LOGFILE="${LOGFILE:-/dev/stderr}"
logmsg(){
- if [ "${1:-3}" -le "$LOGLEVEL" ]; then
- [ "$#" -gt 1 ] \
- && printf %s\\n "$*" >>"${LOGFILE}" \
- || tee -a "${LOGFILE}"
+ local ll="${1:-3}"
+ shift 1
+ if [ "$ll" -le "$LOGLEVEL" -a "$#" -gt 0 ]; then
+ printf %s\\n "$*" >>"${LOGFILE}"
+ elif [ "$ll" -le "$LOGLEVEL" ]; then
+ tee -a "${LOGFILE}"
+ elif [ ! "$#" -gt 0 ]; then
+ cat
fi
}
-
die(){
[ "$#" -gt 0 ] && logmsg 1 "$@"
exit 1
server_key(){
IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
- if ! grep -m1 -xE '.{512}' "$IDFILE"; then
+ if [ "$(stat -c %s "$IDFILE")" -ne 512 ] || ! cat "$IDFILE"; then
dd count=1 bs=512 if=/dev/urandom \
| tee "$IDFILE"
fi 2>&-
}
randomid(){
- dd bs=12 count=1 if=/dev/urandom \
- | slopecode 2>&-
+ dd bs=12 count=1 if=/dev/urandom 2>&- \
+ | slopecode
}
timeid(){
$((d / 256 % 256)) \
$((d % 256))
)"
- dd bs=8 count=1 if=/dev/urandom
- } | slopecode 2>&-
+ dd bs=8 count=1 if=/dev/urandom 2>&-
+ } | slopecode
}
checkid(){ grep -m 1 -xE '[0-9a-zA-Z:_]{16}'; }
checksig="${checksig%% *}"
d=$(date +%s)
- if [ "$checksig" != "$sig" -o "$time" -lt "$d" ] 2>&-; then
+ if [ "$checksig" != "$sig" \
+ -o "$time" -lt "$d" \
+ -o ! "$(printf %s "$sid" |checkid)" ] 2>&-
+ then
+ debug Setting up new session
sid="$(randomid)"
fi
}
SESSION_ID="$(update_session)"
-SET_COOKIE 0 "session=$SESSION_ID" HttpOnly
+SET_COOKIE 0 session="$SESSION_ID" Path=/ SameSite=Strict HttpOnly
SESSION_ID="${SESSION_ID%%-*}"
projects / cgilite / commitdiff