debug function

[cgilite] / session.sh

#!/bin/sh

[ -n "$include_session" ] && return 0
include_session="$0"

_DATE="$(date +%s)"
SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"

server_key(){
  IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
  if [ "$(stat -c %s "$IDFILE")" -ne 512 ] || ! cat "$IDFILE"; then
    dd count=1 bs=512 if=/dev/urandom \
    | tee "$IDFILE"
  fi 2>&-
}

slopecode(){
  # 6-Bit Code that retains sort order of input data, while beeing safe to use
  # in ascii transmissions, unix file names, HTTP URLs, and HTML attributes

  uuencode -m - | sed '
    1d;$d; 
    y;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/;0123456789:=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz;
  '
}

randomid(){
  dd bs=12 count=1 if=/dev/urandom 2>&- \
  | slopecode
}

timeid(){
  d=$(($_DATE % 4294967296))
  { printf "$(
      printf \\%o \
        $((d / 16777216 % 256)) \
        $((d / 65536 % 256)) \
        $((d / 256 % 256)) \
        $((d % 256))
    )"
    dd bs=8 count=1 if=/dev/urandom 2>&-
  } | slopecode
}

checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }

transid(){
  # transaction ID to modify a given file
  local file="$1"
  { stat -c %F%i%n%N%s%Y "$file" 2>&-
    printf %s "$SESSION_ID"
    server_key
  } | sha256sum | cut -d\  -f1
}

update_session(){
  local session sid time sig serverkey checksig

  IFS=- read -r sid time sig <<-END
        $(COOKIE session)
        END
  serverkey="$(server_key)"
  
  checksig="$(printf %s "$sid" "$time" "$serverkey" | sha256sum)"
  checksig="${checksig%% *}"
  
  if ! [ "$checksig" = "$sig" \
    -a "$time" -ge "$_DATE" \
    -a "$(printf %s "$sid" |checkid)" ] 2>&-
  then
    debug Setting up new session
    sid="$(randomid)"
  fi

  time=$(( $_DATE + $SESSION_TIMEOUT ))
  sig="$(printf %s "$sid" "$time" "$serverkey" |sha256sum)"
  sig="${sig%% *}"
  printf %s\\n "${sid}-${time}-${sig}"
}

SESSION_ID="$(update_session)"
SET_COOKIE 0 session="$SESSION_ID" Path=/ SameSite=Strict HttpOnly
SESSION_ID="${SESSION_ID%%-*}"