--- /dev/null
+#!/bin/sh
+
+[ -n "$include_session" ] && return 0
+include_session="$0"
+
+server_key(){
+ IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
+ if ! grep -m1 -xE '.{512}' "$IDFILE"; then
+ dd count=1 bs=512 if=/dev/urandom \
+ | tee "$IDFILE"
+ fi 2>&-
+}
+
+slopecode(){
+ # 6-Bit Code that retains sort order of input data, while beeing safe to use
+ # in ascii transmissions, unix file names, HTTP URLs, and HTML attributes
+
+ uuencode -m - | sed '
+ 1d;$d;
+ y;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/;0123456789:=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz;
+ '
+}
+
+randomid(){
+ dd bs=12 count=1 if=/dev/urandom \
+ | slopecode 2>&-
+}
+
+timeid(){
+ d=$(($(date +%s) % 4294967296))
+ { printf "$(
+ printf \\%o \
+ $((d / 16777216 % 256)) \
+ $((d / 65536 % 256)) \
+ $((d / 256 % 256)) \
+ $((d % 256))
+ )"
+ dd bs=8 count=1 if=/dev/urandom
+ } | slopecode 2>&-
+}
+
+checkid(){ grep -m 1 -xE '[0-9a-zA-Z:_]{16}'; }
+
+update_session(){
+ local session sid time sig serverkey checksig
+
+ IFS=- read -r sid time sig <<-END
+ $(COOKIE session)
+ END
+ serverkey="$(server_key)"
+
+ checksig="$(printf %s "$sid" "$time" "$serverkey" | sha256sum)"
+ checksig="${checksig%% *}"
+ d=$(date +%s)
+
+ if [ "$checksig" != "$sig" -o "$time" -lt "$d" ] 2>&-; then
+ sid="$(randomid)"
+ fi
+
+ time=$(( $(date +%s) + 7200 ))
+ sig="$(printf %s "$sid" "$time" "$serverkey" |sha256sum)"
+ sig="${sig%% *}"
+ printf %s\\n "${sid}-${time}-${sig}"
+}
+
+SESSION_ID="$(update_session)"
+SET_COOKIE 0 "session=$SESSION_ID"
+SESSION_ID="${SESSION_ID%%-*}"