Revert "[mms] Only store keys in cookie if cookies are in use (Bug #1…

…3284; thomas.jarosch@intra2net.com)." This reverts commit 6c50180. This completely broke authentication with any DAV access. Conflicts: framework/Secret/package.xml
horde · Jul 4, 2014 · 512a250 · 512a250
1 parent 82e9ee9
commit 512a250
Showing 1 changed file with 11 additions and 13 deletions.
diff --git a/framework/Secret/lib/Horde/Secret.php b/framework/Secret/lib/Horde/Secret.php
@@ -124,7 +124,7 @@ protected function _getCipherOb($key)
 
     /**
      * Generate a secret key (for encryption), either using a random
-     * string and storing it in a cookie if the user has cookies
+     * md5 string and storing it in a cookie if the user has cookies
      * enabled, or munging some known values if they don't.
      *
      * @param string $keyname  The name of the key to set.
@@ -133,17 +133,23 @@ protected function _getCipherOb($key)
      */
     public function setKey($keyname = self::DEFAULT_KEY)
     {
+        $set = true;
+
         if (isset($_COOKIE[$this->_params['session_name']])) {
             if (isset($_COOKIE[$keyname . '_key'])) {
                 $key = $_COOKIE[$keyname . '_key'];
+                $set = false;
             } else {
                 $key = $_COOKIE[$keyname . '_key'] = strval(new Horde_Support_Randomid());
-                $this->_setCookie($keyname, $key);
             }
         } else {
             $key = session_id();
         }
 
+        if ($set) {
+            $this->_setCookie($keyname, $key);
+        }
+
         return $key;
     }
 
@@ -181,13 +187,9 @@ public function getKey($keyname = self::DEFAULT_KEY)
      */
     public function clearKey($keyname = self::DEFAULT_KEY)
     {
-        if (isset($_COOKIE[$this->_params['session_name']])) {
-            if (isset($_COOKIE[$keyname . '_key'])) {
-                $this->_setCookie($keyname, false);
-                return true;
-            }
-        } elseif (isset($this->_keyCache[$keyname])) {
-            unset($this->_keyCache[$keyname]);
+        if (isset($_COOKIE[$this->_params['session_name']]) &&
+            isset($_COOKIE[$keyname . '_key'])) {
+            $this->_setCookie($keyname, false);
             return true;
         }
 
@@ -202,10 +204,6 @@ public function clearKey($keyname = self::DEFAULT_KEY)
      */
     protected function _setCookie($keyname, $key)
     {
-        if (!isset($_COOKIE[$this->_params['session_name']])) {
-            return;
-        }
-
         @setcookie(
             $keyname . '_key',
             $key,