mod_session: Session expiry was being initialised, but not updated

on each session save, resulting in timed out sessions when there
should not have been. Fixed.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@905490 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 9 insertions, 0 deletions

diff --git a/modules/session/mod_session.c b/modules/session/mod_session.c
index fa56b36831..b6a75591ea 100644
--- a/modules/session/mod_session.c
+++ b/modules/session/mod_session.c
@@ -174,6 +174,9 @@ static int ap_session_save(request_rec * r, session_rec * z)
         apr_time_t now = apr_time_now();
         int rv = 0;
 
+        session_dir_conf *dconf = ap_get_module_config(r->per_dir_config,
+                                                       &session_module);
+
         /* sanity checks, should we try save at all? */
         if (z->written) {
             ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, SESSION_PREFIX
@@ -188,6 +191,12 @@ static int ap_session_save(request_rec * r, session_rec * z)
             return APR_EGENERAL;
         }
 
+        /* reset the expiry back to maxage, if the expiry is present */
+        if (dconf->maxage) {
+            z->expiry = now + dconf->maxage * APR_USEC_PER_SEC;
+            z->maxage = dconf->maxage;
+        }
+
         /* encode the session */
         rv = ap_run_session_encode(r, z);
         if (OK != rv) {