tomasz.sowa/winix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

added: possibility to encode the session cookie (added files core/sessionidmanager.h and core/sessionidmanager.cpp)

Browse Source 
added: config options:
       // whether or not we should encode the session cookie
       // (we have a special algorithm)
       // default: false
       bool session_cookie_encode;

       // if session_cookie_encode is true then you should provide
       // a file where AES keys will be stored
       std::wstring session_keys_file;

       // each session has an index -- an unsigned int value
       // this value is sent in the cookie string (is encoded)
       // and is incremented when session_index_time_increment time is passed since the last incrementing
       // if a client sent the cookie back the difference between
       // current index and the index in the cookie should be less than or equal to session_allow_index_difference
       // default: 8
       size_t session_allow_index_difference;

       // the time which should pass after the session index is incremented
       // default: 30
       // (session_allow_index_difference + 1) * session_index_time_increment should be less than a time
       // load of a page and all elements on it such as images (of course it depends on client's download too)
       time_t session_index_time_increment;

       // time in seconds after a new AES key pair should be generated
       // we have 256 pairs of keys so this time multiplied by 256 should not be less than
       // the max time of a session (session_remember_max_idle),
       // by default: 256 * 2 days = 512 days = 1.4 year > 3 months (session_remember_max_idle)
       // default: 172800 = 2 days (max: 2678400 = 1 month, min: 10)
       size_t session_key_renew_time;

changed: when printing the time of a request we print only two non-zero digits






git-svn-id: svn://ttmath.org/publicrep/winix/trunk@994 e52654a7-88a9-db11-a3e9-0013d4bc506e
This commit is contained in:
Tomasz Sowa
2014-11-22 15:30:56 +00:00
parent 3547d326b8
commit 76314aab10
28 changed files with 1360 additions and 240 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
core/sessionmanager.h
View File

@@ -46,6 +46,7 @@
#include "system.h"
#include "synchro.h"
#include "basethread.h"
#include "sessionidmanager.h"
@@ -73,8 +74,10 @@ public:
void DeleteSessions(); // deleting all sessions
bool ChangeSessionId(long old_id);
void InitBanList();
void InitTmpSession();
void InitBanList();
void InitCookieEncoding();
void UninitTmpSession();
Session * GetTmpSession();
@@ -95,6 +98,10 @@ public:
void RemoveIPBan(int ip);
void ClearIPBanList();
bool EncodeSessionId(long id, unsigned int index, std::wstring & str);
private:
Config * config;
@@ -114,12 +121,18 @@ private:
// session with id 0
Session temporary_session;
SessionIdManager session_id_manager;
bool IsSession(long s);
long CreateSessionId();
void CreateSession();
bool SetSessionFromCookie(long id, bool has_index, unsigned int index);
bool SetSessionFromCookie(const std::wstring & cookie);
void SetTemporarySession();
unsigned int SetSessionCalcDifference(Session & ses, unsigned int index);
void SetSessionPutLogInfo(Session & ses, bool has_index, unsigned int difference);
// second thread
int deleted;