Index: openacs-4/packages/acs-tcl/lib/page-error.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/lib/page-error.tcl,v
diff -u -N -r1.12 -r1.13
--- openacs-4/packages/acs-tcl/lib/page-error.tcl 5 Jan 2018 22:59:57 -0000 1.12
+++ openacs-4/packages/acs-tcl/lib/page-error.tcl 28 Mar 2018 07:27:10 -0000 1.13
@@ -82,8 +82,8 @@
set exist_bug [db_string search_bug {} -default ""]
if { $exist_bug eq ""} {
- #Submit the new Bug into the Bug - Tracker && Into the
- # Auto_bugs tabble
+ # Submit the new Bug into the bug-tracker and into the
+ # auto_bugs table
set bug_id [db_nextval acs_object_id_seq]
set keyword_ids [list]
@@ -106,9 +106,10 @@
db_dml insert_auto_bug {}
} else {
- #Comment on the Existing Bug even if the user dont want to add
- # commentaries
- # If the bug is closed or fixed we have to reopen the bug
+ # Comment on the existing bug even if the user don't want to
+ # add commentaries. If the bug is closed or fixed we have to
+ # reopen the bug.
+ #
array set row [list]
set bug_id $exist_bug
Index: openacs-4/packages/acs-tcl/tcl/deprecated-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/deprecated-procs.tcl,v
diff -u -N -r1.11 -r1.12
--- openacs-4/packages/acs-tcl/tcl/deprecated-procs.tcl 25 Mar 2018 22:13:40 -0000 1.11
+++ openacs-4/packages/acs-tcl/tcl/deprecated-procs.tcl 28 Mar 2018 07:27:10 -0000 1.12
@@ -2017,7 +2017,7 @@
ad_script_abort
}
- # we have a form so stuff in the ones we dont find.
+ # we have a form so stuff in the ones we don't find.
# should think about how to support lists and ns_set persist too.
foreach kvp $defaults {
if {[ns_set find $form [lindex $kvp 0]] < 0} {
Index: openacs-4/packages/acs-tcl/tcl/memoize-procs-naviserver.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/memoize-procs-naviserver.tcl,v
diff -u -N -r1.2 -r1.3
--- openacs-4/packages/acs-tcl/tcl/memoize-procs-naviserver.tcl 27 Feb 2018 11:00:56 -0000 1.2
+++ openacs-4/packages/acs-tcl/tcl/memoize-procs-naviserver.tcl 28 Mar 2018 07:27:10 -0000 1.3
@@ -35,6 +35,16 @@
#
catch {ns_cache_flush util_memoize}
+proc !! args {
+ set t0 [clock clicks -milliseconds]
+ set result [uplevel $args]
+ set t1 [clock clicks -milliseconds]
+ if {$t1 - $t0 > 100} {
+ ns_log notice "!!! slow ([expr {$t1 - $t0}]ms): $args"
+ }
+ return $result
+}
+
ad_proc -public util_memoize {script {max_age ""}} {
If script has been executed before, return the value it
returned last time, unless it was more than max_age seconds ago.
@@ -56,7 +66,7 @@
if {$max_age ne ""} {
set max_age "-expires $max_age"
}
- ns_cache_eval {*}$max_age -- util_memoize $script {*}$script
+ !! ns_cache_eval {*}$max_age -- util_memoize $script {*}$script
}
# In case, the definition of the function has cached something,
@@ -80,7 +90,7 @@
@param max_age Not used.
} {
- ns_cache_eval -force util_memoize $script [list set _ $value]
+ !! ns_cache_eval -force util_memoize $script [list set _ $value]
}
@@ -97,7 +107,7 @@
if {$max_age ne ""} {
ns_log Warning "util_memoize_cached_p: ignore max_age $max_age for $script"
}
- return [expr {[ns_cache_keys util_memoize $script] ne ""}]
+ return [expr {[!! ns_cache_keys util_memoize $script] ne ""}]
}
ad_proc -public util_memoize_flush_pattern {
@@ -112,7 +122,7 @@
@param log Whether to log keys checked and flushed (useful for debugging).
} {
- set nr_flushed [ns_cache_flush -glob util_memoize $pattern]
+ set nr_flushed [!! ns_cache_flush -glob util_memoize $pattern]
if {$log_p} {
ns_log Debug "util_memoize_flush_pattern: flushed $nr_flushed entries using the pattern: $pattern"
}
Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v
diff -u -N -r1.87 -r1.88
--- openacs-4/packages/acs-tcl/tcl/security-procs.tcl 27 Mar 2018 11:18:00 -0000 1.87
+++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl 28 Mar 2018 07:27:10 -0000 1.88
@@ -11,8 +11,10 @@
}
namespace eval security {
- set log(login_url) debug ;# notice
+ set log(login_url) debug ;# notice
set log(login_cookie) debug ;# notice
+ set log(session) debug ;# notice
+ set log(signature) debug ;# notice
}
@@ -92,6 +94,7 @@
ns_log debug "OACS= sec_handler: enter"
if {$::security::log(login_cookie) ne "debug"} {
+ set msg {}
foreach c [list ad_session_id ad_secure_token ad_user_login ad_user_login_secure] {
lappend msg "$c '[ad_get_cookie $c]'"
}
@@ -308,7 +311,7 @@
ad_unset_cookie -secure t ad_user_login_secure
}
- ns_log Debug "ad_user_login: Setting new ad_user_login cookie with max_age $max_age"
+ ns_log $::security::log(login_cookie) "ad_user_login: Setting new ad_user_login cookie with max_age $max_age"
ad_set_signed_cookie \
-expire [expr {$forever_p ? false : true}] \
-max_age $max_age \
@@ -432,29 +435,29 @@
and generates the cookies necessary for the session
} {
- ns_log debug "OACS= sec_setup_session: enter"
+ ns_log $::security::log(session) "OACS= sec_setup_session: enter"
set session_id [ad_conn session_id]
# figure out the session id, if we don't already have it
if { $session_id eq ""} {
- ns_log debug "OACS= empty session_id"
+ ns_log $::security::log(session) "OACS= empty session_id"
set session_id [sec_allocate_session]
# if we have a user on an newly allocated session, update
# users table
- ns_log debug "OACS= newly allocated session $session_id"
+ ns_log $::security::log(session) "OACS= newly allocated session $session_id"
if { $new_user_id != 0 } {
- ns_log debug "OACS= about to update user session info, user_id NONZERO"
+ ns_log $::security::log(session) "OACS= about to update user session info, user_id NONZERO"
sec_update_user_session_info $new_user_id
- ns_log debug "OACS= done updating user session info, user_id NONZERO"
+ ns_log $::security::log(session) "OACS= done updating user session info, user_id NONZERO"
}
} else {
# $session_id is an active verified session
- # this call is either a user loging in
+ # this call is either a user logging in
# on an active unidentified session, or a change in identity
# for a browser that is already logged in
@@ -467,19 +470,19 @@
# changes from user_id 0, since owasp recommends to renew the
# session_id after any privilege level change
#
- ns_log debug "prev_user_id $prev_user_id new_user_id $new_user_id"
+ ns_log $::security::log(session) "prev_user_id $prev_user_id new_user_id $new_user_id"
if { $prev_user_id != 0 && $prev_user_id != $new_user_id } {
# this is a change in identity so we should create
# a new session so session-level data is not shared
- ns_log debug "sec_allocate_session"
+ ns_log $::security::log(session) "sec_allocate_session"
set session_id [sec_allocate_session]
}
if { $prev_user_id != $new_user_id } {
# a change of user_id on an active session
# demands an update of the users table
- ns_log debug "sec_update_user_session_info"
+ ns_log $::security::log(session) "sec_update_user_session_info"
sec_update_user_session_info $new_user_id
}
}
@@ -498,11 +501,11 @@
ad_conn -set account_status $account_status
ad_conn -set user_id $user_id
- ns_log debug "OACS= about to generate session id cookie"
+ ns_log $::security::log(session) "OACS= about to generate session id cookie"
sec_generate_session_id_cookie -cookie_domain $cookie_domain
- ns_log debug "OACS= done generating session id cookie"
+ ns_log $::security::log(session) "OACS= done generating session id cookie"
if { $auth_level eq "secure" && [security::secure_conn_p] && $new_user_id != 0 } {
# this is a secure session, so the browser needs
@@ -544,7 +547,7 @@
}
}
- ns_log Debug "Security: [ns_time] sec_generate_session_id_cookie setting session_id=$session_id, user_id=$user_id, login_level=$login_level"
+ ns_log $::security::log(session) "Security: [ns_time] sec_generate_session_id_cookie setting session_id=$session_id, user_id=$user_id, login_level=$login_level"
if {$cookie_domain eq ""} {
set cookie_domain [parameter::get -parameter CookieDomain -package_id $::acs::kernel_id]
@@ -1022,10 +1025,9 @@
Returns 1 if signature validated; 0 if it fails.
} {
-
if { $secret eq "" } {
if { $token_id eq "" } {
- ns_log Debug "__ad_verify_signature: Neither secret, nor token_id supplied"
+ ns_log $::security::log(signature) "__ad_verify_signature: Neither secret, nor token_id supplied"
return 0
} elseif {![string is integer -strict $token_id]} {
ns_log Warning "__ad_verify_signature: token_id <$token_id> is not an integer"
@@ -1037,8 +1039,8 @@
set secret_token $secret
}
- ns_log Debug "__ad_verify_signature: Getting token_id $token_id, value $secret_token ; "
- ns_log Debug "__ad_verify_signature: Expire_Time is $expire_time (compare to [ns_time]), hash is $hash"
+ ns_log $::security::log(signature) "__ad_verify_signature: Getting token_id $token_id, value $secret_token ; "
+ ns_log $::security::log(signature) "__ad_verify_signature: Expire_Time is $expire_time (compare to [ns_time]), hash is $hash"
# validate cookie: verify hash and expire_time
set computed_hash [ns_sha1 "$value$token_id$expire_time$secret_token"]
@@ -1048,7 +1050,7 @@
set expiration_ok_p 0
if {$computed_hash eq $hash} {
- ns_log Debug "__ad_verify_signature: Hash matches - Hash check OK"
+ set msg "Hash matches - Hash check OK"
set hash_ok_p 1
} else {
# check to see if IE is lame (and buggy!) and is expanding \n to \r\n
@@ -1058,22 +1060,24 @@
set computed_hash [ns_sha1 "$value$token_id$expire_time$secret_token"]
if {$computed_hash eq $hash} {
- ns_log Debug "__ad_verify_signature: Hash matches after correcting for IE bug - Hash check OK"
+ set msg "Hash matches after correcting for IE bug - Hash check OK"
set hash_ok_p 1
} else {
- ns_log Debug "__ad_verify_signature: Hash ($hash) doesn't match what we expected ($org_computed_hash) - Hash check FAILED"
+ set msg "Hash ($hash) doesn't match what we expected ($org_computed_hash) - Hash check FAILED"
}
}
+ ns_log $::security::log(signature) "__ad_verify_signature: $msg"
if { $expire_time == 0 } {
- ns_log Debug "__ad_verify_signature: No expiration time - Expiration OK"
+ set msg "No expiration time - Expiration OK"
set expiration_ok_p 1
} elseif { $expire_time > [ns_time] } {
- ns_log Debug "__ad_verify_signature: Expiration time ($expire_time) greater than current time ([ns_time]) - Expiration check OK"
+ set msg "Expiration time ($expire_time) greater than current time ([ns_time]) - Expiration check OK"
set expiration_ok_p 1
} else {
- ns_log Debug "__ad_verify_signature: Expiration time ($expire_time) less than or equal to current time ([ns_time]) - Expiration check FAILED"
+ set msg "Expiration time ($expire_time) less than or equal to current time ([ns_time]) - Expiration check FAILED"
}
+ ns_log $::security::log(signature) "__ad_verify_signature: $msg"
# Return validation result
return [expr {$hash_ok_p && $expiration_ok_p}]
@@ -1132,7 +1136,7 @@
lassign $cookie_value value signature
set expr_time [ad_verify_signature_with_expr -secret $secret $value $signature]
- ns_log Debug "Security: Done calling get_cookie $cookie_value for $name; received $expr_time expiration, getting $value and $signature."
+ ns_log $::security::log(signature) "Security: Done calling get_cookie $cookie_value for $name; received $expr_time expiration, getting $value and $signature."
if { $expr_time } {
return [list $value $expr_time]
@@ -1190,7 +1194,7 @@
# but that is a user interface expiration, that does
# not give us a security expiration. (from the
# security perspective, we use SessionLifetime)
- ns_log Debug "Security: SetSignedCookie: Using sec_session_lifetime [sec_session_lifetime]"
+ ns_log $::security::log(signature) "Security: SetSignedCookie: Using sec_session_lifetime [sec_session_lifetime]"
set signature_max_age [sec_session_lifetime]
}
}
Index: openacs-4/packages/acs-tcl/tcl/test/acs-tcl-test-procs.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/test/acs-tcl-test-procs.tcl,v
diff -u -N -r1.45 -r1.46
--- openacs-4/packages/acs-tcl/tcl/test/acs-tcl-test-procs.tcl 24 Mar 2018 00:14:57 -0000 1.45
+++ openacs-4/packages/acs-tcl/tcl/test/acs-tcl-test-procs.tcl 28 Mar 2018 07:27:10 -0000 1.46
@@ -525,14 +525,14 @@
aa_equals "error clause invoked on Tcl error" \
$error_called 1
- # Check that the Tcl error propigates up from the code block
+ # Check that the Tcl error propagates up from the code block
set error_p [catch {db_transaction { error "BAD CODE"}} errMsg]
- aa_equals "Tcl error propigates to errMsg from code block" \
+ aa_equals "Tcl error propagates to errMsg from code block" \
$errMsg "Transaction aborted: BAD CODE"
- # Check that the Tcl error propigates up from the on_error block
+ # Check that the Tcl error propagates up from the on_error block
set error_p [catch {db_transaction {set foo} on_error { error "BAD CODE"}} errMsg]
- aa_equals "Tcl error propigates to errMsg from on_error block" \
+ aa_equals "Tcl error propagates to errMsg from on_error block" \
$errMsg "BAD CODE"