Fix cookie with Max-Age processing

When cookie has Max-Age set it tries to get expiration by adding to a timestamp. Without this patch the timestamp would be set to None and thus the addition of timestamp + max_age fails https://pagure.io/freeipa/issue/6774 Reviewed-By: Martin Basti <mbasti@redhat.com>
2025-02-25 18:55:28 -06:00 · 2017-03-02 09:11:34 +01:00
parent 95daecbae8
commit 40f3b8f8a3
2 changed files with 13 additions and 5 deletions
--- a/ipalib/rpc.py
+++ b/ipalib/rpc.py
@@ -699,8 +699,11 @@ class KerbTransport(SSLTransport):

        # Search for the session cookie
        try:
-            session_cookie = Cookie.get_named_cookie_from_string(cookie_header,
-                                                                 COOKIE_NAME, request_url)
+            session_cookie = (
+                    Cookie.get_named_cookie_from_string(
+                        cookie_header, COOKIE_NAME, request_url,
+                        timestamp=datetime.datetime.utcnow())
+            )
        except Exception as e:
            root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e)
            return
@@ -794,8 +797,10 @@ class RPCClient(Connectible):

        # Search for the session cookie within the cookie string
        try:
-            session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME)
-        except Exception as e:
+            session_cookie = Cookie.get_named_cookie_from_string(
+                cookie_string, COOKIE_NAME,
+                timestamp=datetime.datetime.utcnow())
+        except Exception:
            return None

        return session_cookie
--- a/ipapython/cookie.py
+++ b/ipapython/cookie.py
@@ -320,7 +320,8 @@ class Cookie(object):
        return cookies

    @classmethod
-    def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=None):
+    def get_named_cookie_from_string(cls, cookie_string, cookie_name,
+                                     request_url=None, timestamp=None):
        '''
        A cookie string may contain multiple cookies, parse the cookie
        string and return the last cookie in the string matching the
@@ -342,6 +343,8 @@ class Cookie(object):
            if cookie.key == cookie_name:
                target_cookie = cookie

+        if timestamp is not None:
+            target_cookie.timestamp = timestamp
        if request_url is not None:
            target_cookie.normalize(request_url)
        return target_cookie