psiphon

Merge lp:~nurlan0000/psiphon/sprint3-610190 into lp:psiphon

  1. sprint3-610190
  2. Merge into trunk
Proposed by Nurlan Turdaliev
Status: Merged
Approved by: Adam P
Approved revision: 127
Merged at revision: 132
Proposed branch: lp:~nurlan0000/psiphon/sprint3-610190
Merge into: lp:psiphon
Diff against target: 356 lines (+85/-38)
7 files modified
trunk/cronjobs/cleanup_sessions_cron.php (+17/-11)
trunk/sql/upgrade-2.6.sql (+1/-0)
trunk/tools/psiphon_install.sh (+1/-1)
trunk/www/check_user.php (+26/-7)
trunk/www/config.php (+12/-4)
trunk/www/includes/lang.php (+13/-0)
trunk/www/profile.php (+15/-15)
To merge this branch: bzr merge lp:~nurlan0000/psiphon/sprint3-610190
Reviewer Review Type Date Requested Status
Adam P code read Approve
Nurlan Turdaliev (community) Needs Resubmitting
Adam Kruger Needs Fixing
e.fryntov Needs Fixing
Review via email: mp+34379@code.launchpad.net
To post a comment you must log in.
lp:~nurlan0000/psiphon/sprint3-610190 updated
122. By Nurlan <ubuntu@ubuntu-desktop>

Fixed minor bug

Revision history for this message
Adam Kruger (adam-kruger) wrote :

Code review comments:

- In cleanup_sessions_cron.php, we see the following line:
$query2 = "update user set session = NULL where session is not NULL and last_activity < (unix_timestamp() - {$config["stay_logged_in"]} ) AND stay_logged_in = 1";

It appears that $config["stay_logged_in"] does not exist and so this sql statement will fail, also causing subsequent sql statements to not run.

This is a severe and obvious error that should have been caught in testing. We did not perform any further review after seeing this error.
Please complete internal QA before resubmitting.

Another pre-existing coding error was identified which may help to identify further related errors:
sql_error_cli($query, $config["sql"]);
Note that $query does not exist, but instead there are numbered variables $query1, $query2, etc. This code should be restructured.

review: Needs Fixing (group review)
lp:~nurlan0000/psiphon/sprint3-610190 updated
123. By Nurlan Turdaliev <ubuntu@ubuntu-desktop>

Fixed cronjob bug

124. By Nurlan Turdaliev <ubuntu@ubuntu-desktop>

Fixed session cleanup cronjob

Revision history for this message
Nurlan Turdaliev (nurlan0000) :
review: Needs Resubmitting
Revision history for this message
e.fryntov (e-fryntov) wrote :

please remove the var_dump call from the cronjob.

review: Needs Fixing
lp:~nurlan0000/psiphon/sprint3-610190 updated
125. By Nurlan Turdaliev <ubuntu@ubuntu-desktop>

remove var_dump

Revision history for this message
Adam Kruger (adam-kruger) wrote :

- Please create a new permission in config.php (and use user_class_has_permission) for testing whether the Stay Logged In feature is available to a user, rather than repeating the test that the user is a Power User or a Normal User inline and in multiple files.

- Please rename cookie_persistence_period to something more specific to this functionality, such as stay_logged_in_ttl, and move this next to session_ttl

- Changing the value in the Profile page does not work because the cookie is not set when the Profile is updated. We have decided that this Profile option is undesirable and should be removed from the Profile page.

review: Needs Fixing (group review)
Revision history for this message
Nurlan Turdaliev (nurlan0000) :
review: Needs Resubmitting
Revision history for this message
Adam Kruger (adam-kruger) wrote :

I think the query in profile.php looks broken now:

- $query .= "xml_html = :xml_html ";
+ $query .= "xml_html = :xml_html, ";

This file should be reverted to the trunk version since there are no meaningful changes in this file.

review: Needs Fixing
Revision history for this message
Nurlan Turdaliev (nurlan0000) :
review: Needs Resubmitting
lp:~nurlan0000/psiphon/sprint3-610190 updated
126. By Nurlan Turdaliev <ubuntu@ubuntu-desktop>

Removed comma in sql query

127. By Nurlan Turdaliev <ubuntu@ubuntu-desktop>

Sql query fixed

Revision history for this message
Adam P (adam+) :
review: Approve (code read)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'trunk/cronjobs/cleanup_sessions_cron.php'
2--- trunk/cronjobs/cleanup_sessions_cron.php 2009-11-23 23:23:36 +0000
3+++ trunk/cronjobs/cleanup_sessions_cron.php 2010-11-15 11:09:48 +0000
4@@ -45,6 +45,8 @@
5 exit("{$argv[0]} is already running, pid {$pid}\n");
6 }
7
8+
9+
10 if ($f = @fopen($config["cleanup_sessions_pid_file"], "w"))
11 {
12 $pid = getmypid();
13@@ -56,30 +58,34 @@
14 echo "Can't create {$config["cleanup_sessions_pid_file"]}, keep running anyway.\n";
15 }
16
17+
18 // Cleanup all expired sessions
19 //
20 // For anonymous users (grp = 4), delete the user and cookie. For regular users,
21 // clear the session and delete the expired cookies (same as logout.php).
22 // also deletes orphaned cookie($query5)
23 // Don't need to parameterize the $config value.
24-$query1 = "update user set session = NULL where session is not NULL and last_activity < (unix_timestamp() - {$config["session_ttl"]})";
25+$queries[] = "update user set session = NULL where session is not NULL and last_activity < (unix_timestamp() - {$config["session_ttl"]}) AND stay_logged_in = 0";
26+$queries[] = "update user set session = NULL where session is not NULL and last_activity < (unix_timestamp() - {$config["stay_logged_in_ttl"]} ) AND stay_logged_in = 1";
27+
28 // NEW: older logic only deleted session and expired cookies ("(expire = -1 or expire < ".(date("U") - date("Z")).")") but now
29 // we clear all cookies when a user logs out so we're not hanging onto any 3rd party site credentials
30 // TODO: deleting from MySQL isn't wiping from disk, so the cookies table should be in-memory only (page locked)
31-$query2 = "delete from cookie using cookie inner join user where cookie.user = user.id and user.session is NULL";
32-$query3 = "delete from user where session is NULL and grp = '4'";
33-$query4 = "delete cookie from cookie left join user on cookie.user = user.id where user.id is NULL";
34+$queries[] = "delete from cookie using cookie inner join user where cookie.user = user.id and user.session is NULL";
35+$queries[] = "delete from user where session is NULL and grp = '4'";
36+$queries[] = "delete cookie from cookie left join user on cookie.user = user.id where user.id is NULL";
37
38-if (!db_query_execute($config, $query1, convert_null_array(array()), true) ||
39- !db_query_execute($config, $query2, convert_null_array(array()), true) ||
40- !db_query_execute($config, $query3, convert_null_array(array()), true) ||
41- !db_query_execute($config, $query4, convert_null_array(array()), true))
42+foreach ($queries as $query)
43 {
44- @unlink($config["cleanup_sessions_pid_file"]);
45- sql_error_cli($query, $config["sql"]);
46+ if (!db_query_execute($config, $query, convert_null_array(array()), true))
47+ {
48+ @unlink($config["cleanup_sessions_pid_file"]);
49+ sql_error_cli($query, $config["sql"]);
50+ }
51 }
52
53+
54 @unlink($config["cleanup_sessions_pid_file"]);
55
56 exit(0);
57-?>
58+?>
59\ No newline at end of file
60
61=== added file 'trunk/sql/upgrade-2.6.sql'
62--- trunk/sql/upgrade-2.6.sql 1970-01-01 00:00:00 +0000
63+++ trunk/sql/upgrade-2.6.sql 2010-11-15 11:09:48 +0000
64@@ -0,0 +1,1 @@
65+ALTER TABLE `user` ADD COLUMN `stay_logged_in` INTEGER NOT NULL DEFAULT 0;
66\ No newline at end of file
67
68=== modified file 'trunk/tools/psiphon_install.sh'
69--- trunk/tools/psiphon_install.sh 2010-06-01 17:50:42 +0000
70+++ trunk/tools/psiphon_install.sh 2010-11-15 11:09:48 +0000
71@@ -271,7 +271,7 @@
72 echo "Enter current password for mysql root (enter for none)"
73
74 cat sql/create_db.sql sql/grant.new.sql sql/structure.2.3.sql sql/init.sql \
75-sql/upgrade-2.4.sql sql/upgrade-2.5.sql sql/jsf.sql sql/youtube.sql | mysql -uroot -p
76+sql/upgrade-2.4.sql sql/upgrade-2.5.sql sql/upgrade-2.6.sql sql/jsf.sql sql/youtube.sql | mysql -uroot -p
77
78 rm sql/grant.new.sql
79
80
81=== modified file 'trunk/www/check_user.php'
82--- trunk/www/check_user.php 2010-09-29 20:00:51 +0000
83+++ trunk/www/check_user.php 2010-11-15 11:09:48 +0000
84@@ -57,6 +57,8 @@
85 break;
86 }
87
88+ $stay_logged_in = @$_POST['stay_logged_in'];
89+
90 // - Find user with matching username (password check done after, with salt)
91 // - Login delay: if login_delay is not 0, don't allow login
92 // if not passed the delay time. The delay time is set
93@@ -89,7 +91,7 @@
94 // (Is there a timing attack here, if == exits early? Attacker that knows salt could
95 // select login_pass in such a way as to probe the 1st, then 2nd, etc. byte of the
96 // hashed password. But failed login delay makes this intractable.)
97-
98+
99 $user_found = true;
100 if ((strlen($login_record['pass']) == 40 && $login_record['pass'] == sha1($_POST['login_pass'].$login_record['pass_salt'])) ||
101 (strlen($login_record['pass']) == 32 && $login_record['pass'] == md5($_POST['login_pass'])))
102@@ -140,7 +142,7 @@
103 {
104 // The user has no special permissions and so must log in from one of
105 // the proxies associated with his user record.
106-
107+
108 $login_query = "SELECT TRUE ".
109 "FROM userproxy JOIN proxy ON userproxy.proxyid = proxy.id ".
110 "WHERE userproxy.userid = :userid ".
111@@ -166,7 +168,7 @@
112 // Old code used MD5 and didn't salt passwords; pass_salt database field will be NULL
113 // in this case --> generate a salt and store a new hash since we have the plaintext
114 // password at this time.
115-
116+
117 if (!$login_record['pass_salt'] || strlen($login_record['pass_salt']) == 0)
118 {
119 $pass_salt = bin2hex(secure_rand());
120@@ -204,6 +206,9 @@
121 $login_region = lookup_region($config);
122 update_login_stats($config, $login_region, $login_record['proxy'], $login_record['grp']);
123
124+
125+ $can_stay_logged_in = user_has_permission($config, $login_record, 'stay_logged_in');
126+
127 // - Set user session (cookie), last login time, last login region
128 // - Reset failed login data to no delay
129 // - Set user's current proxy to the current proxy.
130@@ -216,6 +221,7 @@
131 " last_reg = :last_reg, ".
132 " login_delay = 0, ".
133 " consecutive_failed_logins = 0, ".
134+ ' stay_logged_in = '.($can_stay_logged_in && $stay_logged_in ? 1 : 0).', '.
135 " current_proxy = :proxy_id ".
136 "WHERE user.id = :user_id";
137
138@@ -229,6 +235,7 @@
139 ":user_id" => $login_record['id'],
140 ":proxy_id" => $login_record['proxy'])));
141
142+
143 if ($lang_selected)
144 {
145 $update_language_query =
146@@ -243,7 +250,15 @@
147 }
148
149 $_COOKIE[p] = $session_id;
150- header("Set-Cookie: p={$_COOKIE[p]}; path=/", false);
151+
152+ // Set cookie
153+ $cookie_str = "Set-Cookie: p={$_COOKIE[p]}; path=/;";
154+ if ($can_stay_logged_in && $stay_logged_in)
155+ {
156+ $cookie_str .= " expires=". gmdate('D, d-M-Y H:i:s', time() + $config['stay_logged_in_ttl']);
157+ }
158+
159+ header($cookie_str, false);
160
161 // TODO: need clarification on what this code is for...
162 $login_query = "DELETE FROM cookie WHERE user = :user_id AND (expire = -1 OR expire < ".(date("U") + date("Z")).")";
163@@ -278,7 +293,7 @@
164 // cases, we don't include the CSRF token in GET requests since a GET
165 // is idempotent and doesn't leak information.
166
167- if (!$csrf_token &&
168+ if (!$csrf_token &&
169 ((count($_POST) > 0 && $_POST['csrf_token'] != $record_user['csrf_token']) ||
170 ($do_get_csrf && count($_GET) > 0 && $_GET['csrf_token'] != $record_user['csrf_token'])))
171 {
172@@ -371,6 +386,10 @@
173 <td><label for="pass"><font class="fourteenblue"><?=msg("password")?></font></label></td>
174 <td><input type="password" name="login_pass" size="30" id="pass"></td>
175 </tr>
176+ <tr>
177+ <td><label for="stay_logged"><font class="fourteenblue"><?=msg("stay_logged_in")?></font></label></td>
178+ <td><input type="checkbox" name="stay_logged_in" id="stay_logged" value="1"></td>
179+ </tr>
180 <tr><td></td></tr>
181 <tr>
182 <td></td>
183@@ -417,7 +436,7 @@
184 header("Content-type: text/html; charset=".charset());
185 ?>
186 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
187-<html>
188+<html>
189 <head>
190 <title><?=msg("usage_terms_title")?></title>
191 <?=echo_css()?>
192@@ -473,4 +492,4 @@
193
194 // Proceed with the screens that include check_user.php...
195
196-?>
197+?>
198\ No newline at end of file
199
200=== modified file 'trunk/www/config.php'
201--- trunk/www/config.php 2010-06-28 20:44:20 +0000
202+++ trunk/www/config.php 2010-11-15 11:09:48 +0000
203@@ -40,7 +40,7 @@
204 }
205
206 $config["ret"] .= getenv("HTTP_HOST").
207- substr(getenv("SCRIPT_NAME"), 0,
208+ substr(getenv("SCRIPT_NAME"), 0,
209 strrpos(getenv("SCRIPT_NAME"), "/"));
210
211 // invitation is valid for 5 days, then it's deleted if not used
212@@ -53,6 +53,8 @@
213 $config["email_change_period"] = 60*60;
214
215 $config["session_ttl"] = 60*60; // session expires after 1 idle hour
216+// Period to stay logged in
217+$config['stay_logged_in_ttl'] = 2 * 7 * 24 * 60 * 60; // 2 weeks
218
219 $config[min_pass_length] = 6;
220 $config[max_login_delay] = 30; // 30 seconds
221@@ -99,6 +101,7 @@
222 'view_propagator_info' => 1<<19,
223 'multi_proxy' => 1<20,
224 'custom_user_agents' => 1<<21,
225+ 'stay_logged_in' => 1<<23,
226 );
227
228 // This defines the order in which the user groups/classes should be displayed. Generally, least-to-highest privilege.
229@@ -140,7 +143,8 @@
230 | $config['perm']['send_ticket']
231 | $config['perm']['bookmarks']
232 | $config['perm']['logout']
233- | $config['perm']['can_grant_grp_3'],
234+ | $config['perm']['can_grant_grp_3']
235+ | $config['perm']['stay_logged_in'],
236
237 // User
238 // NOTE: '3' is the grp default in the invitation table. So if the 3 changes here, it'll have to change there.
239@@ -150,7 +154,8 @@
240 | $config['perm']['send_ticket']
241 | $config['perm']['bookmarks']
242 | $config['perm']['logout']
243- | $config['perm']['can_grant_grp_3'],
244+ | $config['perm']['can_grant_grp_3']
245+ | $config['perm']['stay_logged_in'],
246
247 // Anonymous User
248
249@@ -247,4 +252,7 @@
250
251 $config["geoip_type"]= "country";
252 $config["geoip_data_file"] = "/usr/share/GeoIP/GeoIP.dat";
253-?>
254+
255+
256+
257+?>
258\ No newline at end of file
259
260=== modified file 'trunk/www/includes/lang.php'
261--- trunk/www/includes/lang.php 2010-10-14 16:26:29 +0000
262+++ trunk/www/includes/lang.php 2010-11-15 11:09:48 +0000
263@@ -4934,6 +4934,19 @@
264 'be' => "Войти, используя другую учетную запись",
265 ),
266
267+ 'stay_logged_in' => array(
268+ 'en' => 'Stay logged in',
269+ 'fa' => 'Stay logged in',
270+ 'ru' => 'Stay logged in',
271+ 'uz' => 'Stay logged in',
272+ 'tk' => 'Stay logged in',
273+ 'cn' => 'Stay logged in',
274+ 'ar' => 'Stay logged in',
275+ 'vt' => 'Stay logged in',
276+ 'fr' => 'Stay logged in',
277+ 'es' => 'Stay logged in',
278+ ),
279+
280 'custom_user_agents' => array(
281 'en' => "User Agents",
282 'fa' => "کاربران",
283
284=== modified file 'trunk/www/profile.php'
285--- trunk/www/profile.php 2010-07-16 17:53:05 +0000
286+++ trunk/www/profile.php 2010-11-15 11:09:48 +0000
287@@ -103,12 +103,12 @@
288 // This is unfortunate but acceptable (at this time).
289
290 if (db_check_if_value_exists(
291- $config,
292- "user",
293- "uname",
294- $_POST['uname'],
295- "id != :id",
296- array(":id" => $record_user['id'])))
297+ $config,
298+ "user",
299+ "uname",
300+ $_POST['uname'],
301+ "id != :id",
302+ array(":id" => $record_user['id'])))
303 {
304 $processing_errors[] = msg("username_exists_in_database");
305 $curs = "profile.uname";
306@@ -155,12 +155,12 @@
307 // This is unfortunate but acceptable (at this time).
308
309 if (db_check_if_value_exists(
310- $config,
311- "user",
312- "email",
313- $_POST['email'],
314- "id != :id",
315- array(":id" => $record_user['id'])))
316+ $config,
317+ "user",
318+ "email",
319+ $_POST['email'],
320+ "id != :id",
321+ array(":id" => $record_user['id'])))
322 {
323 $processing_errors[] = msg("email_exists_in_database");
324 $curs = "profile.email";
325@@ -172,7 +172,7 @@
326 // check if enough time has passed since user last caused an
327 // email to be sent out
328 if ($record_user[email_candidate_date] &&
329- $record_user[email_candidate_date] + $config["email_change_period"] > time())
330+ $record_user[email_candidate_date] + $config["email_change_period"] > time())
331 {
332 $processing_errors[] = msg("must_wait_to_change_email");
333 $curs="profile.email";
334@@ -247,6 +247,7 @@
335
336 include($_SERVER[DOCUMENT_ROOT]."/header.php");
337
338+
339 ?>
340 <br>
341 <div style="width:50em;"><?=sprintf(msg("privacy_info_html"), make_proxied_url($config["psiphon_web_resource_page"]))?></div>
342@@ -305,7 +306,6 @@
343 <th align="right"><?=msg("xml_html")?></th>
344 <td nowrap><input type="checkbox" name="xml_html" value="1"<?=$record_user["xml_html"]?" checked":""?>></td>
345 </tr>
346-
347 <tr>
348 <td>&nbsp;</td>
349 <td><input type="submit" value="<?=msg("update")?>">
350@@ -314,4 +314,4 @@
351
352 </form>
353
354-<? include($_SERVER[DOCUMENT_ROOT]."/footer.php"); ?>
355+<? include($_SERVER[DOCUMENT_ROOT]."/footer.php"); ?>
356\ No newline at end of file

Subscribers

People subscribed via source and target branches