);
g_signal_connect_object (message,
"got-headers",
G_CALLBACK (aws_s3_client_read_got_headers),
task,
0);
/*
* Set the Host header for systems that may be proxying.
*/
if (priv->host != NULL)
soup_message_headers_append (message->request_headers, "Host", priv->host);
/*
* Add the Date header which we need for signing.
*/
date = soup_date_new_from_now (0);
date_str = soup_date_to_string (date, SOUP_DATE_HTTP);
soup_message_headers_append (message->request_headers, "Date", date_str);
/*
* Sign our request.
*/
str = g_string_new ("GET\n\n\n");
g_string_append_printf (str, "%s\n", date_str);
g_string_append_printf (str, "/%s/%s", bucket, path);
signature = aws_credentials_sign (priv->creds, str->str, str->len, G_CHECKSUM_SHA1);
/*
* Attach request signature to our headers.
*/
auth = g_strdup_printf ("AWS %s:%s",
aws_credentials_get_access_key (priv->creds),
signature);
soup_message_headers_append (message->request_headers, "Authorization", auth);
/*
* Submit our request to the target.
*/
soup_session_queue_message (SOUP_SESSION (client),
g_steal_pointer (&message),
aws_s3_client_read_cb,
g_steal_pointer (&task));
}
