ext/session/mod_mm: implement VALIDATE_SID handler

Rather than "manually" doing it in the READ handler

Author: Girgias

UPGRADING.INTERNALS

@@ -104,6 +104,12 @@ PHP 8.6 INTERNALS UPGRADE NOTES
     `void **mod_data, zend_string *save_path, zend_string *session_name`
     rather than
     `void **mod_data, const char *save_path, const char *session_name`
+  . PS_FUNCS() now includes the PS_VALIDATE_SID_FUNC()
+  . PS_MOD() now requires that the PS_CREATE_SID_FUNC() and
+    PS_VALIDATE_SID_FUNC() functions are defined.
+  . PS_FUNCS_SID() and PS_MOD_SID() have been removed.
+    Either use PS_FUNCS()/PS_MOD() or PS_FUNCS_UPDATE_TIMESTAMP()/
+    PS_MOD_UPDATE_TIMESTAMP() if timestamp support exists.
 
 - ext/standard:
   . _php_error_log() now has a formal return type of zend_result.

ext/session/mod_mm.c

@@ -215,7 +215,7 @@ static zend_result ps_mm_key_exists(ps_mm *data, const zend_string *key)
 }
 
 const ps_module ps_mod_mm = {
-	PS_MOD_SID(mm)
+	PS_MOD(mm)
 };
 
 #define PS_MM_DATA ps_mm *data = PS_GET_MOD_DATA()
@@ -346,26 +346,7 @@ PS_READ_FUNC(mm)
 
 	mm_lock(data->mm, MM_LOCK_RD);
 
-	/* If there is an ID and strict mode, verify existence */
-	if (PS(use_strict_mode)
-		&& ps_mm_key_exists(data, key) == FAILURE) {
-		/* key points to PS(id), but cannot change here. */
-		if (key) {
-			efree(PS(id));
-			PS(id) = NULL;
-		}
-		PS(id) = PS(mod)->s_create_sid((void **)&data);
-		if (!PS(id)) {
-			return FAILURE;
-		}
-		if (PS(use_cookies)) {
-			PS(send_cookie) = true;
-		}
-		php_session_reset_id();
-		PS(session_status) = php_session_active;
-	}
-
-	sd = ps_sd_lookup(data, PS(id), false);
+	sd = ps_sd_lookup(data, key, false);
 	if (sd) {
 		*val = zend_string_init(sd->data, sd->datalen, false);
 		ret = SUCCESS;
@@ -488,4 +469,23 @@ PS_CREATE_SID_FUNC(mm)
 	return sid;
 }
 
+/*
+ * Check session ID existence for use_strict_mode support.
+ * PARAMETERS: PS_VALIDATE_SID_ARGS in php_session.h
+ * RETURN VALUE: SUCCESS or FAILURE.
+ *
+ * Return SUCCESS for valid key(already existing session).
+ * Return FAILURE for invalid key(non-existing session).
+ * *mod_data, *key are guaranteed to have non-NULL values.
+ */
+PS_VALIDATE_SID_FUNC(mm)
+{
+	PS_MM_DATA;
+
+	mm_lock(data->mm, MM_LOCK_RD);
+	zend_result ret = ps_mm_key_exists(data, key)
+	mm_unlock(data->mm);
+	return ret;
+}
+
 #endif

ext/session/php_session.h

@@ -62,40 +62,23 @@ typedef struct ps_module_struct {
 #define PS_VALIDATE_SID_FUNC(x)	zend_result ps_validate_sid_##x(PS_VALIDATE_SID_ARGS)
 #define PS_UPDATE_TIMESTAMP_FUNC(x) 	zend_result ps_update_timestamp_##x(PS_UPDATE_TIMESTAMP_ARGS)
 
-/* Legacy save handler module definitions */
+/* Save handler module definitions without timestamp enabled */
 #define PS_FUNCS(x) \
 	PS_OPEN_FUNC(x); \
 	PS_CLOSE_FUNC(x); \
 	PS_READ_FUNC(x); \
 	PS_WRITE_FUNC(x); \
 	PS_DESTROY_FUNC(x); \
 	PS_GC_FUNC(x);	\
-	PS_CREATE_SID_FUNC(x)
+	PS_CREATE_SID_FUNC(x) \
+	PS_VALIDATE_SID_FUNC(x);
 
 #define PS_MOD(x) \
-	#x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \
-	 ps_delete_##x, ps_gc_##x, php_session_create_id, \
-	 php_session_validate_sid, php_session_update_timestamp
-
-/* Legacy SID creation enabled save handler module definitions */
-#define PS_FUNCS_SID(x) \
-	PS_OPEN_FUNC(x); \
-	PS_CLOSE_FUNC(x); \
-	PS_READ_FUNC(x); \
-	PS_WRITE_FUNC(x); \
-	PS_DESTROY_FUNC(x); \
-	PS_GC_FUNC(x); \
-	PS_CREATE_SID_FUNC(x); \
-	PS_VALIDATE_SID_FUNC(x); \
-	PS_UPDATE_TIMESTAMP_FUNC(x);
-
-#define PS_MOD_SID(x) \
 	#x, ps_open_##x, ps_close_##x, ps_read_##x, ps_write_##x, \
 	 ps_delete_##x, ps_gc_##x, ps_create_sid_##x, \
-	 php_session_validate_sid, php_session_update_timestamp
+	 ps_validate_sid_##x, NULL
 
-/* Update timestamp enabled save handler module definitions
-   New save handlers should use this API */
+/* Save handlers with timestamp enabled, it is recommended to use this API */
 #define PS_FUNCS_UPDATE_TIMESTAMP(x) \
 	PS_OPEN_FUNC(x); \
 	PS_CLOSE_FUNC(x); \