Add optional expiration date to http_cookie_create

So far, libweb had been arbitrarily appending a 1-year expiration date
to all HTTP cookies. While good enough for some contexts, libweb should
allow users to set up their own, if any, so this arbitary decision has
been eventually removed.

1 files changed, 13 insertions, 23 deletions

diff --git a/http.c b/http.c
index 806171d..098912b 100644
--- a/http.c
+++ b/http.c
@@ -2748,29 +2748,11 @@ failure:
     return ret;
 }
 
-static int append_expire(struct dynstr *const d)
+static int append_expire(struct dynstr *const d, const struct tm *const exp)
 {
-    time_t t = time(NULL);
-
-    if (t == (time_t)-1)
-    {
-        fprintf(stderr, "%s: time(3): %s\n", __func__, strerror(errno));
-        return -1;
-    }
-
-    t += 365 * 24 * 60 * 60;
-
-    struct tm tm;
-
-    if (!localtime_r(&t, &tm))
-    {
-        fprintf(stderr, "%s: localtime_r(3): %s\n", __func__, strerror(errno));
-        return -1;
-    }
-
     char s[sizeof "Thu, 01 Jan 1970 00:00:00 GMT"];
 
-    if (!strftime(s, sizeof s, "%a, %d %b %Y %H:%M:%S GMT", &tm))
+    if (!strftime(s, sizeof s, "%a, %d %b %Y %H:%M:%S GMT", exp))
     {
         fprintf(stderr, "%s: strftime(3) failed\n", __func__);
         return -1;
@@ -2784,15 +2766,23 @@ static int append_expire(struct dynstr *const d)
     return 0;
 }
 
-char *http_cookie_create(const char *const key, const char *const value)
+char *http_cookie_create(const char *const key, const char *const value,
+    const struct tm *const exp)
 {
     struct dynstr d;
 
     dynstr_init(&d);
 
-    if (dynstr_append(&d, "%s=%s; HttpOnly; SameSite=Strict", key, value)
-        || append_expire(&d))
+    if (dynstr_append(&d, "%s=%s; HttpOnly; SameSite=Strict", key, value))
+    {
+        fprintf(stderr, "%s: dynstr_append failed\n", __func__);
         goto failure;
+    }
+    else if (exp && append_expire(&d, exp))
+    {
+        fprintf(stderr, "%s: append_expire failed\n", __func__);
+        goto failure;
+    }
 
     return d.str;