static void cookiejar_changed(SoupCookieJar *self, SoupCookie *old_cookie, SoupCookie *new_cookie) { FLOCK(COOKIEJAR(self)->lock, F_WRLCK); SoupDate *expire; if (new_cookie) { /* session-expire-time handling */ if (vb.config.cookie_expire_time == 0) { soup_cookie_set_expires(new_cookie, NULL); } else if (vb.config.cookie_expire_time > 0 && new_cookie->expires) { expire = soup_date_new_from_now(vb.config.cookie_expire_time); if (soup_date_to_time_t(expire) < soup_date_to_time_t(new_cookie->expires)) { soup_cookie_set_expires(new_cookie, expire); } soup_date_free(expire); } /* session-cookie handling */ if (!new_cookie->expires && vb.config.cookie_timeout) { expire = soup_date_new_from_now(vb.config.cookie_timeout); soup_cookie_set_expires(new_cookie, expire); soup_date_free(expire); } } SOUP_COOKIE_JAR_CLASS(cookiejar_parent_class)->changed(self, old_cookie, new_cookie); FLOCK(COOKIEJAR(self)->lock, F_UNLCK); }
/** * Parses the hsts directives from given header like specified in RFC 6797 6.1 */ static void parse_hsts_header(HSTSProvider *provider, const char *host, const char *header) { GHashTable *directives = soup_header_parse_semi_param_list(header); HSTSEntry *entry; int max_age = G_MAXINT; gboolean include_sub_domains = false; GHashTableIter iter; gpointer key, value; gboolean success = true; HSTSProviderClass *klass = g_type_class_ref(HSTS_TYPE_PROVIDER); g_hash_table_iter_init(&iter, directives); while (g_hash_table_iter_next(&iter, &key, &value)) { /* parse the max-age directive */ if (!g_ascii_strncasecmp(key, "max-age", 7)) { /* max age needs a value */ if (value) { max_age = g_ascii_strtoll(value, NULL, 10); if (max_age < 0) { success = false; break; } } else { success = false; break; } } else if (g_ascii_strncasecmp(key, "includeSubDomains", 17)) { /* includeSubDomains must not have a value */ if (!value) { include_sub_domains = true; } else { success = false; break; } } } soup_header_free_param_list(directives); g_type_class_unref(klass); if (success) { /* remove host if max-age = 0 RFC 6797 6.1.1 */ if (max_age == 0) { remove_host_entry(provider, host); } else { entry = g_slice_new(HSTSEntry); entry->expires_at = soup_date_new_from_now(max_age); entry->include_sub_domains = include_sub_domains; add_host_entry(provider, host, entry); add_host_entry_to_file(provider, host, entry); } } }
static void katze_http_cookies_jar_changed_cb (SoupCookieJar* jar, SoupCookie* old_cookie, SoupCookie* new_cookie, KatzeHttpCookies* http_cookies) { GObject* settings; guint accept_cookies; if (old_cookie) soup_cookie_set_max_age (old_cookie, 0); if (new_cookie) { settings = g_object_get_data (G_OBJECT (jar), "midori-settings"); accept_cookies = katze_object_get_enum (settings, "accept-cookies"); if (accept_cookies == 2 /* MIDORI_ACCEPT_COOKIES_NONE */) { soup_cookie_set_max_age (new_cookie, 0); } else if (accept_cookies == 1 /* MIDORI_ACCEPT_COOKIES_SESSION */ && new_cookie->expires) { soup_cookie_set_max_age (new_cookie, -1); } else if (new_cookie->expires) { gint age = katze_object_get_int (settings, "maximum-cookie-age"); if (age > 0) { SoupDate* max_date = soup_date_new_from_now ( age * SOUP_COOKIE_MAX_AGE_ONE_DAY); if (soup_date_to_time_t (new_cookie->expires) > soup_date_to_time_t (max_date)) soup_cookie_set_expires (new_cookie, max_date); } else { /* An age of 0 to SoupCookie means already-expired A user choosing 0 days probably expects 1 hour. */ soup_cookie_set_max_age (new_cookie, SOUP_COOKIE_MAX_AGE_ONE_HOUR); } } } if (g_getenv ("MIDORI_COOKIES_DEBUG") != NULL) http_cookies->counter++; if (!http_cookies->timeout && (old_cookie || new_cookie->expires)) http_cookies->timeout = g_timeout_add_seconds (5, (GSourceFunc)katze_http_cookies_update_jar, http_cookies); }
/* * Send a discovery response */ static gboolean discovery_response_timeout (gpointer user_data) { DiscoveryResponse *response = user_data; GSSDPClient *client; SoupDate *date; char *al, *date_str, *message; guint max_age; char *usn; GSSDPResourceGroup *self = response->resource->resource_group; GSSDPResourceGroupPrivate *priv; priv = gssdp_resource_group_get_instance_private (self); /* Send message */ client = priv->client; max_age = priv->max_age; al = construct_al (response->resource); usn = construct_usn (response->resource->usn, response->target, response->resource->target); date = soup_date_new_from_now (0); date_str = soup_date_to_string (date, SOUP_DATE_HTTP); soup_date_free (date); message = g_strdup_printf (SSDP_DISCOVERY_RESPONSE, (char *) response->resource->locations->data, al ? al : "", usn, gssdp_client_get_server_id (client), max_age, response->target, date_str); _gssdp_client_send_message (client, response->dest_ip, response->dest_port, message, _GSSDP_DISCOVERY_RESPONSE); g_free (message); g_free (date_str); g_free (al); g_free (usn); discovery_response_free (response); return FALSE; }
void soup_cookie_jar_add_cookie(SoupCookieJar *jar, SoupCookie *cookie) { struct wl_entry *w = NULL; SoupCookie *c; FILE *r_cookie_f; char *public_suffix; DNPRINTF(XT_D_COOKIE, "soup_cookie_jar_add_cookie: %p %p %p\n", jar, p_cookiejar, s_cookiejar); if (cookies_enabled == 0) return; /* see if we are up and running */ if (p_cookiejar == NULL) { _soup_cookie_jar_add_cookie(jar, cookie); return; } /* disallow p_cookiejar adds, shouldn't happen */ if (jar == p_cookiejar) return; /* sanity */ if (jar == NULL || cookie == NULL) return; /* check if domain is valid */ public_suffix = tld_get_suffix(cookie->domain[0] == '.' ? cookie->domain + 1 : cookie->domain); if (public_suffix == NULL || (enable_cookie_whitelist && (w = wl_find(cookie->domain, &c_wl)) == NULL)) { blocked_cookies++; DNPRINTF(XT_D_COOKIE, "soup_cookie_jar_add_cookie: reject %s\n", cookie->domain); if (save_rejected_cookies) { if ((r_cookie_f = fopen(rc_fname, "a+")) == NULL) { show_oops(NULL, "can't open reject cookie file"); return; } fseek(r_cookie_f, 0, SEEK_END); fprintf(r_cookie_f, "%s%s\t%s\t%s\t%s\t%lu\t%s\t%s\n", cookie->http_only ? "#HttpOnly_" : "", cookie->domain, *cookie->domain == '.' ? "TRUE" : "FALSE", cookie->path, cookie->secure ? "TRUE" : "FALSE", cookie->expires ? (gulong)soup_date_to_time_t(cookie->expires) : 0, cookie->name, cookie->value); fflush(r_cookie_f); fclose(r_cookie_f); } if (!allow_volatile_cookies) return; } if (cookie->expires == NULL && session_timeout) { soup_cookie_set_expires(cookie, soup_date_new_from_now(session_timeout)); print_cookie("modified add cookie", cookie); } /* see if we are white listed for persistence */ if ((w && w->handy) || (enable_cookie_whitelist == 0)) { /* add to persistent jar */ c = soup_cookie_copy(cookie); print_cookie("soup_cookie_jar_add_cookie p_cookiejar", c); _soup_cookie_jar_add_cookie(p_cookiejar, c); } /* add to session jar */ print_cookie("soup_cookie_jar_add_cookie s_cookiejar", cookie); _soup_cookie_jar_add_cookie(s_cookiejar, cookie); }
static void got_headers (SoupMessage *req, SoupClientContext *client) { SoupServer *server = client->server; SoupServerPrivate *priv = SOUP_SERVER_GET_PRIVATE (server); SoupURI *uri; SoupDate *date; char *date_string; SoupAuthDomain *domain; GSList *iter; gboolean rejected = FALSE; char *auth_user; if (!priv->raw_paths) { char *decoded_path; uri = soup_message_get_uri (req); decoded_path = soup_uri_decode (uri->path); soup_uri_set_path (uri, decoded_path); g_free (decoded_path); } /* Add required response headers */ date = soup_date_new_from_now (0); date_string = soup_date_to_string (date, SOUP_DATE_HTTP); soup_message_headers_replace (req->response_headers, "Date", date_string); g_free (date_string); soup_date_free (date); /* Now handle authentication. (We do this here so that if * the request uses "Expect: 100-continue", we can reject it * immediately rather than waiting for the request body to * be sent. */ for (iter = priv->auth_domains; iter; iter = iter->next) { domain = iter->data; if (soup_auth_domain_covers (domain, req)) { auth_user = soup_auth_domain_accepts (domain, req); if (auth_user) { client->auth_domain = g_object_ref (domain); client->auth_user = auth_user; return; } rejected = TRUE; } } /* If no auth domain rejected it, then it's ok. */ if (!rejected) return; for (iter = priv->auth_domains; iter; iter = iter->next) { domain = iter->data; if (soup_auth_domain_covers (domain, req)) soup_auth_domain_challenge (domain, req); } }
void aws_s3_client_read_async (AwsS3Client *client, const gchar *bucket, const gchar *path, AwsS3ClientDataHandler handler, gpointer handler_data, GDestroyNotify handler_notify, GCancellable *cancellable, GAsyncReadyCallback callback, gpointer user_data) { AwsS3ClientPrivate *priv = aws_s3_client_get_instance_private (client); g_autoptr(GTask) task = NULL; g_autofree gchar *auth = NULL; g_autofree gchar *date_str = NULL; g_autofree gchar *signature = NULL; g_autofree gchar *uri = NULL; g_autoptr(SoupDate) date = NULL; g_autoptr(GString) str = NULL; g_autoptr(SoupMessage) message = NULL; ReadState *state; guint16 port; g_return_if_fail (AWS_IS_S3_CLIENT(client)); g_return_if_fail (bucket); g_return_if_fail (path); g_return_if_fail (g_utf8_validate(bucket, -1, NULL)); g_return_if_fail (g_utf8_validate(path, -1, NULL)); g_return_if_fail (handler != NULL); task = g_task_new (client, cancellable, callback, user_data); g_task_set_source_tag (task, aws_s3_client_read_async); state = read_state_new (handler, handler_data, handler_notify); g_task_set_task_data (task, state, read_state_free); /* * Strip leading '/' from the path. */ while (g_utf8_get_char (path) == '/') path = g_utf8_next_char (path); /* * Determine our connection port. */ port = priv->port_set ? priv->port : (priv->secure ? 443 : 80); /* * Build our HTTP request message. */ uri = g_strdup_printf ("%s://%s:%d/%s/%s", priv->secure ? "https" : "http", priv->host, port, bucket, path); message = soup_message_new (SOUP_METHOD_GET, uri); soup_message_body_set_accumulate (message->response_body, FALSE); g_signal_connect_object (message, "got-chunk", G_CALLBACK (aws_s3_client_read_got_chunk), task, 0); g_signal_connect_object (message, "got-headers", G_CALLBACK (aws_s3_client_read_got_headers), task, 0); /* * Set the Host header for systems that may be proxying. */ if (priv->host != NULL) soup_message_headers_append (message->request_headers, "Host", priv->host); /* * Add the Date header which we need for signing. */ date = soup_date_new_from_now (0); date_str = soup_date_to_string (date, SOUP_DATE_HTTP); soup_message_headers_append (message->request_headers, "Date", date_str); /* * Sign our request. */ str = g_string_new ("GET\n\n\n"); g_string_append_printf (str, "%s\n", date_str); g_string_append_printf (str, "/%s/%s", bucket, path); signature = aws_credentials_sign (priv->creds, str->str, str->len, G_CHECKSUM_SHA1); /* * Attach request signature to our headers. */ auth = g_strdup_printf ("AWS %s:%s", aws_credentials_get_access_key (priv->creds), signature); soup_message_headers_append (message->request_headers, "Authorization", auth); /* * Submit our request to the target. */ soup_session_queue_message (SOUP_SESSION (client), g_steal_pointer (&message), aws_s3_client_read_cb, g_steal_pointer (&task)); }