search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
wininet: Added missing LeaveCriticalSection to set_cookie (coverity).
[wine.git] / dlls / wininet / cookie.c
blob5de23044f7d984be3db3918dd557fbe42c52e3a0
1 /*
2 * Wininet - cookie handling stuff
3 *
4 * Copyright 2002 TransGaming Technologies Inc.
5 *
6 * David Hammerton
7 *
8 * This library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public
10 * License as published by the Free Software Foundation; either
11 * version 2.1 of the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 */
22
23 #include "ws2tcpip.h"
24
25 #include <stdarg.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <assert.h>
30
31 #include "windef.h"
32 #include "winbase.h"
33 #include "wininet.h"
34 #include "lmcons.h"
35 #include "winerror.h"
36
37 #include "wine/debug.h"
38 #include "internet.h"
39
40 #define RESPONSE_TIMEOUT 30 /* FROM internet.c */
41
42
43 WINE_DEFAULT_DEBUG_CHANNEL(wininet);
44
45 /* FIXME
46 * Cookies could use A LOT OF MEMORY. We need some kind of memory management here!
47 */
48
49 struct _cookie_domain_t;
50 struct _cookie_container_t;
51
52 typedef struct _cookie_t {
53 struct list entry;
54
55 struct _cookie_container_t *container;
56
57 WCHAR *name;
58 WCHAR *data;
59 DWORD flags;
60 FILETIME expiry;
61 FILETIME create;
62 } cookie_t;
63
64 typedef struct _cookie_container_t {
65 struct list entry;
66
67 WCHAR *cookie_url;
68 substr_t path;
69 struct _cookie_domain_t *domain;
70
71 struct list cookie_list;
72 } cookie_container_t;
73
74 typedef struct _cookie_domain_t {
75 struct list entry;
76
77 WCHAR *domain;
78 unsigned subdomain_len;
79
80 struct _cookie_domain_t *parent;
81 struct list subdomain_list;
82
83 /* List of stored paths sorted by length of the path. */
84 struct list path_list;
85 } cookie_domain_t;
86
87 static CRITICAL_SECTION cookie_cs;
88 static CRITICAL_SECTION_DEBUG cookie_cs_debug =
89 {
90 0, 0, &cookie_cs,
91 { &cookie_cs_debug.ProcessLocksList, &cookie_cs_debug.ProcessLocksList },
92 0, 0, { (DWORD_PTR)(__FILE__ ": cookie_cs") }
93 };
94 static CRITICAL_SECTION cookie_cs = { &cookie_cs_debug, -1, 0, 0, 0, 0 };
95 static struct list domain_list = LIST_INIT(domain_list);
96
97 static cookie_domain_t *get_cookie_domain(substr_t domain, BOOL create)
98 {
99 const WCHAR *ptr = domain.str + domain.len, *ptr_end, *subdomain_ptr;
100 cookie_domain_t *iter, *current_domain, *prev_domain = NULL;
101 struct list *current_list = &domain_list;
102
103 while(1) {
104 for(ptr_end = ptr--; ptr > domain.str && *ptr != '.'; ptr--);
105 subdomain_ptr = *ptr == '.' ? ptr+1 : ptr;
106
107 current_domain = NULL;
108 LIST_FOR_EACH_ENTRY(iter, current_list, cookie_domain_t, entry) {
109 if(ptr_end-subdomain_ptr == iter->subdomain_len
110 && !memcmp(subdomain_ptr, iter->domain, iter->subdomain_len*sizeof(WCHAR))) {
111 current_domain = iter;
112 break;
113 }
114 }
115
116 if(!current_domain) {
117 if(!create)
118 return prev_domain;
119
120 current_domain = heap_alloc(sizeof(*current_domain));
121 if(!current_domain)
122 return NULL;
123
124 current_domain->domain = heap_strndupW(subdomain_ptr, domain.str + domain.len - subdomain_ptr);
125 if(!current_domain->domain) {
126 heap_free(current_domain);
127 return NULL;
128 }
129
130 current_domain->subdomain_len = ptr_end-subdomain_ptr;
131
132 current_domain->parent = prev_domain;
133 list_init(&current_domain->path_list);
134 list_init(&current_domain->subdomain_list);
135
136 list_add_tail(current_list, &current_domain->entry);
137 }
138
139 if(ptr == domain.str)
140 return current_domain;
141
142 prev_domain = current_domain;
143 current_list = &current_domain->subdomain_list;
144 }
145 }
146
147 static WCHAR *create_cookie_url(substr_t domain, substr_t path, substr_t *ret_path)
148 {
149 WCHAR user[UNLEN], *p, *url;
150 DWORD len, user_len, i;
151
152 static const WCHAR cookie_prefix[] = {'C','o','o','k','i','e',':'};
153
154 user_len = sizeof(user)/sizeof(WCHAR);
155 if(!GetUserNameW(user, &user_len))
156 return FALSE;
157 user_len--;
158
159 len = sizeof(cookie_prefix)/sizeof(WCHAR) + user_len + 1 /* @ */ + domain.len + path.len;
160 url = heap_alloc((len+1) * sizeof(WCHAR));
161 if(!url)
162 return NULL;
163
164 memcpy(url, cookie_prefix, sizeof(cookie_prefix));
165 p = url + sizeof(cookie_prefix)/sizeof(WCHAR);
166
167 memcpy(p, user, user_len*sizeof(WCHAR));
168 p += user_len;
169
170 *p++ = '@';
171
172 memcpy(p, domain.str, domain.len*sizeof(WCHAR));
173 p += domain.len;
174
175 for(i=0; i < path.len; i++)
176 p[i] = tolowerW(path.str[i]);
177 p[path.len] = 0;
178
179 ret_path->str = p;
180 ret_path->len = path.len;
181 return url;
182 }
183
184 static cookie_container_t *get_cookie_container(substr_t domain, substr_t path, BOOL create)
185 {
186 cookie_domain_t *cookie_domain;
187 cookie_container_t *cookie_container, *iter;
188
189 cookie_domain = get_cookie_domain(domain, create);
190 if(!cookie_domain)
191 return NULL;
192
193 LIST_FOR_EACH_ENTRY(cookie_container, &cookie_domain->path_list, cookie_container_t, entry) {
194 if(cookie_container->path.len < path.len)
195 break;
196
197 if(path.len == cookie_container->path.len && !strncmpiW(cookie_container->path.str, path.str, path.len))
198 return cookie_container;
199 }
200
201 if(!create)
202 return NULL;
203
204 cookie_container = heap_alloc(sizeof(*cookie_container));
205 if(!cookie_container)
206 return NULL;
207
208 cookie_container->cookie_url = create_cookie_url(substrz(cookie_domain->domain), path, &cookie_container->path);
209 if(!cookie_container->cookie_url) {
210 heap_free(cookie_container);
211 return NULL;
212 }
213
214 cookie_container->domain = cookie_domain;
215 list_init(&cookie_container->cookie_list);
216
217 LIST_FOR_EACH_ENTRY(iter, &cookie_domain->path_list, cookie_container_t, entry) {
218 if(iter->path.len <= path.len) {
219 list_add_before(&iter->entry, &cookie_container->entry);
220 return cookie_container;
221 }
222 }
223
224 list_add_tail(&cookie_domain->path_list, &cookie_container->entry);
225 return cookie_container;
226 }
227
228 static void delete_cookie(cookie_t *cookie)
229 {
230 list_remove(&cookie->entry);
231
232 heap_free(cookie->name);
233 heap_free(cookie->data);
234 heap_free(cookie);
235 }
236
237 static cookie_t *alloc_cookie(substr_t name, substr_t data, FILETIME expiry, FILETIME create_time, DWORD flags)
238 {
239 cookie_t *new_cookie;
240
241 new_cookie = heap_alloc(sizeof(*new_cookie));
242 if(!new_cookie)
243 return NULL;
244
245 new_cookie->expiry = expiry;
246 new_cookie->create = create_time;
247 new_cookie->flags = flags;
248 list_init(&new_cookie->entry);
249
250 new_cookie->name = heap_strndupW(name.str, name.len);
251 new_cookie->data = heap_strndupW(data.str, data.len);
252 if(!new_cookie->name || !new_cookie->data) {
253 delete_cookie(new_cookie);
254 return NULL;
255 }
256
257 return new_cookie;
258 }
259
260 static cookie_t *find_cookie(cookie_container_t *container, substr_t name)
261 {
262 cookie_t *iter;
263
264 LIST_FOR_EACH_ENTRY(iter, &container->cookie_list, cookie_t, entry) {
265 if(strlenW(iter->name) == name.len && !strncmpiW(iter->name, name.str, name.len))
266 return iter;
267 }
268
269 return NULL;
270 }
271
272 static void add_cookie(cookie_container_t *container, cookie_t *new_cookie)
273 {
274 TRACE("Adding %s=%s to %s\n", debugstr_w(new_cookie->name), debugstr_w(new_cookie->data),
275 debugstr_w(container->cookie_url));
276
277 list_add_tail(&container->cookie_list, &new_cookie->entry);
278 new_cookie->container = container;
279 }
280
281 static void replace_cookie(cookie_container_t *container, cookie_t *new_cookie)
282 {
283 cookie_t *old_cookie;
284
285 old_cookie = find_cookie(container, substrz(new_cookie->name));
286 if(old_cookie)
287 delete_cookie(old_cookie);
288
289 add_cookie(container, new_cookie);
290 }
291
292 static BOOL cookie_match_path(cookie_container_t *container, substr_t path)
293 {
294 return path.len >= container->path.len && !strncmpiW(container->path.str, path.str, container->path.len);
295 }
296
297 static BOOL load_persistent_cookie(substr_t domain, substr_t path)
298 {
299 INTERNET_CACHE_ENTRY_INFOW *info;
300 cookie_container_t *cookie_container;
301 cookie_t *new_cookie;
302 HANDLE cookie;
303 char *str = NULL, *pbeg, *pend;
304 DWORD size, flags;
305 WCHAR *name, *data;
306 FILETIME expiry, create, time;
307
308 cookie_container = get_cookie_container(domain, path, TRUE);
309 if(!cookie_container)
310 return FALSE;
311
312 size = 0;
313 RetrieveUrlCacheEntryStreamW(cookie_container->cookie_url, NULL, &size, FALSE, 0);
314 if(GetLastError() != ERROR_INSUFFICIENT_BUFFER)
315 return TRUE;
316 info = heap_alloc(size);
317 if(!info)
318 return FALSE;
319 cookie = RetrieveUrlCacheEntryStreamW(cookie_container->cookie_url, info, &size, FALSE, 0);
320 size = info->dwSizeLow;
321 heap_free(info);
322 if(!cookie)
323 return FALSE;
324
325 if(!(str = heap_alloc(size+1)) || !ReadUrlCacheEntryStream(cookie, 0, str, &size, 0)) {
326 UnlockUrlCacheEntryStream(cookie, 0);
327 heap_free(str);
328 return FALSE;
329 }
330 str[size] = 0;
331 UnlockUrlCacheEntryStream(cookie, 0);
332
333 GetSystemTimeAsFileTime(&time);
334 for(pbeg=str; pbeg && *pbeg; name=data=NULL) {
335 pend = strchr(pbeg, '\n');
336 if(!pend)
337 break;
338 *pend = 0;
339 name = heap_strdupAtoW(pbeg);
340
341 pbeg = pend+1;
342 pend = strchr(pbeg, '\n');
343 if(!pend)
344 break;
345 *pend = 0;
346 data = heap_strdupAtoW(pbeg);
347
348 pbeg = strchr(pend+1, '\n');
349 if(!pbeg)
350 break;
351 sscanf(pbeg, "%u %u %u %u %u", &flags, &expiry.dwLowDateTime, &expiry.dwHighDateTime,
352 &create.dwLowDateTime, &create.dwHighDateTime);
353
354 /* skip "*\n" */
355 pbeg = strchr(pbeg, '*');
356 if(pbeg) {
357 pbeg++;
358 if(*pbeg)
359 pbeg++;
360 }
361
362 if(!name || !data)
363 break;
364
365 if(CompareFileTime(&time, &expiry) <= 0) {
366 new_cookie = alloc_cookie(substr(NULL, 0), substr(NULL, 0), expiry, create, flags);
367 if(!new_cookie)
368 break;
369
370 new_cookie->name = name;
371 new_cookie->data = data;
372
373 replace_cookie(cookie_container, new_cookie);
374 }else {
375 heap_free(name);
376 heap_free(data);
377 }
378 }
379 heap_free(str);
380 heap_free(name);
381 heap_free(data);
382
383 return TRUE;
384 }
385
386 static BOOL save_persistent_cookie(cookie_container_t *container)
387 {
388 static const WCHAR txtW[] = {'t','x','t',0};
389
390 WCHAR cookie_file[MAX_PATH];
391 HANDLE cookie_handle;
392 cookie_t *cookie_container = NULL, *cookie_iter;
393 BOOL do_save = FALSE;
394 char buf[64], *dyn_buf;
395 FILETIME time;
396 DWORD bytes_written;
397 size_t len;
398
399 /* check if there's anything to save */
400 GetSystemTimeAsFileTime(&time);
401 LIST_FOR_EACH_ENTRY_SAFE(cookie_container, cookie_iter, &container->cookie_list, cookie_t, entry)
402 {
403 if((cookie_container->expiry.dwLowDateTime || cookie_container->expiry.dwHighDateTime)
404 && CompareFileTime(&time, &cookie_container->expiry) > 0) {
405 delete_cookie(cookie_container);
406 continue;
407 }
408
409 if(!(cookie_container->flags & INTERNET_COOKIE_IS_SESSION)) {
410 do_save = TRUE;
411 break;
412 }
413 }
414
415 if(!do_save) {
416 DeleteUrlCacheEntryW(container->cookie_url);
417 return TRUE;
418 }
419
420 if(!CreateUrlCacheEntryW(container->cookie_url, 0, txtW, cookie_file, 0))
421 return FALSE;
422
423 cookie_handle = CreateFileW(cookie_file, GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
424 if(cookie_handle == INVALID_HANDLE_VALUE) {
425 DeleteFileW(cookie_file);
426 return FALSE;
427 }
428
429 LIST_FOR_EACH_ENTRY(cookie_container, &container->cookie_list, cookie_t, entry)
430 {
431 if(cookie_container->flags & INTERNET_COOKIE_IS_SESSION)
432 continue;
433
434 dyn_buf = heap_strdupWtoA(cookie_container->name);
435 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) {
436 heap_free(dyn_buf);
437 do_save = FALSE;
438 break;
439 }
440 heap_free(dyn_buf);
441 if(!WriteFile(cookie_handle, "\n", 1, &bytes_written, NULL)) {
442 do_save = FALSE;
443 break;
444 }
445
446 dyn_buf = heap_strdupWtoA(cookie_container->data);
447 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) {
448 heap_free(dyn_buf);
449 do_save = FALSE;
450 break;
451 }
452 heap_free(dyn_buf);
453 if(!WriteFile(cookie_handle, "\n", 1, &bytes_written, NULL)) {
454 do_save = FALSE;
455 break;
456 }
457
458 dyn_buf = heap_strdupWtoA(container->domain->domain);
459 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) {
460 heap_free(dyn_buf);
461 do_save = FALSE;
462 break;
463 }
464 heap_free(dyn_buf);
465
466 len = WideCharToMultiByte(CP_ACP, 0, container->path.str, container->path.len, NULL, 0, NULL, NULL);
467 dyn_buf = heap_alloc(len+1);
468 if(dyn_buf) {
469 WideCharToMultiByte(CP_ACP, 0, container->path.str, container->path.len, dyn_buf, len, NULL, NULL);
470 dyn_buf[len] = 0;
471 }
472 if(!dyn_buf || !WriteFile(cookie_handle, dyn_buf, strlen(dyn_buf), &bytes_written, NULL)) {
473 heap_free(dyn_buf);
474 do_save = FALSE;
475 break;
476 }
477 heap_free(dyn_buf);
478
479 sprintf(buf, "\n%u\n%u\n%u\n%u\n%u\n*\n", cookie_container->flags,
480 cookie_container->expiry.dwLowDateTime, cookie_container->expiry.dwHighDateTime,
481 cookie_container->create.dwLowDateTime, cookie_container->create.dwHighDateTime);
482 if(!WriteFile(cookie_handle, buf, strlen(buf), &bytes_written, NULL)) {
483 do_save = FALSE;
484 break;
485 }
486 }
487
488 CloseHandle(cookie_handle);
489 if(!do_save) {
490 ERR("error saving cookie file\n");
491 DeleteFileW(cookie_file);
492 return FALSE;
493 }
494
495 memset(&time, 0, sizeof(time));
496 return CommitUrlCacheEntryW(container->cookie_url, cookie_file, time, time, 0, NULL, 0, txtW, 0);
497 }
498
499 static BOOL cookie_parse_url(const WCHAR *url, substr_t *host, substr_t *path)
500 {
501 URL_COMPONENTSW comp = { sizeof(comp) };
502 static const WCHAR rootW[] = {'/',0};
503
504 comp.dwHostNameLength = 1;
505 comp.dwUrlPathLength = 1;
506
507 if(!InternetCrackUrlW(url, 0, 0, &comp) || !comp.dwHostNameLength)
508 return FALSE;
509
510 /* discard the webpage off the end of the path */
511 while(comp.dwUrlPathLength && comp.lpszUrlPath[comp.dwUrlPathLength-1] != '/')
512 comp.dwUrlPathLength--;
513
514 *host = substr(comp.lpszHostName, comp.dwHostNameLength);
515 *path = comp.dwUrlPathLength ? substr(comp.lpszUrlPath, comp.dwUrlPathLength) : substr(rootW, 1);
516 return TRUE;
517 }
518
519 typedef struct {
520 cookie_t **cookies;
521 unsigned cnt;
522 unsigned size;
523
524 unsigned string_len;
525 } cookie_set_t;
526
527 static DWORD get_cookie(substr_t host, substr_t path, DWORD flags, cookie_set_t *res)
528 {
529 static const WCHAR empty_path[] = { '/',0 };
530
531 const WCHAR *p;
532 cookie_domain_t *domain;
533 cookie_container_t *container;
534 FILETIME tm;
535
536 GetSystemTimeAsFileTime(&tm);
537
538 p = host.str + host.len;
539 while(p > host.str && p[-1] != '.') p--;
540 while(p != host.str) {
541 p--;
542 while(p > host.str && p[-1] != '.') p--;
543 if(p == host.str) break;
544
545 load_persistent_cookie(substr(p, host.str+host.len-p), substr(empty_path, 1));
546 }
547
548 p = path.str + path.len;
549 do {
550 load_persistent_cookie(host, substr(path.str, p-path.str));
551
552 p--;
553 while(p > path.str && p[-1] != '/') p--;
554 }while(p != path.str);
555
556 domain = get_cookie_domain(host, FALSE);
557 if(!domain) {
558 TRACE("Unknown host %s\n", debugstr_wn(host.str, host.len));
559 return ERROR_NO_MORE_ITEMS;
560 }
561
562 for(domain = get_cookie_domain(host, FALSE); domain; domain = domain->parent) {
563 TRACE("Trying %s domain...\n", debugstr_w(domain->domain));
564
565 LIST_FOR_EACH_ENTRY(container, &domain->path_list, cookie_container_t, entry) {
566 struct list *cursor, *cursor2;
567
568 TRACE("path %s\n", debugstr_wn(container->path.str, container->path.len));
569
570 if(!cookie_match_path(container, path))
571 continue;
572
573 TRACE("found domain %p\n", domain->domain);
574
575 LIST_FOR_EACH_SAFE(cursor, cursor2, &container->cookie_list) {
576 cookie_t *cookie_iter = LIST_ENTRY(cursor, cookie_t, entry);
577
578 /* check for expiry */
579 if((cookie_iter->expiry.dwLowDateTime != 0 || cookie_iter->expiry.dwHighDateTime != 0)
580 && CompareFileTime(&tm, &cookie_iter->expiry) > 0) {
581 TRACE("Found expired cookie. deleting\n");
582 delete_cookie(cookie_iter);
583 continue;
584 }
585
586 if((cookie_iter->flags & INTERNET_COOKIE_HTTPONLY) && !(flags & INTERNET_COOKIE_HTTPONLY))
587 continue;
588
589
590 if(!res->size) {
591 res->cookies = heap_alloc(4*sizeof(*res->cookies));
592 if(!res->cookies)
593 continue;
594 res->size = 4;
595 }else if(res->cnt == res->size) {
596 cookie_t **new_cookies = heap_realloc(res->cookies, res->size*2*sizeof(*res->cookies));
597 if(!new_cookies)
598 continue;
599 res->cookies = new_cookies;
600 res->size *= 2;
601 }
602
603 if(res->cnt)
604 res->string_len += 2; /* '; ' */
605 res->cookies[res->cnt++] = cookie_iter;
606
607 res->string_len += strlenW(cookie_iter->name);
608 if(*cookie_iter->data)
609 res->string_len += 1 /* = */ + strlenW(cookie_iter->data);
610 }
611 }
612 }
613
614 return ERROR_SUCCESS;
615 }
616
617 static void cookie_set_to_string(const cookie_set_t *cookie_set, WCHAR *str)
618 {
619 WCHAR *ptr = str;
620 unsigned i, len;
621
622 for(i=0; i<cookie_set->cnt; i++) {
623 if(i) {
624 *ptr++ = ';';
625 *ptr++ = ' ';
626 }
627
628 len = strlenW(cookie_set->cookies[i]->name);
629 memcpy(ptr, cookie_set->cookies[i]->name, len*sizeof(WCHAR));
630 ptr += len;
631
632 if(*cookie_set->cookies[i]->data) {
633 *ptr++ = '=';
634 len = strlenW(cookie_set->cookies[i]->data);
635 memcpy(ptr, cookie_set->cookies[i]->data, len*sizeof(WCHAR));
636 ptr += len;
637 }
638 }
639
640 assert(ptr-str == cookie_set->string_len);
641 TRACE("%s\n", debugstr_wn(str, ptr-str));
642 }
643
644 DWORD get_cookie_header(const WCHAR *host, const WCHAR *path, WCHAR **ret)
645 {
646 cookie_set_t cookie_set = {0};
647 DWORD res;
648
649 static const WCHAR cookieW[] = {'C','o','o','k','i','e',':',' '};
650
651 EnterCriticalSection(&cookie_cs);
652
653 res = get_cookie(substrz(host), substrz(path), INTERNET_COOKIE_HTTPONLY, &cookie_set);
654 if(res != ERROR_SUCCESS) {
655 LeaveCriticalSection(&cookie_cs);
656 return res;
657 }
658
659 if(cookie_set.cnt) {
660 WCHAR *header, *ptr;
661
662 ptr = header = heap_alloc(sizeof(cookieW) + (cookie_set.string_len + 3 /* crlf0 */) * sizeof(WCHAR));
663 if(header) {
664 memcpy(ptr, cookieW, sizeof(cookieW));
665 ptr += sizeof(cookieW)/sizeof(*cookieW);
666
667 cookie_set_to_string(&cookie_set, ptr);
668 heap_free(cookie_set.cookies);
669 ptr += cookie_set.string_len;
670
671 *ptr++ = '\r';
672 *ptr++ = '\n';
673 *ptr++ = 0;
674
675 *ret = header;
676 }else {
677 res = ERROR_NOT_ENOUGH_MEMORY;
678 }
679 }else {
680 *ret = NULL;
681 }
682
683 LeaveCriticalSection(&cookie_cs);
684 return res;
685 }
686
687 /***********************************************************************
688 * InternetGetCookieExW (WININET.@)
689 *
690 * Retrieve cookie from the specified url
691 *
692 * It should be noted that on windows the lpszCookieName parameter is "not implemented".
693 * So it won't be implemented here.
694 *
695 * RETURNS
696 * TRUE on success
697 * FALSE on failure
698 *
699 */
700 BOOL WINAPI InternetGetCookieExW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName,
701 LPWSTR lpCookieData, LPDWORD lpdwSize, DWORD flags, void *reserved)
702 {
703 cookie_set_t cookie_set = {0};
704 substr_t host, path;
705 DWORD res;
706 BOOL ret;
707
708 TRACE("(%s, %s, %p, %p, %x, %p)\n", debugstr_w(lpszUrl),debugstr_w(lpszCookieName), lpCookieData, lpdwSize, flags, reserved);
709
710 if (flags)
711 FIXME("flags 0x%08x not supported\n", flags);
712
713 if (!lpszUrl)
714 {
715 SetLastError(ERROR_INVALID_PARAMETER);
716 return FALSE;
717 }
718
719 ret = cookie_parse_url(lpszUrl, &host, &path);
720 if (!ret) {
721 SetLastError(ERROR_INVALID_PARAMETER);
722 return FALSE;
723 }
724
725 EnterCriticalSection(&cookie_cs);
726
727 res = get_cookie(host, path, flags, &cookie_set);
728 if(res != ERROR_SUCCESS) {
729 LeaveCriticalSection(&cookie_cs);
730 SetLastError(res);
731 return FALSE;
732 }
733
734 if(cookie_set.cnt) {
735 if(!lpCookieData || cookie_set.string_len+1 > *lpdwSize) {
736 *lpdwSize = (cookie_set.string_len + 1) * sizeof(WCHAR);
737 TRACE("returning %u\n", *lpdwSize);
738 if(lpCookieData) {
739 SetLastError(ERROR_INSUFFICIENT_BUFFER);
740 ret = FALSE;
741 }
742 }else {
743 *lpdwSize = cookie_set.string_len + 1;
744 cookie_set_to_string(&cookie_set, lpCookieData);
745 lpCookieData[cookie_set.string_len] = 0;
746 }
747 }else {
748 TRACE("no cookies found for %s\n", debugstr_wn(host.str, host.len));
749 SetLastError(ERROR_NO_MORE_ITEMS);
750 ret = FALSE;
751 }
752
753 heap_free(cookie_set.cookies);
754 LeaveCriticalSection(&cookie_cs);
755 return ret;
756 }
757
758 /***********************************************************************
759 * InternetGetCookieW (WININET.@)
760 *
761 * Retrieve cookie for the specified URL.
762 */
763 BOOL WINAPI InternetGetCookieW(const WCHAR *url, const WCHAR *name, WCHAR *data, DWORD *size)
764 {
765 TRACE("(%s, %s, %s, %p)\n", debugstr_w(url), debugstr_w(name), debugstr_w(data), size);
766
767 return InternetGetCookieExW(url, name, data, size, 0, NULL);
768 }
769
770 /***********************************************************************
771 * InternetGetCookieExA (WININET.@)
772 *
773 * Retrieve cookie from the specified url
774 *
775 * RETURNS
776 * TRUE on success
777 * FALSE on failure
778 *
779 */
780 BOOL WINAPI InternetGetCookieExA(LPCSTR lpszUrl, LPCSTR lpszCookieName,
781 LPSTR lpCookieData, LPDWORD lpdwSize, DWORD flags, void *reserved)
782 {
783 WCHAR *url, *name;
784 DWORD len, size;
785 BOOL r;
786
787 TRACE("(%s %s %p %p(%u) %x %p)\n", debugstr_a(lpszUrl), debugstr_a(lpszCookieName),
788 lpCookieData, lpdwSize, lpdwSize ? *lpdwSize : 0, flags, reserved);
789
790 url = heap_strdupAtoW(lpszUrl);
791 name = heap_strdupAtoW(lpszCookieName);
792
793 r = InternetGetCookieExW( url, name, NULL, &len, flags, reserved );
794 if( r )
795 {
796 WCHAR *szCookieData;
797
798 szCookieData = heap_alloc(len * sizeof(WCHAR));
799 if( !szCookieData )
800 {
801 r = FALSE;
802 }
803 else
804 {
805 r = InternetGetCookieExW( url, name, szCookieData, &len, flags, reserved );
806
807 if(r) {
808 size = WideCharToMultiByte( CP_ACP, 0, szCookieData, len, NULL, 0, NULL, NULL);
809 if(lpCookieData) {
810 if(*lpdwSize >= size) {
811 WideCharToMultiByte( CP_ACP, 0, szCookieData, len, lpCookieData, *lpdwSize, NULL, NULL);
812 }else {
813 SetLastError(ERROR_INSUFFICIENT_BUFFER);
814 r = FALSE;
815 }
816 }
817 *lpdwSize = size;
818 }
819
820 heap_free( szCookieData );
821 }
822 }
823 heap_free( name );
824 heap_free( url );
825 return r;
826 }
827
828 /***********************************************************************
829 * InternetGetCookieA (WININET.@)
830 *
831 * See InternetGetCookieW.
832 */
833 BOOL WINAPI InternetGetCookieA(const char *url, const char *name, char *data, DWORD *size)
834 {
835 TRACE("(%s, %s, %p, %p)\n", debugstr_a(url), debugstr_a(name), data, size);
836
837 return InternetGetCookieExA(url, name, data, size, 0, NULL);
838 }
839
840 static BOOL is_domain_legal_for_cookie(substr_t domain, substr_t full_domain)
841 {
842 const WCHAR *ptr;
843
844 if(!domain.len || *domain.str == '.' || !full_domain.len || *full_domain.str == '.') {
845 SetLastError(ERROR_INVALID_NAME);
846 return FALSE;
847 }
848
849 if(domain.len > full_domain.len || !memchrW(domain.str, '.', domain.len) || !memchrW(full_domain.str, '.', full_domain.len))
850 return FALSE;
851
852 ptr = full_domain.str + full_domain.len - domain.len;
853 if (strncmpiW(domain.str, ptr, domain.len) || (full_domain.len > domain.len && ptr[-1] != '.')) {
854 SetLastError(ERROR_INVALID_PARAMETER);
855 return FALSE;
856 }
857
858 return TRUE;
859 }
860
861 /***********************************************************************
862 * IsDomainLegalCookieDomainW (WININET.@)
863 */
864 BOOL WINAPI IsDomainLegalCookieDomainW(const WCHAR *domain, const WCHAR *full_domain)
865 {
866 FIXME("(%s, %s) semi-stub\n", debugstr_w(domain), debugstr_w(full_domain));
867
868 if (!domain || !full_domain) {
869 SetLastError(ERROR_INVALID_PARAMETER);
870 return FALSE;
871 }
872
873 return is_domain_legal_for_cookie(substrz(domain), substrz(full_domain));
874 }
875
876 static void substr_skip(substr_t *str, size_t len)
877 {
878 assert(str->len >= len);
879 str->str += len;
880 str->len -= len;
881 }
882
883 DWORD set_cookie(substr_t domain, substr_t path, substr_t name, substr_t data, DWORD flags)
884 {
885 cookie_container_t *container;
886 cookie_t *thisCookie;
887 substr_t value;
888 const WCHAR *end_ptr;
889 FILETIME expiry, create;
890 BOOL expired = FALSE, update_persistent = FALSE;
891 DWORD cookie_flags = 0, len;
892
893 TRACE("%s %s %s=%s %x\n", debugstr_wn(domain.str, domain.len), debugstr_wn(path.str, path.len),
894 debugstr_wn(name.str, name.len), debugstr_wn(data.str, data.len), flags);
895
896 memset(&expiry,0,sizeof(expiry));
897 GetSystemTimeAsFileTime(&create);
898
899 /* lots of information can be parsed out of the cookie value */
900
901 if(!(end_ptr = memchrW(data.str, ';', data.len)))
902 end_ptr = data.str + data.len;
903 value = substr(data.str, end_ptr-data.str);
904 data.str += value.len;
905 data.len -= value.len;
906
907 for(;;) {
908 static const WCHAR szDomain[] = {'d','o','m','a','i','n','='};
909 static const WCHAR szPath[] = {'p','a','t','h','='};
910 static const WCHAR szExpires[] = {'e','x','p','i','r','e','s','='};
911 static const WCHAR szSecure[] = {'s','e','c','u','r','e'};
912 static const WCHAR szHttpOnly[] = {'h','t','t','p','o','n','l','y'};
913 static const WCHAR szVersion[] = {'v','e','r','s','i','o','n','='};
914
915 /* Skip ';' */
916 if(data.len)
917 substr_skip(&data, 1);
918
919 while(data.len && *data.str == ' ')
920 substr_skip(&data, 1);
921
922 if(!data.len)
923 break;
924
925 if(!(end_ptr = memchrW(data.str, ';', data.len)))
926 end_ptr = data.str + data.len;
927
928 if(data.len >= (len = sizeof(szDomain)/sizeof(WCHAR)) && !strncmpiW(data.str, szDomain, len)) {
929 substr_skip(&data, len);
930
931 if(data.len && *data.str == '.')
932 substr_skip(&data, 1);
933
934 if(!is_domain_legal_for_cookie(substr(data.str, end_ptr-data.str), domain))
935 return COOKIE_STATE_UNKNOWN;
936
937 domain = substr(data.str, end_ptr-data.str);
938 TRACE("Parsing new domain %s\n", debugstr_wn(domain.str, domain.len));
939 }else if(data.len >= (len = sizeof(szPath)/sizeof(WCHAR)) && !strncmpiW(data.str, szPath, len)) {
940 substr_skip(&data, len);
941 path = substr(data.str, end_ptr - data.str);
942 TRACE("Parsing new path %s\n", debugstr_wn(path.str, path.len));
943 }else if(data.len >= (len = sizeof(szExpires)/sizeof(WCHAR)) && !strncmpiW(data.str, szExpires, len)) {
944 SYSTEMTIME st;
945 WCHAR buf[128];
946
947 substr_skip(&data, len);
948
949 if(end_ptr - data.str < sizeof(buf)/sizeof(WCHAR)-1) {
950 memcpy(buf, data.str, data.len*sizeof(WCHAR));
951 buf[data.len] = 0;
952
953 if (InternetTimeToSystemTimeW(data.str, &st, 0)) {
954 SystemTimeToFileTime(&st, &expiry);
955
956 if (CompareFileTime(&create,&expiry) > 0) {
957 TRACE("Cookie already expired.\n");
958 expired = TRUE;
959 }
960 }
961 }
962 }else if(data.len >= (len = sizeof(szSecure)/sizeof(WCHAR)) && !strncmpiW(data.str, szSecure, len)) {
963 substr_skip(&data, len);
964 FIXME("secure not handled\n");
965 }else if(data.len >= (len = sizeof(szHttpOnly)/sizeof(WCHAR)) && !strncmpiW(data.str, szHttpOnly, len)) {
966 substr_skip(&data, len);
967
968 if(!(flags & INTERNET_COOKIE_HTTPONLY)) {
969 WARN("HTTP only cookie added without INTERNET_COOKIE_HTTPONLY flag\n");
970 SetLastError(ERROR_INVALID_OPERATION);
971 return COOKIE_STATE_REJECT;
972 }
973
974 cookie_flags |= INTERNET_COOKIE_HTTPONLY;
975 }else if(data.len >= (len = sizeof(szVersion)/sizeof(WCHAR)) && !strncmpiW(data.str, szVersion, len)) {
976 substr_skip(&data, len);
977
978 FIXME("version not handled (%s)\n",debugstr_wn(data.str, data.len));
979 }else if(data.len) {
980 FIXME("Unknown additional option %s\n", debugstr_wn(data.str, data.len));
981 break;
982 }
983
984 substr_skip(&data, end_ptr - data.str);
985 }
986
987 EnterCriticalSection(&cookie_cs);
988
989 load_persistent_cookie(domain, path);
990
991 container = get_cookie_container(domain, path, !expired);
992 if(!container) {
993 LeaveCriticalSection(&cookie_cs);
994 return COOKIE_STATE_ACCEPT;
995 }
996
997 if(!expiry.dwLowDateTime && !expiry.dwHighDateTime)
998 cookie_flags |= INTERNET_COOKIE_IS_SESSION;
999 else
1000 update_persistent = TRUE;
1001
1002 if ((thisCookie = find_cookie(container, name))) {
1003 if ((thisCookie->flags & INTERNET_COOKIE_HTTPONLY) && !(flags & INTERNET_COOKIE_HTTPONLY)) {
1004 WARN("An attempt to override httponly cookie\n");
1005 SetLastError(ERROR_INVALID_OPERATION);
1006 LeaveCriticalSection(&cookie_cs);
1007 return COOKIE_STATE_REJECT;
1008 }
1009
1010 if (!(thisCookie->flags & INTERNET_COOKIE_IS_SESSION))
1011 update_persistent = TRUE;
1012 delete_cookie(thisCookie);
1013 }
1014
1015 TRACE("setting cookie %s=%s for domain %s path %s\n", debugstr_wn(name.str, name.len),
1016 debugstr_wn(value.str, value.len), debugstr_w(container->domain->domain),
1017 debugstr_wn(container->path.str, container->path.len));
1018
1019 if (!expired) {
1020 cookie_t *new_cookie;
1021
1022 new_cookie = alloc_cookie(name, value, expiry, create, cookie_flags);
1023 if(!new_cookie) {
1024 LeaveCriticalSection(&cookie_cs);
1025 return COOKIE_STATE_UNKNOWN;
1026 }
1027
1028 add_cookie(container, new_cookie);
1029 }
1030
1031 if (!update_persistent || save_persistent_cookie(container))
1032 {
1033 LeaveCriticalSection(&cookie_cs);
1034 return COOKIE_STATE_ACCEPT;
1035 }
1036 LeaveCriticalSection(&cookie_cs);
1037 return COOKIE_STATE_UNKNOWN;
1038 }
1039
1040 /***********************************************************************
1041 * InternetSetCookieExW (WININET.@)
1042 *
1043 * Sets cookie for the specified url
1044 */
1045 DWORD WINAPI InternetSetCookieExW(LPCWSTR lpszUrl, LPCWSTR lpszCookieName,
1046 LPCWSTR lpCookieData, DWORD flags, DWORD_PTR reserved)
1047 {
1048 substr_t host, path, name, data;
1049 BOOL ret;
1050
1051 TRACE("(%s, %s, %s, %x, %lx)\n", debugstr_w(lpszUrl), debugstr_w(lpszCookieName),
1052 debugstr_w(lpCookieData), flags, reserved);
1053
1054 if (flags & ~INTERNET_COOKIE_HTTPONLY)
1055 FIXME("flags %x not supported\n", flags);
1056
1057 if (!lpszUrl || !lpCookieData)
1058 {
1059 SetLastError(ERROR_INVALID_PARAMETER);
1060 return COOKIE_STATE_UNKNOWN;
1061 }
1062
1063 ret = cookie_parse_url(lpszUrl, &host, &path);
1064 if (!ret || !host.len) return COOKIE_STATE_UNKNOWN;
1065
1066 if (!lpszCookieName) {
1067 const WCHAR *ptr;
1068
1069 /* some apps (or is it us??) try to add a cookie with no cookie name, but
1070 * the cookie data in the form of name[=data].
1071 */
1072 if (!(ptr = strchrW(lpCookieData, '=')))
1073 ptr = lpCookieData + strlenW(lpCookieData);
1074
1075 name = substr(lpCookieData, ptr - lpCookieData);
1076 data = substrz(*ptr == '=' ? ptr+1 : ptr);
1077 }else {
1078 name = substrz(lpszCookieName);
1079 data = substrz(lpCookieData);
1080 }
1081
1082 return set_cookie(host, path, name, data, flags);
1083 }
1084
1085 /***********************************************************************
1086 * InternetSetCookieW (WININET.@)
1087 *
1088 * Sets a cookie for the specified URL.
1089 */
1090 BOOL WINAPI InternetSetCookieW(const WCHAR *url, const WCHAR *name, const WCHAR *data)
1091 {
1092 TRACE("(%s, %s, %s)\n", debugstr_w(url), debugstr_w(name), debugstr_w(data));
1093
1094 return InternetSetCookieExW(url, name, data, 0, 0) == COOKIE_STATE_ACCEPT;
1095 }
1096
1097 /***********************************************************************
1098 * InternetSetCookieA (WININET.@)
1099 *
1100 * Sets cookie for the specified url
1101 *
1102 * RETURNS
1103 * TRUE on success
1104 * FALSE on failure
1105 *
1106 */
1107 BOOL WINAPI InternetSetCookieA(LPCSTR lpszUrl, LPCSTR lpszCookieName,
1108 LPCSTR lpCookieData)
1109 {
1110 LPWSTR data, url, name;
1111 BOOL r;
1112
1113 TRACE("(%s,%s,%s)\n", debugstr_a(lpszUrl),
1114 debugstr_a(lpszCookieName), debugstr_a(lpCookieData));
1115
1116 url = heap_strdupAtoW(lpszUrl);
1117 name = heap_strdupAtoW(lpszCookieName);
1118 data = heap_strdupAtoW(lpCookieData);
1119
1120 r = InternetSetCookieW( url, name, data );
1121
1122 heap_free( data );
1123 heap_free( name );
1124 heap_free( url );
1125 return r;
1126 }
1127
1128 /***********************************************************************
1129 * InternetSetCookieExA (WININET.@)
1130 *
1131 * See InternetSetCookieExW.
1132 */
1133 DWORD WINAPI InternetSetCookieExA( LPCSTR lpszURL, LPCSTR lpszCookieName, LPCSTR lpszCookieData,
1134 DWORD dwFlags, DWORD_PTR dwReserved)
1135 {
1136 WCHAR *data, *url, *name;
1137 DWORD r;
1138
1139 TRACE("(%s, %s, %s, %x, %lx)\n", debugstr_a(lpszURL), debugstr_a(lpszCookieName),
1140 debugstr_a(lpszCookieData), dwFlags, dwReserved);
1141
1142 url = heap_strdupAtoW(lpszURL);
1143 name = heap_strdupAtoW(lpszCookieName);
1144 data = heap_strdupAtoW(lpszCookieData);
1145
1146 r = InternetSetCookieExW(url, name, data, dwFlags, dwReserved);
1147
1148 heap_free( data );
1149 heap_free( name );
1150 heap_free( url );
1151 return r;
1152 }
1153
1154 /***********************************************************************
1155 * InternetClearAllPerSiteCookieDecisions (WININET.@)
1156 *
1157 * Clears all per-site decisions about cookies.
1158 *
1159 * RETURNS
1160 * TRUE on success
1161 * FALSE on failure
1162 *
1163 */
1164 BOOL WINAPI InternetClearAllPerSiteCookieDecisions( VOID )
1165 {
1166 FIXME("stub\n");
1167 return TRUE;
1168 }
1169
1170 /***********************************************************************
1171 * InternetEnumPerSiteCookieDecisionA (WININET.@)
1172 *
1173 * See InternetEnumPerSiteCookieDecisionW.
1174 */
1175 BOOL WINAPI InternetEnumPerSiteCookieDecisionA( LPSTR pszSiteName, ULONG *pcSiteNameSize,
1176 ULONG *pdwDecision, ULONG dwIndex )
1177 {
1178 FIXME("(%s, %p, %p, 0x%08x) stub\n",
1179 debugstr_a(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex);
1180 return FALSE;
1181 }
1182
1183 /***********************************************************************
1184 * InternetEnumPerSiteCookieDecisionW (WININET.@)
1185 *
1186 * Enumerates all per-site decisions about cookies.
1187 *
1188 * RETURNS
1189 * TRUE on success
1190 * FALSE on failure
1191 *
1192 */
1193 BOOL WINAPI InternetEnumPerSiteCookieDecisionW( LPWSTR pszSiteName, ULONG *pcSiteNameSize,
1194 ULONG *pdwDecision, ULONG dwIndex )
1195 {
1196 FIXME("(%s, %p, %p, 0x%08x) stub\n",
1197 debugstr_w(pszSiteName), pcSiteNameSize, pdwDecision, dwIndex);
1198 return FALSE;
1199 }
1200
1201 /***********************************************************************
1202 * InternetGetPerSiteCookieDecisionA (WININET.@)
1203 */
1204 BOOL WINAPI InternetGetPerSiteCookieDecisionA( LPCSTR pwchHostName, ULONG *pResult )
1205 {
1206 FIXME("(%s, %p) stub\n", debugstr_a(pwchHostName), pResult);
1207 return FALSE;
1208 }
1209
1210 /***********************************************************************
1211 * InternetGetPerSiteCookieDecisionW (WININET.@)
1212 */
1213 BOOL WINAPI InternetGetPerSiteCookieDecisionW( LPCWSTR pwchHostName, ULONG *pResult )
1214 {
1215 FIXME("(%s, %p) stub\n", debugstr_w(pwchHostName), pResult);
1216 return FALSE;
1217 }
1218
1219 /***********************************************************************
1220 * InternetSetPerSiteCookieDecisionA (WININET.@)
1221 */
1222 BOOL WINAPI InternetSetPerSiteCookieDecisionA( LPCSTR pchHostName, DWORD dwDecision )
1223 {
1224 FIXME("(%s, 0x%08x) stub\n", debugstr_a(pchHostName), dwDecision);
1225 return FALSE;
1226 }
1227
1228 /***********************************************************************
1229 * InternetSetPerSiteCookieDecisionW (WININET.@)
1230 */
1231 BOOL WINAPI InternetSetPerSiteCookieDecisionW( LPCWSTR pchHostName, DWORD dwDecision )
1232 {
1233 FIXME("(%s, 0x%08x) stub\n", debugstr_w(pchHostName), dwDecision);
1234 return FALSE;
1235 }
1236
1237 void free_cookie(void)
1238 {
1239 DeleteCriticalSection(&cookie_cs);
1240 }
Windows API implementation