From 2607c613331d26f5494797a961b9e28a63daeda1 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 30 Jan 2012 07:35:49 +0000
Subject: [PATCH] Session: Don't attempt to fetch new sessions from session
 handlers.

Thanks to Synacor, Inc. for providing this patch!

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3025 44740490-163a-0410-bde0-09ae8108e29a
---
 lib/SimpleSAML/Session.php              | 11 ++++++++++-
 lib/SimpleSAML/SessionHandlerCookie.php |  1 +
 lib/SimpleSAML/SessionHandlerPHP.php    |  4 +++-
 3 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index 9f4a62319..4f6508523 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -956,6 +956,15 @@ class SimpleSAML_Session {
 		return $ret;
 	}
 
+	/**
+	 * Create a new session and cache it.
+	 *
+	 * @param string $sessionId  The new session we should create.
+	 */
+	public static function createSession($sessionId) {
+		assert('is_string($sessionId)');
+		self::$sessions[$sessionId] = NULL;
+	}
 
 	/**
 	 * Load a session from the session handler.
@@ -975,7 +984,7 @@ class SimpleSAML_Session {
 			$checkToken = FALSE;
 		}
 
-		if (isset(self::$sessions[$sessionId])) {
+		if (array_key_exists($sessionId, self::$sessions)) {
 			return self::$sessions[$sessionId];
 		}
 
diff --git a/lib/SimpleSAML/SessionHandlerCookie.php b/lib/SimpleSAML/SessionHandlerCookie.php
index 0156a311a..9d6d84618 100644
--- a/lib/SimpleSAML/SessionHandlerCookie.php
+++ b/lib/SimpleSAML/SessionHandlerCookie.php
@@ -55,6 +55,7 @@ extends SimpleSAML_SessionHandler {
 			if(!self::isValidSessionID($this->session_id)) {
 				/* We don't have a valid session. Create a new session id. */
 				$this->session_id = self::createSessionID();
+				SimpleSAML_Session::createSession($this->session_id);
 				$this->setCookie($this->cookie_name, $this->session_id);
 			}
 		}
diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index 02188aeca..1d07f3707 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -73,7 +73,9 @@ class SimpleSAML_SessionHandlerPHP extends SimpleSAML_SessionHandler {
 				}
 
 				/* Session cookie unset - session id not set. Generate new (secure) session id. */
-				session_id(SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16)));
+				$sessionId = SimpleSAML_Utilities::stringToHex(SimpleSAML_Utilities::generateRandomBytes(16));
+				SimpleSAML_Session::createSession($sessionId);
+				session_id($sessionId);
 			}
 			
 			session_start();
-- 
GitLab