if which openssl >/dev/null; then
session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode; }
else
- # sham hmac if openssl is unavailable
- session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; server_key; } | sha256sum |cut -d\ -f1; }
+ # Gonzo MAC if openssl is unavailable
+ session_mac(){
+ { server_key | dd status=none bs=256 count=1 skip=1
+ { server_key | dd status=none bs=256 count=1
+ [ $# -gt 0 ] && printf %s "$*" || cat
+ } \
+ | sha256sum -;
+ } \
+ | sha256sum | cut -d\ -f1
+ }
fi
server_key(){
fi
}
+SESSION_COOKIE() {
+ SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
+}
+
SESSION_KEY="$(update_session)"
-SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
SESSION_ID="${SESSION_KEY%% *}"
+
+[ "$1" = nocookie ] || SESSION_COOKIE