From: Paul Hänsch <paul@plutz.net>
Date: Sat, 24 Jul 2021 20:08:41 +0000 (+0200)
Subject: Merge commit '752db311013e53c3c16f685f86b507e191b2239c'
X-Git-Url: https://git.plutz.net/?a=commitdiff_plain;h=57b8376ada25742ac4d1078997bdeeeb20c56911;hp=-c;p=webpoll

Merge commit '752db311013e53c3c16f685f86b507e191b2239c'
---

57b8376ada25742ac4d1078997bdeeeb20c56911
diff --combined cgilite/session.sh
index b9cef4d,8929ab3..8929ab3
--- a/cgilite/session.sh
+++ b/cgilite/session.sh
@@@ -3,6 -3,9 +3,9 @@@
  [ -n "$include_session" ] && return 0
  include_session="$0"
  
+ _DATE="$(date +%s)"
+ SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
+ 
  if ! which uuencode >/dev/null; then
    uuencode() { busybox uuencode "$@"; }
  fi
@@@ -10,8 -13,12 +13,12 @@@ if ! which sha256sum >/dev/null; the
    sha256sum() { busybox sha256sum "$@"; }
  fi
  
- _DATE="$(date +%s)"
- SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
+ if which openssl >/dev/null; then
+   session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode; }
+ else
+   # sham hmac if openssl is unavailable
+   session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; server_key; } | sha256sum |cut -d\  -f1; }
+ fi
  
  server_key(){
    IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
@@@ -25,23 -32,13 +32,13 @@@ slopecode()
    # 6-Bit Code that retains sort order of input data, while beeing safe to use
    # in ascii transmissions, unix file names, HTTP URLs, and HTML attributes
  
-   uuencode -m - | sed '
+   { [ $# -gt 0 ] && printf %s "$*" || cat; } \
+   | uuencode -m - | sed '
      1d;$d; 
      y;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/;0123456789:=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz;
    '
  }
  
- session_mac(){
-   local info
-   [ $# -eq 0 ] && info="$(cat)" || info="$*"
- 
-   if which openssl >/dev/null; then
-     printf %s "$info" |openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode
-   else
-     { printf %s "$info"; server_key; } |sha256sum |cut -d\  -f1
-   fi
- }
- 
  randomid(){
    dd bs=12 count=1 if=/dev/urandom 2>&- \
    | slopecode
@@@ -60,14 -57,14 +57,14 @@@ timeid()
    } | slopecode
  }
  
- checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
- 
  transid(){
    # transaction ID to modify a given file
    local file="$1"
    session_mac "$(stat -c %F%i%n%N%s%Y "$file" 2>&-)" "$SESSION_ID"
  }
  
+ checkid(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
+ 
  update_session(){
    local session sid time sig checksig
  
@@@ -90,18 -87,16 +87,16 @@@
    printf %s\\n "${sid} ${time} ${sig}"
  }
  
- SESSION_KEY="$(update_session)"
- SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
- SESSION_ID="${SESSION_KEY%% *}"
- 
  SESSION_BIND() {
+   # Set tamper-proof authenticated cookie
    local key="$1" value="$2"
    SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
  }
  
  SESSION_VAR() {
-   local key="$1"
-   local value sig
+   # read authenticated cookie
+   # fail if value has been tampered with
+   local key="$1" value sig
    value="$(COOKIE "$key")"
    sig="${value##* }" value="${value% *}"
    if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then
@@@ -110,3 -105,7 +105,7 @@@
      return 1
    fi
  }
+ 
+ SESSION_KEY="$(update_session)"
+ SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
+ SESSION_ID="${SESSION_KEY%% *}"