improved gonzo mac if openssl is unavailable

diff --git a/session.sh b/session.sh
index 8929ab3de62638fa4084cbf3f6d50ba5510ec960..ca931fad9aa662ec338820bdc88be9f5018aba24 100755 (executable)
--- a/session.sh
+++ b/session.sh
@@ -16,8 +16,16 @@ fi
 if which openssl >/dev/null; then
   session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode; }
 else
-  # sham hmac if openssl is unavailable
-  session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; server_key; } | sha256sum |cut -d\  -f1; }
+  # Gonzo MAC if openssl is unavailable
+  session_mac(){
+    { server_key | dd status=none bs=256 count=1 skip=1
+      { server_key | dd status=none bs=256 count=1
+        [ $# -gt 0 ] && printf %s "$*" || cat
+      } \
+      | sha256sum -;
+    } \
+    | sha256sum | cut -d\  -f1
+  }
 fi
 
 server_key(){