From 280b6cc5ddcedd4f744806f965e0165fb0a8f0b2 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Paul=20H=C3=A4nsch?= Date: Sun, 25 Jul 2021 04:46:25 +0200 Subject: [PATCH] Squashed 'cgilite/' changes from b089a33..52e7985 52e7985 enable pipe/argument choice for more functions b65a5ae md: heading identifiers git-subtree-dir: cgilite git-subtree-split: 52e798535235e32bd536c3275d25aa7fda65f27d --- markdown.awk | 16 +++++++++++----- session.sh | 43 +++++++++++++++++++++---------------------- 2 files changed, 32 insertions(+), 27 deletions(-) diff --git a/markdown.awk b/markdown.awk index 9738180..512be5d 100755 --- a/markdown.awk +++ b/markdown.awk @@ -43,6 +43,7 @@ # Extensions - Block elements: # ---------------------------- # - ? Heading identifiers (php md, pandoc) +# - [x] Automatic heading identifiers (custom) # - [x] Fenced code blocks (php md, pandoc) # - [-] Fenced code attributes # - [ ] Tables @@ -347,21 +348,25 @@ function _block( block, LOCAL, st, len, hlvl, htxt, guard, code, indent ) { # First Order Heading } else if ( match( block, /^[^\n]+\n===+(\n|$)/ ) ) { len = RLENGTH; - return "

" inline( gensub( /\n.*$/, "", "g", block ) ) "

\n\n" \ + HL[1]++; HL[2] = 0; HL[3] = 0; HL[4] = 0; HL[5] = 0; HL[6] = 0; + return "

" inline( gensub( /\n.*$/, "", "g", block ) ) "

\n\n" \ _block( substr( block, len + 1 ) ); # Second Order Heading } else if ( match( block, /^[^\n]+\n---+(\n|$)/ ) ) { len = RLENGTH; - return "

" inline( gensub( /\n.*$/, "", "g", block ) ) "

\n\n" \ + HL[2]++; HL[3] = 0; HL[4] = 0; HL[5] = 0; HL[6] = 0; + return "

" inline( gensub( /\n.*$/, "", "g", block ) ) "

\n\n" \ _block( substr( block, len + 1) ); # Nth Order Heading - } else if ( match( block, /^#{1,6}[[:space:]]*[^\n]+([[:space:]]*#*)(\n|$)/ ) ) { + } else if ( match( block, /^#{1,6}[ \t]*[^\n]+([ \t]*#*)(\n|$)/ ) ) { len = RLENGTH; hlvl = length( gensub( /^(#{1,6}).*$/, "\\1", "g", block ) ); - htxt = gensub( /[[:space:]]*#*$/, "", "1", gensub( /^#{1,6}[[:space:]]*([^\n]+)([[:space:]]*#*)\n.*$/, "\\1", "g", block ) ) - return "" inline( htxt ) "\n\n" \ + htxt = gensub(/^#{1,6}[ \t]*(([^ \t\n]+|[ \t]+[^ \t\n#]|[ \t]+#+[^\n#])+)([ \t]*#*)(\n.*)?$/, "\\1", 1, block); + HL[hlvl]++; for ( n = hlvl + 1; n < 7; n++) { HL[n] = 0;} + hid = HL[1]; for ( n = 2; n <= hlvl; n++) { hid = hid "." HL[n] ; } + return "" inline( htxt ) "\n\n" \ _block( substr( block, len + 1) ); # Plain paragraph @@ -409,6 +414,7 @@ BEGIN { # Global Vars file = ""; rl_href[""] = ""; rl_title[""] = ""; if (ENVIRON["MD_HTML"] == "true") { AllowHTML = "true"; } + HL[1] = 0; HL[2] = 0; HL[3] = 0; HL[4] = 0; HL[5] = 0; HL[6] = 0; # Buffering of full file ist necessary, e.g. to find reference links while (getline) { file = file $0 "\n"; } diff --git a/session.sh b/session.sh index b9cef4d..8929ab3 100755 --- a/session.sh +++ b/session.sh @@ -3,6 +3,9 @@ [ -n "$include_session" ] && return 0 include_session="$0" +_DATE="$(date +%s)" +SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}" + if ! which uuencode >/dev/null; then uuencode() { busybox uuencode "$@"; } fi @@ -10,8 +13,12 @@ if ! which sha256sum >/dev/null; then sha256sum() { busybox sha256sum "$@"; } fi -_DATE="$(date +%s)" -SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}" +if which openssl >/dev/null; then + session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode; } +else + # sham hmac if openssl is unavailable + session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; server_key; } | sha256sum |cut -d\ -f1; } +fi server_key(){ IDFILE="${IDFILE:-${_DATA:-.}/serverkey}" @@ -25,23 +32,13 @@ slopecode(){ # 6-Bit Code that retains sort order of input data, while beeing safe to use # in ascii transmissions, unix file names, HTTP URLs, and HTML attributes - uuencode -m - | sed ' + { [ $# -gt 0 ] && printf %s "$*" || cat; } \ + | uuencode -m - | sed ' 1d;$d; y;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/;0123456789:=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz; ' } -session_mac(){ - local info - [ $# -eq 0 ] && info="$(cat)" || info="$*" - - if which openssl >/dev/null; then - printf %s "$info" |openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode - else - { printf %s "$info"; server_key; } |sha256sum |cut -d\ -f1 - fi -} - randomid(){ dd bs=12 count=1 if=/dev/urandom 2>&- \ | slopecode @@ -60,14 +57,14 @@ timeid(){ } | slopecode } -checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; } - transid(){ # transaction ID to modify a given file local file="$1" session_mac "$(stat -c %F%i%n%N%s%Y "$file" 2>&-)" "$SESSION_ID" } +checkid(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; } + update_session(){ local session sid time sig checksig @@ -90,18 +87,16 @@ update_session(){ printf %s\\n "${sid} ${time} ${sig}" } -SESSION_KEY="$(update_session)" -SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly -SESSION_ID="${SESSION_KEY%% *}" - SESSION_BIND() { + # Set tamper-proof authenticated cookie local key="$1" value="$2" SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")" } SESSION_VAR() { - local key="$1" - local value sig + # read authenticated cookie + # fail if value has been tampered with + local key="$1" value sig value="$(COOKIE "$key")" sig="${value##* }" value="${value% *}" if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then @@ -110,3 +105,7 @@ SESSION_VAR() { return 1 fi } + +SESSION_KEY="$(update_session)" +SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly +SESSION_ID="${SESSION_KEY%% *}" -- 2.39.2