URL: https://github.com/freeipa/freeipa/pull/609 Author: stlaz Title: #609: [4.4] Fix cookie with Max-Age processing Action: opened
PR body: """ When cookie has Max-Age set it tries to get expiration by adding to a timestamp. Without this patch the timestamp would be set to None and thus the addition of timestamp + max_age fails https://pagure.io/freeipa/issue/6718 Reviewed-By: Simo Sorce <sso...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/609/head:pr609 git checkout pr609
From ff09ec7debf00a690f3a9e1f27891439bd6221c5 Mon Sep 17 00:00:00 2001 From: Stanislav Laznicka <slazn...@redhat.com> Date: Thu, 2 Mar 2017 09:11:34 +0100 Subject: [PATCH] Fix cookie with Max-Age processing When cookie has Max-Age set it tries to get expiration by adding to a timestamp. Without this patch the timestamp would be set to None and thus the addition of timestamp + max_age fails https://pagure.io/freeipa/issue/6718 Reviewed-By: Simo Sorce <sso...@redhat.com> --- ipalib/rpc.py | 13 +++++++++---- ipapython/cookie.py | 5 ++++- 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/ipalib/rpc.py b/ipalib/rpc.py index 1c00289..cd14d91 100644 --- a/ipalib/rpc.py +++ b/ipalib/rpc.py @@ -699,8 +699,11 @@ def store_session_cookie(self, cookie_header): # Search for the session cookie try: - session_cookie = Cookie.get_named_cookie_from_string(cookie_header, - COOKIE_NAME, request_url) + session_cookie = ( + Cookie.get_named_cookie_from_string( + cookie_header, COOKIE_NAME, request_url, + timestamp=datetime.datetime.utcnow()) + ) except Exception as e: root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e) return @@ -794,8 +797,10 @@ def get_session_cookie_from_persistent_storage(self, principal): # Search for the session cookie within the cookie string try: - session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME) - except Exception as e: + session_cookie = Cookie.get_named_cookie_from_string( + cookie_string, COOKIE_NAME, + timestamp=datetime.datetime.utcnow()) + except Exception: return None return session_cookie diff --git a/ipapython/cookie.py b/ipapython/cookie.py index 89c3e3c..2831394 100644 --- a/ipapython/cookie.py +++ b/ipapython/cookie.py @@ -320,7 +320,8 @@ def parse(cls, cookie_string, request_url=None): return cookies @classmethod - def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=None): + def get_named_cookie_from_string(cls, cookie_string, cookie_name, + request_url=None, timestamp=None): ''' A cookie string may contain multiple cookies, parse the cookie string and return the last cookie in the string matching the @@ -342,6 +343,8 @@ def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=No if cookie.key == cookie_name: target_cookie = cookie + if timestamp is not None: + target_cookie.timestamp = timestamp if request_url is not None: target_cookie.normalize(request_url) return target_cookie
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code
