IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Fix cookie with Max-Age processing

Browse Source 
When cookie has Max-Age set it tries to get expiration by adding
to a timestamp. Without this patch the timestamp would be set to
None and thus the addition of timestamp + max_age fails

https://pagure.io/freeipa/issue/6774

Reviewed-By: Martin Basti <mbasti@redhat.com>
This commit is contained in:
Stanislav Laznicka
2017-03-02 09:11:34 +01:00
committed by Tomas Krizek
parent 95daecbae8
commit 40f3b8f8a3
2 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
ipalib/rpc.py
View File

@@ -699,8 +699,11 @@ class KerbTransport(SSLTransport):
# Search for the session cookie # Search for the session cookie
try: try:
session_cookie = Cookie.get_named_cookie_from_string(cookie_header, session_cookie = (
COOKIE_NAME, request_url) Cookie.get_named_cookie_from_string(
cookie_header, COOKIE_NAME, request_url,
timestamp=datetime.datetime.utcnow())
)
except Exception as e: except Exception as e:
root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e) root_logger.error("unable to parse cookie header '%s': %s", cookie_header, e)
return return
@@ -794,8 +797,10 @@ class RPCClient(Connectible):
# Search for the session cookie within the cookie string # Search for the session cookie within the cookie string
try: try:
session_cookie = Cookie.get_named_cookie_from_string(cookie_string, COOKIE_NAME) session_cookie = Cookie.get_named_cookie_from_string(
except Exception as e: cookie_string, COOKIE_NAME,
timestamp=datetime.datetime.utcnow())
except Exception:
return None return None
return session_cookie return session_cookie

5
ipapython/cookie.py
View File

@@ -320,7 +320,8 @@ class Cookie(object):
return cookies return cookies
@classmethod @classmethod
def get_named_cookie_from_string(cls, cookie_string, cookie_name, request_url=None): def get_named_cookie_from_string(cls, cookie_string, cookie_name,
request_url=None, timestamp=None):
''' '''
A cookie string may contain multiple cookies, parse the cookie A cookie string may contain multiple cookies, parse the cookie
string and return the last cookie in the string matching the string and return the last cookie in the string matching the
@@ -342,6 +343,8 @@ class Cookie(object):
if cookie.key == cookie_name: if cookie.key == cookie_name:
target_cookie = cookie target_cookie = cookie
if timestamp is not None:
target_cookie.timestamp = timestamp
if request_url is not None: if request_url is not None:
target_cookie.normalize(request_url) target_cookie.normalize(request_url)
return target_cookie return target_cookie