static bool verify_captcha(request_context *ctx) {
if (!ctx->px_captcha) {
return false;
}
px_config *conf = ctx->conf;
const char *domain = "";
if (conf->captcha_subdomain) {
get_host_domain(ctx, &domain);
}
// preventing reuse of captcha cookie by deleting it
apr_status_t res = ap_cookie_remove(ctx->r, CAPTCHA_COOKIE, domain, ctx->r->headers_out, ctx->r->err_headers_out, NULL);
if (res != APR_SUCCESS) {
px_log_debug("Could not remove _pxCaptcha from request");
}
char *payload = create_captcha_payload(ctx, conf);
if (!payload) {
px_log_debug_fmt("failed to format captcha payload. url: %s", ctx->full_url);
ctx->pass_reason = PASS_REASON_ERROR;
return true;
}
char *response_str = NULL;
CURLcode status = post_request(conf->captcha_api_url, payload, conf->connect_timeout_ms, conf->captcha_timeout, conf, ctx, &response_str, &ctx->api_rtt);
free(payload);
if (status == CURLE_OK) {
px_log_debug_fmt("server response %s", response_str);
captcha_response *c = parse_captcha_response(response_str, ctx);
free(response_str);
bool passed = (c && c->status == 0);
if (passed) {
ctx->pass_reason = PASS_REASON_CAPTCHA;
}
return passed;
}
if (status == CURLE_OPERATION_TIMEDOUT) {
ctx->pass_reason = PASS_REASON_CAPTCHA_TIMEOUT;
px_log_debug("Captcha response timeout - passing request");
} else {
ctx->pass_reason = PASS_REASON_ERROR;
px_log_debug_fmt("failed to perform captcha validation request. url: %s", ctx->full_url);
}
return false;
}
/**
* Set the cookie and embed the session within it.
*
* This function adds an RFC2109 compliant Set-Cookie header for
* the cookie specified in SessionCookieName, and an RFC2965 compliant
* Set-Cookie2 header for the cookie specified in SessionCookieName2.
*
* If specified, the optional cookie attributes will be added to
* each cookie. If defaults are not specified, DEFAULT_ATTRS
* will be used.
*
* On success, this method will return APR_SUCCESS.
*
* @param r The request pointer.
* @param z A pointer to where the session will be written.
*/
static apr_status_t session_cookie_save(request_rec * r, session_rec * z)
{
session_cookie_dir_conf *conf = ap_get_module_config(r->per_dir_config,
&session_cookie_module);
/* don't cache auth protected pages */
apr_table_addn(r->headers_out, "Cache-Control", "no-cache");
/* create RFC2109 compliant cookie */
if (conf->name_set) {
if (z->encoded && z->encoded[0]) {
ap_cookie_write(r, conf->name, z->encoded, conf->name_attrs,
z->maxage, r->headers_out, r->err_headers_out,
NULL);
}
else {
ap_cookie_remove(r, conf->name, conf->name_attrs, r->headers_out,
r->err_headers_out, NULL);
}
}
/* create RFC2965 compliant cookie */
if (conf->name2_set) {
if (z->encoded && z->encoded[0]) {
ap_cookie_write2(r, conf->name2, z->encoded, conf->name2_attrs,
z->maxage, r->headers_out, r->err_headers_out,
NULL);
}
else {
ap_cookie_remove2(r, conf->name2, conf->name2_attrs,
r->headers_out, r->err_headers_out, NULL);
}
}
if (conf->name_set || conf->name2_set) {
return OK;
}
return DECLINED;
}
