tomasz.sowa
/
winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
winix/winixd/core/sessionmanager.h

159 lines
4.3 KiB
C
Raw Normal View History

import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
/*
added: function adduser changed: errors (removed enum, there are macros now) added: error messages to locales (winix_err_NN) removed: templates: err_abuse.html err_others.html git-svn-id: svn://ttmath.org/publicrep/winix/trunk@593 e52654a7-88a9-db11-a3e9-0013d4bc506e
2010-02-28 01:08:10 +01:00
* This file is a part of Winix
setting a Winix Licence: 2 Clause BSD Licence changed: version to 0.6.2 git-svn-id: svn://ttmath.org/publicrep/winix/trunk@963 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-10-04 20:04:03 +02:00
* and is distributed under the 2-Clause BSD licence.
* Author: Tomasz Sowa <t.sowa@ttmath.org>
*/
/*
fixed: permissions to symlinks and directories with redirect flag were incorrectly checked (there was no session set and the request was treated the same as from a not logged user) fixed: in BaseThread there was used 'log' in the main thread (this logger is only for the other thread) added: in BaseThread we have a main_log now - logger which puts to the main log buffer from the main thread git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1182 e52654a7-88a9-db11-a3e9-0013d4bc506e
2019-03-19 19:08:09 +01:00
* Copyright (c) 2008-2019, Tomasz Sowa
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
* All rights reserved.
*
setting a Winix Licence: 2 Clause BSD Licence changed: version to 0.6.2 git-svn-id: svn://ttmath.org/publicrep/winix/trunk@963 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-10-04 20:04:03 +02:00
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
* LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
*/
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
#ifndef headerfile_winix_core_sessionmanager
#define headerfile_winix_core_sessionmanager
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
#include <set>
#include <ctime>
added: SessionContainer special container used by SessionManager sessions are indexed by id and time (last used time) changed: old sessions are deleted parameter: session_max_iddle in the config file added: function 'who' git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@483 e52654a7-88a9-db11-a3e9-0013d4bc506e
2009-01-31 07:53:36 +01:00
#include "sessioncontainer.h"
added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban) now after some incorrent login attempts your IP can be banned or blocked (see new config variables) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 09:44:26 +02:00
#include "ipbancontainer.h"
the first part of reimplementing has been done now we have app object and singletons are only: log logn plugin and app git-svn-id: svn://ttmath.org/publicrep/winix/trunk@628 e52654a7-88a9-db11-a3e9-0013d4bc506e
2010-08-10 18:12:50 +02:00
#include "config.h"
#include "request.h"
#include "lastcontainer.h"
#include "system.h"
added: gc for sessions (another thread) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@693 e52654a7-88a9-db11-a3e9-0013d4bc506e
2010-12-07 13:52:52 +01:00
#include "synchro.h"
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
#include "basethread.h"
added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp) added: config options: // whether or not we should encode the session cookie // (we have a special algorithm) // default: false bool session_cookie_encode; // if session_cookie_encode is true then you should provide // a file where AES keys will be stored std::wstring session_keys_file; // each session has an index -- an unsigned int value // this value is sent in the cookie string (is encoded) // and is incremented when session_index_time_increment time is passed since the last incrementing // if a client sent the cookie back the difference between // current index and the index in the cookie should be less than or equal to session_allow_index_difference // default: 8 size_t session_allow_index_difference; // the time which should pass after the session index is incremented // default: 30 // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time // load of a page and all elements on it such as images (of course it depends on client's download too) time_t session_index_time_increment; // time in seconds after a new AES key pair should be generated // we have 256 pairs of keys so this time multiplied by 256 should not be less than // the max time of a session (session_remember_max_idle), // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle) // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10) size_t session_key_renew_time; changed: when printing the time of a request we print only two non-zero digits git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-22 16:30:56 +01:00
#include "sessionidmanager.h"
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
added: namespace Winix over all *.h/*.cpp files git-svn-id: svn://ttmath.org/publicrep/winix/trunk@948 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-02-12 17:30:49 +01:00
namespace Winix
{
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
class SessionManager : public BaseThread
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
{
added: 'remember me' flag when logging added: the session file sessions can still be available between starting and stopping the cmslu system git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@529 e52654a7-88a9-db11-a3e9-0013d4bc506e
2009-11-21 00:09:52 +01:00
public:
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
added: 'remember me' flag when logging added: the session file sessions can still be available between starting and stopping the cmslu system git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@529 e52654a7-88a9-db11-a3e9-0013d4bc506e
2009-11-21 00:09:52 +01:00
SessionManager();
the first part of reimplementing has been done now we have app object and singletons are only: log logn plugin and app git-svn-id: svn://ttmath.org/publicrep/winix/trunk@628 e52654a7-88a9-db11-a3e9-0013d4bc506e
2010-08-10 18:12:50 +02:00
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
void SetCur(Cur * pcur);
the first part of reimplementing has been done now we have app object and singletons are only: log logn plugin and app git-svn-id: svn://ttmath.org/publicrep/winix/trunk@628 e52654a7-88a9-db11-a3e9-0013d4bc506e
2010-08-10 18:12:50 +02:00
void SetSystem(System * psystem);
void SetLastContainer(LastContainer * plast_container);
start working on 0.7.x branch - added FileLog which stores content to the file log - now Log is only a wrapper - it puts messages to the local buffer and when logsave is used then the buffer is put to FileLog - new base classes: WinixBase (Log, Config*, Synchro*) WinixModel : public WinixBase (morm::ModelConnector*, Plugin*) WinixSystem : public WinixModel (System*) WinixRequest : public WinixSystem (SLog, Cur*) - singletons: log, slog, plugin are depracated - now references to them are in base classses (WinixBase, WinixModel) - DbBase, DbConn and Db are depracated - now we are using Morm project (in WinixModel there is a model_connector pointer) each thread will have its own ModelConnector git-svn-id: svn://ttmath.org/publicrep/winix/branches/0.7.x@1146 e52654a7-88a9-db11-a3e9-0013d4bc506e
2018-11-21 12:03:53 +01:00
void set_dependency(WinixModel * winix_model);
added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban) now after some incorrent login attempts your IP can be banned or blocked (see new config variables) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 09:44:26 +02:00
updated: to the new Pikotools API ConfParser is now SpaceParser added: to SessionManager Session * SessionManager::FindSession(long id) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@831 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-05-01 00:53:54 +02:00
// can return a null pointer
Session * FindSession(long id);
fixed: permissions to symlinks and directories with redirect flag were incorrectly checked (there was no session set and the request was treated the same as from a not logged user) fixed: in BaseThread there was used 'log' in the main thread (this logger is only for the other thread) added: in BaseThread we have a main_log now - logger which puts to the main log buffer from the main thread git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1182 e52654a7-88a9-db11-a3e9-0013d4bc506e
2019-03-19 19:08:09 +01:00
Session * PrepareSession();
// some functions require a session (need_session flag) so if there was
// a temporary session and a function requires a session then we create a new session
Session * CheckIfFunctionRequireSession();
fixed: when signal comes winix properly exits fixed: when winix exits the session data were not properly destroyed (memory leak) we should set request.session pointer to each session when deleting sessions from session_container the session data were not properly destroyed when winix checked for outdated sessions (and when it was removing them) fixed: performance (memcpy used too often) in some places there were reserve method used (on std::wstring/std::string objects) especially in AssignString() method and TextStream<> object if we add a new string we should check the new size and only call reserve() if the new size will be greater than existing one (plus some constant) changed: fcgi objects moved to App class (from Request) now we use thread safe methods (e.g. FCGX_Accept_r) added: log_plugin_call option to the config default: false when true winix log when a plugin function is called added: winix parameter 'nostat' for not calculating statistics (useful when making performance tests) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@680 e52654a7-88a9-db11-a3e9-0013d4bc506e
2010-11-23 22:52:25 +01:00
void DeleteSessions(); // deleting all sessions
rewritten: sessions management (Session, SessionContainer, SessionManager) now a Session object don't copy all fields in its copy constructor (only id) the rest fields are set after the object is inserted in SessionContainer added: after successfully login a session id is changed added: plugin.Call() methods with a first argument a pointer to a Session object git-svn-id: svn://ttmath.org/publicrep/winix/trunk@823 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-03-17 06:11:23 +01:00
bool ChangeSessionId(long old_id);
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies) added: possibility to ban if a client tries to hijack the session cookie added: possibility to ban if a client did not send a session cookie renamed: ezc functions: login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed) login_when_available_login -> ipban_current_ip_expires_time added: config options: // after how many broken encoded cookie we should ban the current IP // default: 2 (value in the range <0 - 65535>) size_t broken_encoded_cookie_treshold; // after how many incorrect session identifiers (or session indices) we should ban the current IP // do not set this value too low, as people connecting from the same IP address (from behind a NAT) // would be banned if they have an old session cookie remembered in the browser // default: 128 (value in the range <0 - 65535>) size_t session_hijacking_treshold; // after how many times a client will be banned if it did not send a session cookie // default: 1000 (value in the range <0 - 65535>) size_t no_session_cookie_treshold; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-24 21:22:30 +01:00
void IncrementBanLevel(IPBan * ip_ban);
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
void InitTmpSession();
added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp) added: config options: // whether or not we should encode the session cookie // (we have a special algorithm) // default: false bool session_cookie_encode; // if session_cookie_encode is true then you should provide // a file where AES keys will be stored std::wstring session_keys_file; // each session has an index -- an unsigned int value // this value is sent in the cookie string (is encoded) // and is incremented when session_index_time_increment time is passed since the last incrementing // if a client sent the cookie back the difference between // current index and the index in the cookie should be less than or equal to session_allow_index_difference // default: 8 size_t session_allow_index_difference; // the time which should pass after the session index is incremented // default: 30 // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time // load of a page and all elements on it such as images (of course it depends on client's download too) time_t session_index_time_increment; // time in seconds after a new AES key pair should be generated // we have 256 pairs of keys so this time multiplied by 256 should not be less than // the max time of a session (session_remember_max_idle), // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle) // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10) size_t session_key_renew_time; changed: when printing the time of a request we print only two non-zero digits git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-22 16:30:56 +01:00
void InitBanList();
void InitCookieEncoding();
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
void UninitTmpSession();
Session * GetTmpSession();
Session * GetCurSession();
added: 'remember me' flag when logging added: the session file sessions can still be available between starting and stopping the cmslu system git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@529 e52654a7-88a9-db11-a3e9-0013d4bc506e
2009-11-21 00:09:52 +01:00
void LoadSessions();
void SaveSessions();
added: SessionContainer special container used by SessionManager sessions are indexed by id and time (last used time) changed: old sessions are deleted parameter: session_max_iddle in the config file added: function 'who' git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@483 e52654a7-88a9-db11-a3e9-0013d4bc506e
2009-01-31 07:53:36 +01:00
SessionContainer::Iterator SessionBegin();
SessionContainer::Iterator SessionEnd();
added: uptime winix function prints how many sessions there are changed: functions for text/numbers conversions int Toi(const std::string & str, int base = 10); int Toi(const std::wstring & str, int base = 10); int Toi(const char * str, int base = 10); int Toi(const wchar_t * str, int base = 10); long Tol(const std::string & str, int base = 10); long Tol(const std::wstring & str, int base = 10); long Tol(const char * str, int base = 10); long Tol(const wchar_t * str, int base = 10); template<class CharType> bool Toa(unsigned long value, CharType * buffer, size_t buf_len, int base = 10); template<class CharType> bool Toa(long value, CharType * buffer, size_t buf_len, int base = 10); template<class CharType> bool Toa(unsigned int value, CharType * buffer, size_t buf_len, int base = 10); template<class CharType> bool Toa(int value, CharType * buffer, size_t buf_len, int base = 10); const wchar_t * Toa(unsigned int value, int base = 10); const wchar_t * Toa(unsigned long value, int base = 10); const wchar_t * Toa(int value, int base = 10); const wchar_t * Toa(long value, int base = 10); void Toa(int value, std::string & res, int base = 10, bool clear = true); void Toa(long value, std::string & res, int base = 10, bool clear = true); void Toa(int value, std::wstring & res, int base = 10, bool clear = true); void Toa(long value, std::wstring & res, int base = 10, bool clear = true); added: HtmlTextStream class (files htmltextstream.cpp htmltextstream.h in templates) this is a special stream for automatically escaping html tags git-svn-id: svn://ttmath.org/publicrep/winix/trunk@682 e52654a7-88a9-db11-a3e9-0013d4bc506e
2010-11-25 02:34:46 +01:00
size_t Size();
added: winix function: rmuser changed: UGContainer<> now uses std::list as a storage (previously it was using std::vector with pointers) removed: now we don't have the operator[] for UGContainer<> git-svn-id: svn://ttmath.org/publicrep/winix/trunk@816 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-03-09 03:36:25 +01:00
size_t MarkAllSessionsToRemove(long user_id);
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban) now after some incorrent login attempts your IP can be banned or blocked (see new config variables) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 09:44:26 +02:00
IPBan & AddIPToBanList(int ip);
changed: when a client doesn't send a session cookie we can instead of ban just use a temporary session added: config option: // the way we behave when no_session_cookie_treshold limit is exceeded // 0 - if a client doesn't send a session cookie again then use a temporary session // (other sessions from this IP address are not affected) // 1 - add this IP address to ban list and create a temporary session // (this will block other sessions from this IP address too) // default: 0 int no_session_cookie_ban_mode; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@996 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-25 13:02:22 +01:00
IPBan & AddIPToBanList(int ip, time_t last_used);
added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban) now after some incorrent login attempts your IP can be banned or blocked (see new config variables) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 09:44:26 +02:00
size_t BanListSize();
IPBan & GetIPBan(size_t index);
added: to 'ipban' winix function: possibility to remove a ban (or all bans) added: to SessionManager: sorting of the ban list (in the second thread) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@903 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 11:03:49 +02:00
void RemoveIPBan(int ip);
void ClearIPBanList();
added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban) now after some incorrent login attempts your IP can be banned or blocked (see new config variables) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 09:44:26 +02:00
added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp) added: config options: // whether or not we should encode the session cookie // (we have a special algorithm) // default: false bool session_cookie_encode; // if session_cookie_encode is true then you should provide // a file where AES keys will be stored std::wstring session_keys_file; // each session has an index -- an unsigned int value // this value is sent in the cookie string (is encoded) // and is incremented when session_index_time_increment time is passed since the last incrementing // if a client sent the cookie back the difference between // current index and the index in the cookie should be less than or equal to session_allow_index_difference // default: 8 size_t session_allow_index_difference; // the time which should pass after the session index is incremented // default: 30 // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time // load of a page and all elements on it such as images (of course it depends on client's download too) time_t session_index_time_increment; // time in seconds after a new AES key pair should be generated // we have 256 pairs of keys so this time multiplied by 256 should not be less than // the max time of a session (session_remember_max_idle), // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle) // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10) size_t session_key_renew_time; changed: when printing the time of a request we print only two non-zero digits git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-22 16:30:56 +01:00
bool EncodeSessionId(long id, unsigned int index, std::wstring & str);
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
private:
Cur * cur;
System * system;
LastContainer * last_container;
Session * session;
SessionContainer session_tab;
added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban) now after some incorrent login attempts your IP can be banned or blocked (see new config variables) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 09:44:26 +02:00
IPBanContainer ban_tab;
IPBan * current_ip_ban;
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
Session temporary_session;
added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp) added: config options: // whether or not we should encode the session cookie // (we have a special algorithm) // default: false bool session_cookie_encode; // if session_cookie_encode is true then you should provide // a file where AES keys will be stored std::wstring session_keys_file; // each session has an index -- an unsigned int value // this value is sent in the cookie string (is encoded) // and is incremented when session_index_time_increment time is passed since the last incrementing // if a client sent the cookie back the difference between // current index and the index in the cookie should be less than or equal to session_allow_index_difference // default: 8 size_t session_allow_index_difference; // the time which should pass after the session index is incremented // default: 30 // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time // load of a page and all elements on it such as images (of course it depends on client's download too) time_t session_index_time_increment; // time in seconds after a new AES key pair should be generated // we have 256 pairs of keys so this time multiplied by 256 should not be less than // the max time of a session (session_remember_max_idle), // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle) // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10) size_t session_key_renew_time; changed: when printing the time of a request we print only two non-zero digits git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-22 16:30:56 +01:00
SessionIdManager session_id_manager;
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
bool IsSession(long s);
long CreateSessionId();
void CreateSession();
added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies) added: possibility to ban if a client tries to hijack the session cookie added: possibility to ban if a client did not send a session cookie renamed: ezc functions: login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed) login_when_available_login -> ipban_current_ip_expires_time added: config options: // after how many broken encoded cookie we should ban the current IP // default: 2 (value in the range <0 - 65535>) size_t broken_encoded_cookie_treshold; // after how many incorrect session identifiers (or session indices) we should ban the current IP // do not set this value too low, as people connecting from the same IP address (from behind a NAT) // would be banned if they have an old session cookie remembered in the browser // default: 128 (value in the range <0 - 65535>) size_t session_hijacking_treshold; // after how many times a client will be banned if it did not send a session cookie // default: 1000 (value in the range <0 - 65535>) size_t no_session_cookie_treshold; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-24 21:22:30 +01:00
bool IsSessionCorrect(long id, bool has_index, unsigned int index, const SessionContainer::Iterator & s, unsigned int & difference);
added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp) added: config options: // whether or not we should encode the session cookie // (we have a special algorithm) // default: false bool session_cookie_encode; // if session_cookie_encode is true then you should provide // a file where AES keys will be stored std::wstring session_keys_file; // each session has an index -- an unsigned int value // this value is sent in the cookie string (is encoded) // and is incremented when session_index_time_increment time is passed since the last incrementing // if a client sent the cookie back the difference between // current index and the index in the cookie should be less than or equal to session_allow_index_difference // default: 8 size_t session_allow_index_difference; // the time which should pass after the session index is incremented // default: 30 // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time // load of a page and all elements on it such as images (of course it depends on client's download too) time_t session_index_time_increment; // time in seconds after a new AES key pair should be generated // we have 256 pairs of keys so this time multiplied by 256 should not be less than // the max time of a session (session_remember_max_idle), // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle) // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10) size_t session_key_renew_time; changed: when printing the time of a request we print only two non-zero digits git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-22 16:30:56 +01:00
bool SetSessionFromCookie(long id, bool has_index, unsigned int index);
removed: Request::debug all stream used for debugging info some environment variables were put there removed: config variable: debug_info removed: Request::role (responder, authorizer) now we have only one role: responder added: new config variables: log_env_variables (default false) - when true then fastcgi environment variables are logged to the log file log_http_answer_headers (default false) - when true all http headers created by winix ale logged (note that the www server can add/adjust other headers) changed: some refactoring in Request struct changed: CookieTab to std::map<std::wstring, std::wstring> beforehand std::string was used (changed CookieParser as well) changed: Request::SetCookie() to AddCookie() added: Request::out_headers (a PT::Space struct) http headers (without cookies) send back to the client added: Request::out_cookies (a PT::Space struct) cookies send to the client changed: App class to use Request::out_headers and Request::out_cookies some SendHeaders...() methods were renamed to PrepareHeaders...() and they create output in Request::out_headers first (and out_cookies) and later it is sent added: two plugin messages: // http headers (without cookies) were created and are ready to send // here you can make some changes to them // in p1 you have a pointer to the PT::Space (Request::out_headers) #define WINIX_PREPARE_TO_SEND_HTTP_HEADERS 31070 // http cookies were created and are ready to send // here you can make some changes to them // in p1 you have a pointer to the PT::Space (Request::out_cookies) #define WINIX_PREPARE_TO_SEND_HTTP_COOKIES 31080 added: config variable: // how many output streams do we have in Request class // default: 16 (64 maximum) size_t ezc_out_streams_size; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@940 e52654a7-88a9-db11-a3e9-0013d4bc506e
2013-11-29 22:39:23 +01:00
bool SetSessionFromCookie(const std::wstring & cookie);
added: IP ban mechanism (not finished yet -- we need a winix function to remove a ban) now after some incorrent login attempts your IP can be banned or blocked (see new config variables) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@902 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 09:44:26 +02:00
void SetTemporarySession();
added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies) added: possibility to ban if a client tries to hijack the session cookie added: possibility to ban if a client did not send a session cookie renamed: ezc functions: login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed) login_when_available_login -> ipban_current_ip_expires_time added: config options: // after how many broken encoded cookie we should ban the current IP // default: 2 (value in the range <0 - 65535>) size_t broken_encoded_cookie_treshold; // after how many incorrect session identifiers (or session indices) we should ban the current IP // do not set this value too low, as people connecting from the same IP address (from behind a NAT) // would be banned if they have an old session cookie remembered in the browser // default: 128 (value in the range <0 - 65535>) size_t session_hijacking_treshold; // after how many times a client will be banned if it did not send a session cookie // default: 1000 (value in the range <0 - 65535>) size_t no_session_cookie_treshold; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-24 21:22:30 +01:00
unsigned int CalculateIndexDifference(Session & ses, unsigned int index);
added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp) added: config options: // whether or not we should encode the session cookie // (we have a special algorithm) // default: false bool session_cookie_encode; // if session_cookie_encode is true then you should provide // a file where AES keys will be stored std::wstring session_keys_file; // each session has an index -- an unsigned int value // this value is sent in the cookie string (is encoded) // and is incremented when session_index_time_increment time is passed since the last incrementing // if a client sent the cookie back the difference between // current index and the index in the cookie should be less than or equal to session_allow_index_difference // default: 8 size_t session_allow_index_difference; // the time which should pass after the session index is incremented // default: 30 // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time // load of a page and all elements on it such as images (of course it depends on client's download too) time_t session_index_time_increment; // time in seconds after a new AES key pair should be generated // we have 256 pairs of keys so this time multiplied by 256 should not be less than // the max time of a session (session_remember_max_idle), // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle) // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10) size_t session_key_renew_time; changed: when printing the time of a request we print only two non-zero digits git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-22 16:30:56 +01:00
void SetSessionPutLogInfo(Session & ses, bool has_index, unsigned int difference);
added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies) added: possibility to ban if a client tries to hijack the session cookie added: possibility to ban if a client did not send a session cookie renamed: ezc functions: login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed) login_when_available_login -> ipban_current_ip_expires_time added: config options: // after how many broken encoded cookie we should ban the current IP // default: 2 (value in the range <0 - 65535>) size_t broken_encoded_cookie_treshold; // after how many incorrect session identifiers (or session indices) we should ban the current IP // do not set this value too low, as people connecting from the same IP address (from behind a NAT) // would be banned if they have an old session cookie remembered in the browser // default: 128 (value in the range <0 - 65535>) size_t session_hijacking_treshold; // after how many times a client will be banned if it did not send a session cookie // default: 1000 (value in the range <0 - 65535>) size_t no_session_cookie_treshold; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-24 21:22:30 +01:00
bool IsIPBanned();
void SetFirstExpirationTime(IPBan * ip_ban);
void BrokenCookieCheckBan();
void IncorrectSessionCheckBan();
fixed: permissions to symlinks and directories with redirect flag were incorrectly checked (there was no session set and the request was treated the same as from a not logged user) fixed: in BaseThread there was used 'log' in the main thread (this logger is only for the other thread) added: in BaseThread we have a main_log now - logger which puts to the main log buffer from the main thread git-svn-id: svn://ttmath.org/publicrep/winix/trunk@1182 e52654a7-88a9-db11-a3e9-0013d4bc506e
2019-03-19 19:08:09 +01:00
void NoSessionCookieWasSent();
added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies) added: possibility to ban if a client tries to hijack the session cookie added: possibility to ban if a client did not send a session cookie renamed: ezc functions: login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed) login_when_available_login -> ipban_current_ip_expires_time added: config options: // after how many broken encoded cookie we should ban the current IP // default: 2 (value in the range <0 - 65535>) size_t broken_encoded_cookie_treshold; // after how many incorrect session identifiers (or session indices) we should ban the current IP // do not set this value too low, as people connecting from the same IP address (from behind a NAT) // would be banned if they have an old session cookie remembered in the browser // default: 128 (value in the range <0 - 65535>) size_t session_hijacking_treshold; // after how many times a client will be banned if it did not send a session cookie // default: 1000 (value in the range <0 - 65535>) size_t no_session_cookie_treshold; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-24 21:22:30 +01:00
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
added: possibility to ban if a session cookie is incorrect (when we are using encoded cookies) added: possibility to ban if a client tries to hijack the session cookie added: possibility to ban if a client did not send a session cookie renamed: ezc functions: login_cannot_login -> ipban_is_login_allowed_from_this_ip (and the return value was changed) login_when_available_login -> ipban_current_ip_expires_time added: config options: // after how many broken encoded cookie we should ban the current IP // default: 2 (value in the range <0 - 65535>) size_t broken_encoded_cookie_treshold; // after how many incorrect session identifiers (or session indices) we should ban the current IP // do not set this value too low, as people connecting from the same IP address (from behind a NAT) // would be banned if they have an old session cookie remembered in the browser // default: 128 (value in the range <0 - 65535>) size_t session_hijacking_treshold; // after how many times a client will be banned if it did not send a session cookie // default: 1000 (value in the range <0 - 65535>) size_t no_session_cookie_treshold; git-svn-id: svn://ttmath.org/publicrep/winix/trunk@995 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-11-24 21:22:30 +01:00
/*
* second thread
*/
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
int deleted;
virtual void Work();
rewritten: sessions management (Session, SessionContainer, SessionManager) now a Session object don't copy all fields in its copy constructor (only id) the rest fields are set after the object is inserted in SessionContainer added: after successfully login a session id is changed added: plugin.Call() methods with a first argument a pointer to a Session object git-svn-id: svn://ttmath.org/publicrep/winix/trunk@823 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-03-17 06:11:23 +01:00
void CheckSession(SessionContainer::Iterator & i);
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
bool IsSessionOutdated(const Session & s) const;
rewritten: sessions management (Session, SessionContainer, SessionManager) now a Session object don't copy all fields in its copy constructor (only id) the rest fields are set after the object is inserted in SessionContainer added: after successfully login a session id is changed added: plugin.Call() methods with a first argument a pointer to a Session object git-svn-id: svn://ttmath.org/publicrep/winix/trunk@823 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-03-17 06:11:23 +01:00
void DeleteSession(Session * del_session);
added: to 'ipban' winix function: possibility to remove a ban (or all bans) added: to SessionManager: sorting of the ban list (in the second thread) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@903 e52654a7-88a9-db11-a3e9-0013d4bc506e
2012-10-27 11:03:49 +02:00
void CheckWheterIPListIsSorted();
changed: added Cur structure we have there two pointers: Request * request; Session * session; these are the current request and the current session the session GC was moved to SessionManager (was in SessionContainer) git-svn-id: svn://ttmath.org/publicrep/winix/trunk@708 e52654a7-88a9-db11-a3e9-0013d4bc506e
2011-01-23 15:15:30 +01:00
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
};
added: namespace Winix over all *.h/*.cpp files git-svn-id: svn://ttmath.org/publicrep/winix/trunk@948 e52654a7-88a9-db11-a3e9-0013d4bc506e
2014-02-12 17:30:49 +01:00
} // namespace Winix
import the first version of cmslu git-svn-id: svn://ttmath.org/publicrep/cmslu/trunk@460 e52654a7-88a9-db11-a3e9-0013d4bc506e
2008-12-10 05:42:49 +01:00
#endif