mod_session: Session expiry was being initialised, but not updated

on each session save, resulting in timed out sessions when there
should not have been. Fixed.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905490 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 7be8e53ba26cd3a6b9b292b0e2d5cabe6bfcb7f9..6fad8e071c4ea6ceb2d777f37bc5d3e32d963a87 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 
 Changes with Apache 2.3.6
 
+  *) mod_session: Session expiry was being initialised, but not updated
+     on each session save, resulting in timed out sessions when there
+     should not have been. Fixed. [Graham Leggett]
+
   *) mod_log_config: Add the R option to log the handler used within the
      request. [Christian Folini <christian.folini netnea com>]
 

diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
index fa56b368310de712c832af1658e4867f0e5f4869..b6a75591ea567231fd95250bc3e4d38554ecb4ba 100644 (file)
--- a/modules/session/mod_session.c
+++ b/modules/session/mod_session.c
@@ -174,6 +174,9 @@ static int ap_session_save(request_rec * r, session_rec * z)
         apr_time_t now = apr_time_now();
         int rv = 0;
 
+        session_dir_conf *dconf = ap_get_module_config(r->per_dir_config,
+                                                       &session_module);
+
         /* sanity checks, should we try save at all? */
         if (z->written) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, SESSION_PREFIX
@@ -188,6 +191,12 @@ static int ap_session_save(request_rec * r, session_rec * z)
             return APR_EGENERAL;
         }
 
+        /* reset the expiry back to maxage, if the expiry is present */
+        if (dconf->maxage) {
+            z->expiry = now + dconf->maxage * APR_USEC_PER_SEC;
+            z->maxage = dconf->maxage;
+        }
+
         /* encode the session */
         rv = ap_run_session_encode(r, z);
         if (OK != rv) {