Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v diff -u -r1.126.2.40 -r1.126.2.41 --- openacs-4/packages/acs-tcl/tcl/security-procs.tcl 28 Oct 2020 15:39:19 -0000 1.126.2.40 +++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl 24 Nov 2020 19:02:18 -0000 1.126.2.41 @@ -1527,6 +1527,32 @@ # ##### +if {[ns_info name] eq "NaviServer"} { + ad_proc -private sec_get_token_from_nsv {token_id token_var} { + + Just for compatibility with AOLserver, which does not support + an atomic check and get operation for nsv. + + } { + upvar $token_var token + return [nsv_get secret_tokens $token_id token] + } +} else { + ad_proc -private sec_get_token_from_nsv {token_id token_var} { + + Compatibility function for AOLserver, which does not support + nsv_get with the optional output variable. + + } { + upvar $token_var token + if {[nsv_exists secret_tokens $token_id]} { + set token [nsv_get secret_tokens $token_id] + return 1 + } + return 0 + } +} + ad_proc -private sec_get_token { token_id } { @@ -1543,31 +1569,43 @@ } { + # + # First check the per-thread cache to obtain a token from the + # token_id. + # set key ::security::tcl_secret_tokens($token_id) - if { [info exists $key] } { return [set $key] } + if { [info exists $key] } { + return [set $key] + } + # + # If there is no secret token available per thread, + # get it and try again. + # if {[array size ::security::tcl_secret_tokens] == 0} { sec_populate_secret_tokens_thread_cache - if { [info exists $key] } { return [set $key] } + if { [info exists $key] } { + return [set $key] + } } # # We might get token_ids from previous runs, so we have fetch these - # in case of a validation + # from the secret tokens cache, or from the data base. # - set token [ns_cache eval secret_tokens $token_id { + if {![sec_get_token_from_nsv $token_id token]} { set token [db_string get_token {select token from secret_tokens where token_id = :token_id} -default 0] - - # Very important to throw the error here if $token == 0 - - if { $token == 0 } { + if {$token ne 0} { + nsv_set secret_tokens $token_id $token + } else { + # + # Very important to throw the error here if $token == 0 + # error "Invalid token ID" } + } - return $token - }] - set $key $token return $token } @@ -1593,13 +1631,13 @@ Copy secret_tokens cache to per-thread variables } { - set ids [ns_cache names secret_tokens] - if {[llength $ids] == 0} { + set secret_tokens [nsv_array get secret_tokens] + if {[llength $secret_tokens] == 0} { sec_populate_secret_tokens_cache - set ids [ns_cache names secret_tokens] + set secret_tokens [nsv_array get secret_tokens] } - foreach name $ids { - set ::security::tcl_secret_tokens($name) [ns_cache get secret_tokens $name] + foreach {id token} $secret_tokens { + set ::security::tcl_secret_tokens($id) $token } } @@ -1608,7 +1646,6 @@ Randomly populates the secret_tokens cache. } { - set num_tokens [parameter::get \ -package_id $::acs::kernel_id \ -parameter NumberOfCachedSecretTokens \ @@ -1618,7 +1655,7 @@ # so it runs during the install before the data model has been loaded if { [db_table_exists secret_tokens] } { db_foreach get_secret_tokens {} { - ns_cache set secret_tokens $token_id $token + nsv_set secret_tokens $token_id $token } } db_release_unused_handles @@ -2114,18 +2151,21 @@ if {[ns_info name] ne "NaviServer"} { # - # Compatibility function for AOLserver, which allows abstracts - # from the configuration section in the config files. NaviServer - # supports in general global and per-server defined drivers. The - # emulated version just supports per-server configurations, since - # these are the only ones supported by AOLserver. + # Compatibility function for AOLserver, which abstracts from the + # configuration section in the config files. NaviServer supports + # in general global and per-server defined drivers. # + # In the emulated version for AOLserver just report the per-server + # configurations, since these are the only ones supported by + # AOLserver. + # ad_proc -public ns_driversection { {-driver "nssock"} {-server ""} } { - Return the section name in the config file containing configuration information about the - network connection. + Return the section name in the config file containing + configuration information about the network connection. + @param driver (e.g. nssock) @param server symobolic server name @return name of section of the drive in the config file