3 [ -n "$include_session" ] && return 0
7 SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
10 IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
11 if [ "$(stat -c %s "$IDFILE")" -ne 512 ] || ! cat "$IDFILE"; then
12 dd count=1 bs=512 if=/dev/urandom \
18 # 6-Bit Code that retains sort order of input data, while beeing safe to use
19 # in ascii transmissions, unix file names, HTTP URLs, and HTML attributes
23 y;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/;0123456789:=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz;
29 [ $# -eq 0 ] && info="$(cat)" || info="$*"
31 if which openssl >/dev/null; then
32 printf %s "$info" |openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode
34 { printf %s "$info"; server_key; } |sha256sum |cut -d\ -f1
39 dd bs=12 count=1 if=/dev/urandom 2>&- \
44 d=$(($_DATE % 4294967296))
47 $((d / 16777216 % 256)) \
48 $((d / 65536 % 256)) \
52 dd bs=8 count=1 if=/dev/urandom 2>&-
56 checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
59 # transaction ID to modify a given file
61 session_mac "$(stat -c %F%i%n%N%s%Y "$file" 2>&-)" "$SESSION_ID"
65 local session sid time sig checksig
67 read -r sid time sig <<-END
68 $(POST session_key || COOKIE session)
71 checksig="$(session_mac "$sid" "$time")"
73 if ! [ "$checksig" = "$sig" \
74 -a "$time" -ge "$_DATE" \
75 -a "$(printf %s "$sid" |checkid)" ] 2>&-
77 debug "Setting up new session"
81 time=$(( $_DATE + $SESSION_TIMEOUT ))
82 sig="$(session_mac "$sid" "$time")"
83 printf %s\\n "${sid} ${time} ${sig}"
86 SESSION_KEY="$(update_session)"
87 SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
88 SESSION_ID="${SESSION_KEY%% *}"
91 local key="$1" value="$2"
92 SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
98 value="$(COOKIE "$key")"
99 sig="${value##* }" value="${value% *}"
100 if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then
101 printf %s\\n "$value"