From 621208650ef40272b76f4f649b461f47c33d97f9 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Paul=20H=C3=A4nsch?= Date: Tue, 9 Feb 2021 21:44:39 +0100 Subject: [PATCH] simplified mac function and cookie format --- session.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/session.sh b/session.sh index 0a2a2e8..93cc2f4 100755 --- a/session.sh +++ b/session.sh @@ -25,10 +25,13 @@ slopecode(){ } session_mac(){ + local info + [ $# -eq 0 ] && info="$(cat)" || info="$*" + if which openssl >/dev/null; then - openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode + printf %s "$info" |openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode else - { cat; server_key; } |sha256sum |cut -d\ -f1 + { printf %s "$info"; server_key; } |sha256sum |cut -d\ -f1 fi } @@ -55,20 +58,17 @@ checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; } transid(){ # transaction ID to modify a given file local file="$1" - { stat -c %F%i%n%N%s%Y "$file" 2>&- - printf %s "$SESSION_ID" - } | session_mac + session_mac "$(stat -c %F%i%n%N%s%Y "$file" 2>&-)" "$SESSION_ID" } update_session(){ - local session sid time sig serverkey checksig + local session sid time sig checksig - IFS=- read -r sid time sig <<-END + read -r sid time sig <<-END $(POST session_key || COOKIE session) END - serverkey="$(server_key)" - checksig="$(printf %s "$sid" "$time" |session_mac)" + checksig="$(session_mac "$sid" "$time")" if ! [ "$checksig" = "$sig" \ -a "$time" -ge "$_DATE" \ @@ -79,10 +79,10 @@ update_session(){ fi time=$(( $_DATE + $SESSION_TIMEOUT )) - sig="$(printf %s "$sid" "$time" |session_mac)" - printf %s\\n "${sid}-${time}-${sig}" + sig="$(session_mac "$sid" "$time")" + printf %s\\n "${sid} ${time} ${sig}" } SESSION_KEY="$(update_session)" SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly -SESSION_ID="${SESSION_KEY%%-*}" +SESSION_ID="${SESSION_KEY%% *}" -- 2.39.2