| sort -u
}
-GET(){ cgilite_value "${QUERY_STRING}" $@; }
+GET(){ cgilite_value "${QUERY_STRING}" "$@"; }
GET_COUNT(){ cgilite_count "${QUERY_STRING}" $1; }
GET_KEYS(){ cgilite_keys "${QUERY_STRING}"; }
-POST(){ cgilite_value "${cgilite_post}" $@; }
+POST(){ cgilite_value "${cgilite_post}" "$@"; }
POST_COUNT(){ cgilite_count "${cgilite_post}" $1; }
POST_KEYS(){ cgilite_keys "${cgilite_post}"; }
-REF(){ cgilite_value "${HTTP_REFERER#*\?}" $@; }
+REF(){ cgilite_value "${HTTP_REFERER#*\?}" "$@"; }
REF_COUNT(){ cgilite_count "${HTTP_REFERER#*\?}" $1; }
REF_KEYS(){ cgilite_keys "${HTTP_REFERER#*\?}"; }
file_size="$(stat -Lc %s "$file")"
file_date="$(stat -Lc %Y "$file")"
- http_date="$(date -uRd @$file_date)"
- http_date="${http_date%+0000}GMT"
+ http_date="$(date -ud "@$file_date" +"%a, %d %b %Y %T GMT")"
cachedate="$(
# Parse the allowable date formats from Section 3.3.1 of
# https://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html
} else if ( AllowHTML && match( block, /^ ? ? ?(<\/[A-Za-z][A-Za-z0-9-]*[[:space:]]*>|<[A-Za-z][A-Za-z0-9-]*([[:space:]]+[A-Za-z_:][A-Za-z0-9_\.:-]*([[:space:]]*=[[:space:]]*([[:space:]"'=<>`]+|"[^"]*"|'[^']*'))?)*[[:space:]]*\/?>)([[:space:]]*\n)([^\n]|\n[ \t]*[^\n])*(\n[[:space:]]*\n|$)/) ) {
len = RLENGTH; st = RSTART;
return substr(block, st, len) _block(substr(block, st + len));
-
- # Horizontal rule
- } else if ( match( block, /(^|\n) ? ? ?((\* *){3,}|(- *){3,}|(_ *){3,})($|\n)/) ) {
- len = RLENGTH; st = RSTART;
- return _block(substr(block, 1, st - 1)) "<hr />\n" _block(substr(block, st + len));
# Blockquote (leading >)
} else if ( match( block, /^> /) ) {
return "<h" hlvl " id=\"" hid " - " HTML(htxt) "\">" inline( htxt ) "</h" hlvl ">\n\n" \
_block( substr( block, len + 1) );
+ # Horizontal rule
+ } else if ( match( block, /(^|\n) ? ? ?((\* *){3,}|(- *){3,}|(_ *){3,})($|\n)/) ) {
+ len = RLENGTH; st = RSTART;
+ return _block(substr(block, 1, st - 1)) "<hr />\n" _block(substr(block, st + len));
+
# Plain paragraph
} else {
match( block, /(^|\n)[[:space:]]*(\n|$)/ ) || match( block, /$/ );
[ -n "$include_session" ] && return 0
include_session="$0"
+_DATE="$(date +%s)"
+SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
+
if ! which uuencode >/dev/null; then
uuencode() { busybox uuencode "$@"; }
fi
sha256sum() { busybox sha256sum "$@"; }
fi
-_DATE="$(date +%s)"
-SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
+if which openssl >/dev/null; then
+ session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode; }
+else
+ # Gonzo MAC if openssl is unavailable
+ session_mac(){
+ { server_key | dd status=none bs=256 count=1 skip=1
+ { server_key | dd status=none bs=256 count=1
+ [ $# -gt 0 ] && printf %s "$*" || cat
+ } \
+ | sha256sum -;
+ } \
+ | sha256sum | cut -d\ -f1
+ }
+fi
server_key(){
IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
# 6-Bit Code that retains sort order of input data, while beeing safe to use
# in ascii transmissions, unix file names, HTTP URLs, and HTML attributes
- uuencode -m - | sed '
+ { [ $# -gt 0 ] && printf %s "$*" || cat; } \
+ | uuencode -m - | sed '
1d;$d;
y;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/;0123456789:=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz;
'
}
-session_mac(){
- local info
- [ $# -eq 0 ] && info="$(cat)" || info="$*"
-
- if which openssl >/dev/null; then
- printf %s "$info" |openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode
- else
- { printf %s "$info"; server_key; } |sha256sum |cut -d\ -f1
- fi
-}
-
randomid(){
dd bs=12 count=1 if=/dev/urandom 2>&- \
| slopecode
} | slopecode
}
-checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
-
transid(){
# transaction ID to modify a given file
local file="$1"
session_mac "$(stat -c %F%i%n%N%s%Y "$file" 2>&-)" "$SESSION_ID"
}
+checkid(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
+
update_session(){
local session sid time sig checksig
printf %s\\n "${sid} ${time} ${sig}"
}
-SESSION_KEY="$(update_session)"
-SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
-SESSION_ID="${SESSION_KEY%% *}"
-
SESSION_BIND() {
+ # Set tamper-proof authenticated cookie
local key="$1" value="$2"
SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
}
SESSION_VAR() {
- local key="$1"
- local value sig
+ # read authenticated cookie
+ # fail if value has been tampered with
+ local key="$1" value sig
value="$(COOKIE "$key")"
sig="${value##* }" value="${value% *}"
if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then
return 1
fi
}
+
+SESSION_KEY="$(update_session)"
+SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
+SESSION_ID="${SESSION_KEY%% *}"
update|replace)
k="$1" key="$(STRING "$1")" value="$(STRING "$2")"
LOCK "$file" || return 1
- if ! DBM check "$k"; then
+ if ! DBM "$file" check "$k"; then
RELEASE "$file"
return 1
fi
append)
key="$(STRING "$1")" value="$(STRING "$2")"
LOCK "$file" || return 1
- if ! DBM check "$1"; then
+ if ! DBM "$file" check "$1"; then
RELEASE "$file"
return 1
fi
projects / serve0 / commitdiff