You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2014/01/24 14:02:42 UTC

svn commit: r1560977 - in /httpd/httpd/trunk: CHANGES modules/session/mod_session.c

Author: minfrin
Date: Fri Jan 24 13:02:42 2014
New Revision: 1560977

URL: http://svn.apache.org/r1560977
Log:
mod_session: When we have a session we were unable to decode, behave as if there was no session at all.

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/session/mod_session.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1560977&r1=1560976&r2=1560977&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Jan 24 13:02:42 2014
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) mod_session: When we have a session we were unable to decode,
+     behave as if there was no session at all. [Thomas Eckert
+     <thomas.r.w.eckert gmail com>]
+
   *) mod_session: Fix problems interpreting the SessionInclude and
      SessionExclude configuration. PR 56038. [Erik Pearson
      <erik adaptations.com>]

Modified: httpd/httpd/trunk/modules/session/mod_session.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/session/mod_session.c?rev=1560977&r1=1560976&r2=1560977&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/session/mod_session.c (original)
+++ httpd/httpd/trunk/modules/session/mod_session.c Fri Jan 24 13:02:42 2014
@@ -126,22 +126,28 @@ static apr_status_t ap_session_load(requ
 
     /* found a session that hasn't expired? */
     now = apr_time_now();
-    if (!zz || (zz->expiry && zz->expiry < now)) {
+    if (zz) {
+        if (zz->expiry && zz->expiry < now) {
+            zz = NULL;
+        }
+        else {
+            /* having a session we cannot decode is just as good as having
+               none at all */
+            rv = ap_run_session_decode(r, zz);
+            if (OK != rv) {
+                ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01817)
+                              "error while decoding the session, "
+                              "session not loaded: %s", r->uri);
+                zz = NULL;
+            }
+        }
+    }
 
-        /* no luck, create a blank session */
+    /* no luck, create a blank session */
+    if (!zz) {
         zz = (session_rec *) apr_pcalloc(r->pool, sizeof(session_rec));
         zz->pool = r->pool;
         zz->entries = apr_table_make(zz->pool, 10);
-
-    }
-    else {
-        rv = ap_run_session_decode(r, zz);
-        if (OK != rv) {
-            ap_log_rerror(APLOG_MARK, APLOG_ERR, rv, r, APLOGNO(01817)
-                          "error while decoding the session, "
-                          "session not loaded: %s", r->uri);
-            return rv;
-        }
     }
 
     /* make sure the expiry and maxage are set, if present */