/* Licensed to the Apache Software Foundation (ASF) under one or more

 * contributor license agreements.  See the NOTICE file distributed with

 * this work for additional information regarding copyright ownership.

 * The ASF licenses this file to You under the Apache License, Version 2.0

 * (the "License"); you may not use this file except in compliance with

 * the License.  You may obtain a copy of the License at

 *

 *     http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

#include "mod_session.h"

#include "apu_version.h"

#include "apr_base64.h"                /* for apr_base64_decode et al */

#include "apr_lib.h"

#include "apr_md5.h"

#include "apr_strings.h"

#include "http_log.h"

#include "http_core.h"

#if APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION < 4

#error session_crypto_module requires APU v1.4.0 or later

#elif APU_HAVE_CRYPTO == 0

#error Crypto support must be enabled in APR

#else

#include "apr_crypto.h"                /* for apr_*_crypt et al */

#define CRYPTO_KEY "session_crypto_context"

module AP_MODULE_DECLARE_DATA session_crypto_module;

/**

 * Structure to carry the per-dir session config.

 */

typedef struct {

    apr_array_header_t *passphrases;

    int passphrases_set;

    const char *cipher;

    int cipher_set;

} session_crypto_dir_conf;

/**

 * Structure to carry the server wide session config.

 */

typedef struct {

    const char *library;

    const char *params;

    int library_set;

} session_crypto_conf;

/* Wrappers around apr_siphash24() and apr_crypto_equals(),

 * available in APU-1.6/APR-2.0 only.

 */

#if APU_MAJOR_VERSION > 1 || (APU_MAJOR_VERSION == 1 && APU_MINOR_VERSION >= 6)

#include "apr_siphash.h"

#define AP_SIPHASH_DSIZE    APR_SIPHASH_DSIZE

#define AP_SIPHASH_KSIZE    APR_SIPHASH_KSIZE

#define ap_siphash24_auth   apr_siphash24_auth

#define ap_crypto_equals    apr_crypto_equals

#else

#define AP_SIPHASH_DSIZE    8

#define AP_SIPHASH_KSIZE    16

#define ROTL64(x, n) (((x) << (n)) | ((x) >> (64 - (n))))

#define U8TO64_LE(p) \

    (((apr_uint64_t)((p)[0])      ) | \

     ((apr_uint64_t)((p)[1]) <<  8) | \

     ((apr_uint64_t)((p)[2]) << 16) | \

     ((apr_uint64_t)((p)[3]) << 24) | \

     ((apr_uint64_t)((p)[4]) << 32) | \

     ((apr_uint64_t)((p)[5]) << 40) | \

     ((apr_uint64_t)((p)[6]) << 48) | \

     ((apr_uint64_t)((p)[7]) << 56))

#define U64TO8_LE(p, v) \

do { \

    (p)[0] = (unsigned char)((v)      ); \

    (p)[1] = (unsigned char)((v) >>  8); \

    (p)[2] = (unsigned char)((v) >> 16); \

    (p)[3] = (unsigned char)((v) >> 24); \

    (p)[4] = (unsigned char)((v) >> 32); \

    (p)[5] = (unsigned char)((v) >> 40); \

    (p)[6] = (unsigned char)((v) >> 48); \

    (p)[7] = (unsigned char)((v) >> 56); \

} while (0)

#define SIPROUND() \

do { \

    v0 += v1; v1=ROTL64(v1,13); v1 ^= v0; v0=ROTL64(v0,32); \

    v2 += v3; v3=ROTL64(v3,16); v3 ^= v2; \

    v0 += v3; v3=ROTL64(v3,21); v3 ^= v0; \

    v2 += v1; v1=ROTL64(v1,17); v1 ^= v2; v2=ROTL64(v2,32); \

} while(0)

static apr_uint64_t ap_siphash24(const void *src, apr_size_t len,

                                 const unsigned char key[AP_SIPHASH_KSIZE])

{

    const unsigned char *ptr, *end;

    apr_uint64_t v0, v1, v2, v3, m;

    apr_uint64_t k0, k1;

    unsigned int rem;

    k0 = U8TO64_LE(key + 0);

    k1 = U8TO64_LE(key + 8);

    v3 = k1 ^ (apr_uint64_t)0x7465646279746573ULL;

    v2 = k0 ^ (apr_uint64_t)0x6c7967656e657261ULL;

    v1 = k1 ^ (apr_uint64_t)0x646f72616e646f6dULL;

    v0 = k0 ^ (apr_uint64_t)0x736f6d6570736575ULL;

    rem = (unsigned int)(len & 0x7);

    for (ptr = src, end = ptr + len - rem; ptr < end; ptr += 8) {

        m = U8TO64_LE(ptr);

        v3 ^= m;

        SIPROUND();

        SIPROUND();

        v0 ^= m;

    }

    m = (apr_uint64_t)(len & 0xff) << 56;

    switch (rem) {

        case 7: m |= (apr_uint64_t)ptr[6] << 48;

        case 6: m |= (apr_uint64_t)ptr[5] << 40;

        case 5: m |= (apr_uint64_t)ptr[4] << 32;

        case 4: m |= (apr_uint64_t)ptr[3] << 24;

        case 3: m |= (apr_uint64_t)ptr[2] << 16;

        case 2: m |= (apr_uint64_t)ptr[1] << 8;

        case 1: m |= (apr_uint64_t)ptr[0];

        case 0: break;

    }

    v3 ^= m;

    SIPROUND();

    SIPROUND();

    v0 ^= m;

    v2 ^= 0xff;

    SIPROUND();

    SIPROUND();

    SIPROUND();

    SIPROUND();

    return v0 ^ v1 ^ v2 ^ v3;

}

static void ap_siphash24_auth(unsigned char out[AP_SIPHASH_DSIZE],

                              const void *src, apr_size_t len,

                              const unsigned char key[AP_SIPHASH_KSIZE])

{

    apr_uint64_t h;

    h = ap_siphash24(src, len, key);

    U64TO8_LE(out, h);

}

static int ap_crypto_equals(const void *buf1, const void *buf2,

                            apr_size_t size)

{

    const unsigned char *p1 = buf1;

    const unsigned char *p2 = buf2;

    unsigned char diff = 0;

    apr_size_t i;

    for (i = 0; i < size; ++i) {

        diff |= p1[i] ^ p2[i];

    }

    return 1 & ((diff - 1) >> 8);

}

#endif

static void compute_auth(const void *src, apr_size_t len,

                         const char *passphrase, apr_size_t passlen,

                         unsigned char auth[AP_SIPHASH_DSIZE])

{

    unsigned char key[APR_MD5_DIGESTSIZE];

    /* XXX: if we had a way to get the raw bytes from an apr_crypto_key_t

     *      we could use them directly (not available in APR-1.5.x).

     * MD5 is 128bit too, so use it to get a suitable siphash key

     * from the passphrase.

     */

    apr_md5(key, passphrase, passlen);

    ap_siphash24_auth(auth, src, len, key);

}

/**

 * Initialise the encryption as per the current config.

 *

 * Returns APR_SUCCESS if successful.

 */

static apr_status_t crypt_init(request_rec *r,

        const apr_crypto_t *f, apr_crypto_block_key_type_e **cipher,

        session_crypto_dir_conf * dconf)

{

    apr_status_t res;

    apr_hash_t *ciphers;

    res = apr_crypto_get_block_key_types(&ciphers, f);

    if (APR_SUCCESS != res) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01823)

                "no ciphers returned by APR. "

                "session encryption not possible");

        return res;

    }

    *cipher = apr_hash_get(ciphers, dconf->cipher, APR_HASH_KEY_STRING);

    if (!(*cipher)) {

        apr_hash_index_t *hi;

        const void *key;

        apr_ssize_t klen;

        int sum = 0;

        int offset = 0;

        char *options = NULL;

        for (hi = apr_hash_first(r->pool, ciphers); hi; hi = apr_hash_next(hi)) {

            apr_hash_this(hi, NULL, &klen, NULL);

            sum += klen + 2;

        }

        for (hi = apr_hash_first(r->pool, ciphers); hi; hi = apr_hash_next(hi)) {

            apr_hash_this(hi, &key, &klen, NULL);

            if (!options) {

                options = apr_palloc(r->pool, sum + 1);

            }

            else {

                options[offset++] = ',';

                options[offset++] = ' ';

            }

            strncpy(options + offset, key, klen);

            offset += klen;

        }

        options[offset] = 0;

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01824)

                "cipher '%s' not recognised by crypto driver. "

                "session encryption not possible, options: %s", dconf->cipher, options);

        return APR_EGENERAL;

    }

    return APR_SUCCESS;

}

/**

 * Encrypt the string given as per the current config.

 *

 * Returns APR_SUCCESS if successful.

 */

static apr_status_t encrypt_string(request_rec * r, const apr_crypto_t *f,

        session_crypto_dir_conf *dconf, const char *in, char **out)

{

    apr_status_t res;

    apr_crypto_key_t *key = NULL;

    apr_size_t ivSize = 0;

    apr_crypto_block_t *block = NULL;

    unsigned char *encrypt = NULL;

    unsigned char *combined = NULL;

    apr_size_t encryptlen, tlen, combinedlen;

    char *base64;

    apr_size_t blockSize = 0;

    const unsigned char *iv = NULL;

    apr_uuid_t salt;

    apr_crypto_block_key_type_e *cipher;

    const char *passphrase;

    apr_size_t passlen;

    /* use a uuid as a salt value, and prepend it to our result */

    apr_uuid_get(&salt);

    res = crypt_init(r, f, &cipher, dconf);

    if (res != APR_SUCCESS) {

        return res;

    }

    /* encrypt using the first passphrase in the list */

    passphrase = APR_ARRAY_IDX(dconf->passphrases, 0, const char *);

    passlen = strlen(passphrase);

    res = apr_crypto_passphrase(&key, &ivSize, passphrase, passlen,

            (unsigned char *) (&salt), sizeof(apr_uuid_t),

            *cipher, APR_MODE_CBC, 1, 4096, f, r->pool);

    if (APR_STATUS_IS_ENOKEY(res)) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01825)

                "the passphrase '%s' was empty", passphrase);

    }

    if (APR_STATUS_IS_EPADDING(res)) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01826)

                "padding is not supported for cipher");

    }

    if (APR_STATUS_IS_EKEYTYPE(res)) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01827)

                "the key type is not known");

    }

    if (APR_SUCCESS != res) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01828)

                "encryption could not be configured.");

        return res;

    }

    res = apr_crypto_block_encrypt_init(&block, &iv, key, &blockSize, r->pool);

    if (APR_SUCCESS != res) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01829)

                "apr_crypto_block_encrypt_init failed");

        return res;

    }

    /* encrypt the given string */

    res = apr_crypto_block_encrypt(&encrypt, &encryptlen,

                                   (const unsigned char *)in, strlen(in),

                                   block);

    if (APR_SUCCESS != res) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01830)

                "apr_crypto_block_encrypt failed");

        return res;

    }

    res = apr_crypto_block_encrypt_finish(encrypt + encryptlen, &tlen, block);

    if (APR_SUCCESS != res) {

        ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01831)

                "apr_crypto_block_encrypt_finish failed");

        return res;

    }

    encryptlen += tlen;

    /* prepend the salt and the iv to the result (keep room for the MAC) */

    combinedlen = AP_SIPHASH_DSIZE + sizeof(apr_uuid_t) + ivSize + encryptlen;

    combined = apr_palloc(r->pool, combinedlen);

    memcpy(combined + AP_SIPHASH_DSIZE, &salt, sizeof(apr_uuid_t));

    memcpy(combined + AP_SIPHASH_DSIZE + sizeof(apr_uuid_t), iv, ivSize);

    memcpy(combined + AP_SIPHASH_DSIZE + sizeof(apr_uuid_t) + ivSize,

           encrypt, encryptlen);

    /* authenticate the whole salt+IV+ciphertext with a leading MAC */

    compute_auth(combined + AP_SIPHASH_DSIZE, combinedlen - AP_SIPHASH_DSIZE,

                 passphrase, passlen, combined);

    /* base64 encode the result (APR handles the trailing '\0') */

    base64 = apr_palloc(r->pool, apr_base64_encode_len(combinedlen));

    apr_base64_encode(base64, (const char *) combined, combinedlen);

    *out = base64;

    return res;

}

/**

 * Decrypt the string given as per the current config.

 *

 * Returns APR_SUCCESS if successful.

 */

static apr_status_t decrypt_string(request_rec * r, const apr_crypto_t *f,

        session_crypto_dir_conf *dconf, const char *in, char **out)

{

    apr_status_t res;

    apr_crypto_key_t *key = NULL;

    apr_size_t ivSize = 0;

    apr_crypto_block_t *block = NULL;

    unsigned char *decrypted = NULL;

    apr_size_t decryptedlen, tlen;

    apr_size_t decodedlen;

    char *decoded;

    apr_size_t blockSize = 0;

    apr_crypto_block_key_type_e *cipher;

    unsigned char auth[AP_SIPHASH_DSIZE];

    int i = 0;

    /* strip base64 from the string */

    decoded = apr_palloc(r->pool, apr_base64_decode_len(in));

    decodedlen = apr_base64_decode(decoded, in);

    decoded[decodedlen] = '\0';

    /* sanity check - decoded too short? */

    if (decodedlen < (AP_SIPHASH_DSIZE + sizeof(apr_uuid_t))) {

        ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, APLOGNO(10005)

                "too short to decrypt, aborting");

        return APR_ECRYPT;

    }

    res = crypt_init(r, f, &cipher, dconf);

    if (res != APR_SUCCESS) {

        return res;

    }

    /* try each passphrase in turn */

    for (; i < dconf->passphrases->nelts; i++) {

        const char *passphrase = APR_ARRAY_IDX(dconf->passphrases, i, char *);

        apr_size_t passlen = strlen(passphrase);

        apr_size_t len = decodedlen - AP_SIPHASH_DSIZE;

        unsigned char *slider = (unsigned char *)decoded + AP_SIPHASH_DSIZE;

        /* Verify authentication of the whole salt+IV+ciphertext by computing

         * the MAC and comparing it (timing safe) with the one in the payload.

         */

        compute_auth(slider, len, passphrase, passlen, auth);

        if (!ap_crypto_equals(auth, decoded, AP_SIPHASH_DSIZE)) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(10006)

                    "auth does not match, skipping");

            continue;

        }

        /* encrypt using the first passphrase in the list */

        res = apr_crypto_passphrase(&key, &ivSize, passphrase, passlen,

                                    slider, sizeof(apr_uuid_t),

                                    *cipher, APR_MODE_CBC, 1, 4096,

                                    f, r->pool);

        if (APR_STATUS_IS_ENOKEY(res)) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01832)

                    "the passphrase '%s' was empty", passphrase);

            continue;

        }

        else if (APR_STATUS_IS_EPADDING(res)) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01833)

                    "padding is not supported for cipher");

            continue;

        }

        else if (APR_STATUS_IS_EKEYTYPE(res)) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01834)

                    "the key type is not known");

            continue;

        }

        else if (APR_SUCCESS != res) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01835)

                    "encryption could not be configured.");

            continue;

        }

        /* sanity check - decoded too short? */

        if (len < (sizeof(apr_uuid_t) + ivSize)) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, APR_SUCCESS, r, APLOGNO(01836)

                    "too short to decrypt, skipping");

            res = APR_ECRYPT;

            continue;

        }

        /* bypass the salt at the start of the decoded block */

        slider += sizeof(apr_uuid_t);

        len -= sizeof(apr_uuid_t);

        res = apr_crypto_block_decrypt_init(&block, &blockSize, slider, key,

                                            r->pool);

        if (APR_SUCCESS != res) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01837)

                    "apr_crypto_block_decrypt_init failed");

            continue;

        }

        /* bypass the iv at the start of the decoded block */

        slider += ivSize;

        len -= ivSize;

        /* decrypt the given string */

        res = apr_crypto_block_decrypt(&decrypted, &decryptedlen,

                                       slider, len, block);

        if (res) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01838)

                    "apr_crypto_block_decrypt failed");

            continue;

        }

        *out = (char *) decrypted;

        res = apr_crypto_block_decrypt_finish(decrypted + decryptedlen, &tlen, block);

        if (APR_SUCCESS != res) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01839)

                    "apr_crypto_block_decrypt_finish failed");

            continue;

        }

        decryptedlen += tlen;

        decrypted[decryptedlen] = 0;

        break;

    }

    if (APR_SUCCESS != res) {

        ap_log_rerror(APLOG_MARK, APLOG_INFO, res, r, APLOGNO(01840)

                "decryption failed");

    }

    return res;

}

/**

 * Crypto encoding for the session.

 *

 * @param r The request pointer.

 * @param z A pointer to where the session will be written.

 */

static apr_status_t session_crypto_encode(request_rec * r, session_rec * z)

{

    char *encoded = NULL;

    apr_status_t res;

    const apr_crypto_t *f = NULL;

    session_crypto_dir_conf *dconf = ap_get_module_config(r->per_dir_config,

            &session_crypto_module);

    if (dconf->passphrases_set && z->encoded && *z->encoded) {

        apr_pool_userdata_get((void **)&f, CRYPTO_KEY, r->server->process->pconf);

        res = encrypt_string(r, f, dconf, z->encoded, &encoded);

        if (res != OK) {

            ap_log_rerror(APLOG_MARK, APLOG_DEBUG, res, r, APLOGNO(01841)

                    "encrypt session failed");

            return res;

        }

        z->encoded = encoded;

    }

    return OK;

}

/**

 * Crypto decoding for the session.

 *

 * @param r The request pointer.

 * @param z A pointer to where the session will be written.

 */

static apr_status_t session_crypto_decode(request_rec * r,

        session_rec * z)

{

    char *encoded = NULL;

    apr_status_t res;

    const apr_crypto_t *f = NULL;

    session_crypto_dir_conf *dconf = ap_get_module_config(r->per_dir_config,

            &session_crypto_module);

    if ((dconf->passphrases_set) && z->encoded && *z->encoded) {

        apr_pool_userdata_get((void **)&f, CRYPTO_KEY,

                r->server->process->pconf);

        res = decrypt_string(r, f, dconf, z->encoded, &encoded);

        if (res != APR_SUCCESS) {

            ap_log_rerror(APLOG_MARK, APLOG_ERR, res, r, APLOGNO(01842)

                    "decrypt session failed, wrong passphrase?");

            return res;

        }

        z->encoded = encoded;

    }

    return OK;

}

/**

 * Initialise the SSL in the post_config hook.

 */

static int session_crypto_init(apr_pool_t *p, apr_pool_t *plog,

        apr_pool_t *ptemp, server_rec *s)

{

    const apr_crypto_driver_t *driver = NULL;

    apr_crypto_t *f = NULL;

    session_crypto_conf *conf = ap_get_module_config(s->module_config,

            &session_crypto_module);

    /* session_crypto_init() will be called twice. Don't bother

     * going through all of the initialization on the first call

     * because it will just be thrown away.*/

    if (ap_state_query(AP_SQ_MAIN_STATE) == AP_SQ_MS_CREATE_PRE_CONFIG) {

        return OK;

    }

    if (conf->library) {

        const apu_err_t *err = NULL;

        apr_status_t rv;

        rv = apr_crypto_init(p);

        if (APR_SUCCESS != rv) {

            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01843)

                    "APR crypto could not be initialised");

            return rv;

        }

        rv = apr_crypto_get_driver(&driver, conf->library, conf->params, &err, p);

        if (APR_EREINIT == rv) {

            ap_log_error(APLOG_MARK, APLOG_WARNING, rv, s, APLOGNO(01844)

                    "warning: crypto for '%s' was already initialised, "

                    "using existing configuration", conf->library);

            rv = APR_SUCCESS;

        }

        if (APR_SUCCESS != rv && err) {

            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01845)

                    "The crypto library '%s' could not be loaded: %s (%s: %d)", conf->library, err->msg, err->reason, err->rc);

            return rv;

        }

        if (APR_ENOTIMPL == rv) {

            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01846)

                    "The crypto library '%s' could not be found",

                    conf->library);

            return rv;

        }

        if (APR_SUCCESS != rv || !driver) {

            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01847)

                    "The crypto library '%s' could not be loaded",

                    conf->library);

            return rv;

        }

        rv = apr_crypto_make(&f, driver, conf->params, p);

        if (APR_SUCCESS != rv) {

            ap_log_error(APLOG_MARK, APLOG_ERR, rv, s, APLOGNO(01848)

                    "The crypto library '%s' could not be initialised",

                    conf->library);

            return rv;

        }

        ap_log_error(APLOG_MARK, APLOG_INFO, rv, s, APLOGNO(01849)

                "The crypto library '%s' was loaded successfully",

                conf->library);

        apr_pool_userdata_set((const void *)f, CRYPTO_KEY,

                apr_pool_cleanup_null, s->process->pconf);

    }

    return OK;

}

static void *create_session_crypto_config(apr_pool_t * p, server_rec *s)

{

    session_crypto_conf *new =

    (session_crypto_conf *) apr_pcalloc(p, sizeof(session_crypto_conf));

    /* if no library has been configured, set the recommended library

     * as a sensible default.

     */

#ifdef APU_CRYPTO_RECOMMENDED_DRIVER

    new->library = APU_CRYPTO_RECOMMENDED_DRIVER;

#endif

    return (void *) new;

}

static void *create_session_crypto_dir_config(apr_pool_t * p, char *dummy)

{

    session_crypto_dir_conf *new =

    (session_crypto_dir_conf *) apr_pcalloc(p, sizeof(session_crypto_dir_conf));

    new->passphrases = apr_array_make(p, 10, sizeof(char *));

    /* default cipher AES256-SHA */

    new->cipher = "aes256";

    return (void *) new;

}

static void *merge_session_crypto_dir_config(apr_pool_t * p, void *basev, void *addv)

{

    session_crypto_dir_conf *new = (session_crypto_dir_conf *) apr_pcalloc(p, sizeof(session_crypto_dir_conf));

    session_crypto_dir_conf *add = (session_crypto_dir_conf *) addv;

    session_crypto_dir_conf *base = (session_crypto_dir_conf *) basev;

    new->passphrases = (add->passphrases_set == 0) ? base->passphrases : add->passphrases;

    new->passphrases_set = add->passphrases_set || base->passphrases_set;

    new->cipher = (add->cipher_set == 0) ? base->cipher : add->cipher;

    new->cipher_set = add->cipher_set || base->cipher_set;

    return new;

}

static const char *set_crypto_driver(cmd_parms * cmd, void *config, const char *arg)

{

    session_crypto_conf *conf =

    (session_crypto_conf *)ap_get_module_config(cmd->server->module_config,

            &session_crypto_module);

    const char *err = ap_check_cmd_context(cmd, GLOBAL_ONLY);

    if (err != NULL) {

        return err;

    }

    conf->library = ap_getword_conf(cmd->pool, &arg;;

    conf->params = arg;

    conf->library_set = 1;

    return NULL;

}

static const char *set_crypto_passphrase(cmd_parms * cmd, void *config, const char *arg)

{

    int arglen = strlen(arg);

    char **argv;

    char *result;

    const char **passphrase;

    session_crypto_dir_conf *dconf = (session_crypto_dir_conf *) config;

    passphrase = apr_array_push(dconf->passphrases);

    if ((arglen > 5) && strncmp(arg, "exec:", 5) == 0) {

        if (apr_tokenize_to_argv(arg+5, &argv, cmd->temp_pool) != APR_SUCCESS) {

            return apr_pstrcat(cmd->pool,

                               "Unable to parse exec arguments from ",

                               arg+5, NULL);

        }

        argv[0] = ap_server_root_relative(cmd->temp_pool, argv[0]);

        if (!argv[0]) {

            return apr_pstrcat(cmd->pool,

                               "Invalid SessionCryptoPassphrase exec location:",

                               arg+5, NULL);

        }

        result = ap_get_exec_line(cmd->pool,

                                  (const char*)argv[0], (const char * const *)argv);

        if(!result) {

            return apr_pstrcat(cmd->pool,

                               "Unable to get bind password from exec of ",

                               arg+5, NULL);

        }

        *passphrase = result;

    }

    else {

        *passphrase = arg;

    }

    dconf->passphrases_set = 1;

    return NULL;

}

static const char *set_crypto_passphrase_file(cmd_parms *cmd, void *config,

                                  const char *filename)

{

    char buffer[MAX_STRING_LEN];

    char *arg;

    const char *args;

    ap_configfile_t *file;

    apr_status_t rv;

    filename = ap_server_root_relative(cmd->temp_pool, filename);

    rv = ap_pcfg_openfile(&file, cmd->temp_pool, filename);

    if (rv != APR_SUCCESS) {

        return apr_psprintf(cmd->pool, "%s: Could not open file %s: %pm",

                            cmd->cmd->name, filename, &rv;;

    }

    while (!(ap_cfg_getline(buffer, sizeof(buffer), file))) {

        args = buffer;

        while (*(arg = ap_getword_conf(cmd->pool, &args)) != '\0') {

            if (*arg == '#') {

                break;

            }

            set_crypto_passphrase(cmd, config, arg);

        }

    }

    ap_cfg_closefile(file);

    return NULL;

}

static const char *set_crypto_cipher(cmd_parms * cmd, void *config, const char *cipher)

{

    session_crypto_dir_conf *dconf = (session_crypto_dir_conf *) config;

    dconf->cipher = cipher;

    dconf->cipher_set = 1;

    return NULL;

}

static const command_rec session_crypto_cmds[] =

{

    AP_INIT_ITERATE("SessionCryptoPassphrase", set_crypto_passphrase, NULL, RSRC_CONF|OR_AUTHCFG,

            "The passphrase(s) used to encrypt the session. First will be used for encryption, all phrases will be accepted for decryption"),

    AP_INIT_TAKE1("SessionCryptoPassphraseFile", set_crypto_passphrase_file, NULL, RSRC_CONF|ACCESS_CONF,

            "File containing passphrase(s) used to encrypt the session, one per line. First will be used for encryption, all phrases will be accepted for decryption"),

    AP_INIT_TAKE1("SessionCryptoCipher", set_crypto_cipher, NULL, RSRC_CONF|OR_AUTHCFG,

            "The underlying crypto cipher to use"),

    AP_INIT_RAW_ARGS("SessionCryptoDriver", set_crypto_driver, NULL, RSRC_CONF,

            "The underlying crypto library driver to use"),

    { NULL }

};

static void register_hooks(apr_pool_t * p)

{

    ap_hook_session_encode(session_crypto_encode, NULL, NULL, APR_HOOK_LAST);

    ap_hook_session_decode(session_crypto_decode, NULL, NULL, APR_HOOK_FIRST);

    ap_hook_post_config(session_crypto_init, NULL, NULL, APR_HOOK_LAST);

}

AP_DECLARE_MODULE(session_crypto) =

{

    STANDARD20_MODULE_STUFF,

    create_session_crypto_dir_config, /* dir config creater */

    merge_session_crypto_dir_config, /* dir merger --- default is to override */

    create_session_crypto_config, /* server config */

    NULL, /* merge server config */

    session_crypto_cmds, /* command apr_table_t */

    register_hooks /* register hooks */

};

#endif