2013/10/29 Reindl Harald <h.reindl@thelounge.net>


Am 29.10.2013 14:53, schrieb Igor Zinovik:
> My roundcube does not allow me to login into my mailbox.  It just writes:
> " invalid request no data was saved "
>
> I enabled all logging settings in main.inc.php
> $rcmail_config['smtp_log'] = true;
> $rcmail_config['log_logins'] = true;
> $rcmail_config['log_session'] = true;
> $rcmail_config['sql_debug'] = true;
> $rcmail_config['imap_debug'] = true;
>
> My Apache is able to successfully save sessions to /var/lib/php5/

that's nice but roundcube still insists to not use the php session-handler
otherwise i would no longer need to carry the patch from months ago in the RPM-SPEC

Hm...
# grep session_storage /etc/roundcubemail/main.inc.php
$rcmail_config['session_storage'] = 'db';

As I understand you patch just makes database default storage session.

Sessions are successfully createin in 'session' table.  After 3 login attempts I
can see following:
# mysql -u roundcube -p roundcube -e 'select count(*) from session'
Enter password:
+----------+
| count(*) |
+----------+
|        3 |
+----------+



Patch2: roundcubemail_native_session_handler.patch

[builduser@buildserver:/rpmbuild/SPECS]$ cat ../SOURCES/roundcubemail_native_session_handler.patch
diff --git a/config/main.inc.php.dist b/config/main.inc.php.dist
index 4a73ff1..58332cb 100644
--- a/config/main.inc.php.dist
+++ b/config/main.inc.php.dist
@@ -254,9 +254,10 @@ $rcmail_config['session_name'] = null;
 // Session path. Defaults to PHP session.cookie_path setting.
 $rcmail_config['session_path'] = null;

-// Backend to use for session storage. Can either be 'db' (default) or 'memcache'
-// If set to memcache, a list of servers need to be specified in 'memcache_hosts'
+// Backend to use for session storage. Can either be 'db' (default), 'memcache' or 'php'
+// If set to 'memcache', a list of servers need to be specified in 'memcache_hosts'
 // Make sure the Memcache extension (http://pecl.php.net/package/memcache) version >= 2.0.0 is installed
+// Setting this value to 'php' will use the default session save handler configured in PHP
 $rcmail_config['session_storage'] = 'db';

 // Use these hosts for accessing memcached
diff --git a/program/include/rcmail.php b/program/include/rcmail.php
index 89f2f96..a7ddb1e 100644
--- a/program/include/rcmail.php
+++ b/program/include/rcmail.php
@@ -746,7 +746,7 @@ class rcmail extends rcube

     // before closing the database connection, write session data
     if ($_SERVER['REMOTE_ADDR'] && is_object($this->session)) {
-      session_write_close();
+      $this->session->write_close();
     }

     // write performance stats to logs/console
diff --git a/program/lib/Roundcube/rcube.php b/program/lib/Roundcube/rcube.php

index 4471ace..4e3f8fc 100644

--- a/program/lib/Roundcube/rcube.php

+++ b/program/lib/Roundcube/rcube.php

@@ -457,7 +457,6 @@ class rcube

         ini_set('session.name', $sess_name ? $sess_name : 'roundcube_sessid');

         ini_set('session.use_cookies', 1);

         ini_set('session.use_only_cookies', 1);

-        ini_set('session.serialize_handler', 'php');

         ini_set('session.cookie_httponly', 1);



         // use database for storing session data

@@ -471,7 +470,7 @@ class rcube



         // start PHP session (if not in CLI mode)
         if ($_SERVER['REMOTE_ADDR']) {
-            session_start();
+            $this->session->start();
         }
     }

diff --git a/program/lib/Roundcube/rcube_session.php b/program/lib/Roundcube/rcube_session.php
index dedde22..4e06827 100644
--- a/program/lib/Roundcube/rcube_session.php
+++ b/program/lib/Roundcube/rcube_session.php
@@ -42,6 +42,7 @@ class rcube_session
     private $secret = '';
     private $ip_check = false;
     private $logging = false;
+    private $storage;
     private $memcache;


@@ -59,11 +60,14 @@ class rcube_session
         $this->set_lifetime($lifetime);

         // use memcache backend
-        if ($config->get('session_storage', 'db') == 'memcache') {
+        $this->storage = $config->get('session_storage', 'db');
+        if ($this->storage == 'memcache') {
             $this->memcache = rcube::get_instance()->get_memcache();

             // set custom functions for PHP session management if memcache is available
             if ($this->memcache) {
+                ini_set('session.serialize_handler', 'php');
+
                 session_set_save_handler(
                     array($this, 'open'),
                     array($this, 'close'),
@@ -79,7 +83,9 @@ class rcube_session
                 true, true);
             }
         }
-        else {
+        else if ($this->storage != 'php') {
+            ini_set('session.serialize_handler', 'php');
+
             // set custom functions for PHP session management
             session_set_save_handler(
                 array($this, 'open'),
@@ -92,6 +98,22 @@ class rcube_session
     }


+    /**
+     * Wrapper for session_start()
+     */
+    public function start()
+    {
+        session_start();
+
+        // copy some session properties to object vars
+        if ($this->storage == 'php') {
+            $this->key     = session_id();
+            $this->ip      = $_SESSION['__IP'];
+            $this->changed = $_SESSION['__MTIME'];
+        }
+    }
+
+
     public function open($save_path, $session_name)
     {
         return true;
@@ -116,6 +138,20 @@ class rcube_session


     /**
+     * Wrapper for session_write_close()
+     */
+    public function write_close()
+    {
+        if ($this->storage == 'php') {
+            $_SESSION['__IP'] = $this->ip;
+            $_SESSION['__MTIME'] = time();
+        }
+
+        session_write_close();
+    }
+
+
+    /**
      * Read session data from database
      *
      * @param string Session ID