From 280b6cc5ddcedd4f744806f965e0165fb0a8f0b2 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Paul=20H=C3=A4nsch?= <paul@plutz.net>
Date: Sun, 25 Jul 2021 04:46:25 +0200
Subject: [PATCH] Squashed 'cgilite/' changes from b089a33..52e7985

52e7985 enable pipe/argument choice for more functions
b65a5ae md: heading identifiers

git-subtree-dir: cgilite
git-subtree-split: 52e798535235e32bd536c3275d25aa7fda65f27d
---
 markdown.awk | 16 +++++++++++-----
 session.sh   | 43 +++++++++++++++++++++----------------------
 2 files changed, 32 insertions(+), 27 deletions(-)

diff --git a/markdown.awk b/markdown.awk
index 9738180..512be5d 100755
--- a/markdown.awk
+++ b/markdown.awk
@@ -43,6 +43,7 @@
 # Extensions - Block elements:
 # ----------------------------
 # -  ?  Heading identifiers (php md, pandoc)
+# - [x] Automatic heading identifiers (custom)
 # - [x] Fenced code blocks (php md, pandoc)
 #   - [-] Fenced code attributes
 # - [ ] Tables
@@ -347,21 +348,25 @@ function _block( block, LOCAL, st, len, hlvl, htxt, guard, code, indent ) {
   # First Order Heading
   } else if ( match( block, /^[^\n]+\n===+(\n|$)/ ) ) {
     len = RLENGTH;
-    return "<h1>" inline( gensub( /\n.*$/, "", "g", block ) ) "</h1>\n\n" \
+    HL[1]++; HL[2] = 0; HL[3] = 0; HL[4] = 0; HL[5] = 0; HL[6] = 0;
+    return "<h1 id=\"" HL[1] " - " HTML(gensub( /\n.*$/, "", "g", block )) "\">" inline( gensub( /\n.*$/, "", "g", block ) ) "</h1>\n\n" \
            _block( substr( block, len + 1 ) );
 
   # Second Order Heading
   } else if ( match( block, /^[^\n]+\n---+(\n|$)/ ) ) {
     len = RLENGTH;
-    return "<h2>" inline( gensub( /\n.*$/, "", "g", block ) ) "</h2>\n\n" \
+    HL[2]++; HL[3] = 0; HL[4] = 0; HL[5] = 0; HL[6] = 0;
+    return "<h2 id=\"" HL[1] "." HL[2] " - " HTML(gensub( /\n.*$/, "", "g", block )) "\">" inline( gensub( /\n.*$/, "", "g", block ) ) "</h2>\n\n" \
            _block( substr( block, len + 1) );
 
   # Nth Order Heading
-  } else if ( match( block, /^#{1,6}[[:space:]]*[^\n]+([[:space:]]*#*)(\n|$)/ ) ) {
+  } else if ( match( block, /^#{1,6}[ \t]*[^\n]+([ \t]*#*)(\n|$)/ ) ) {
     len = RLENGTH;
     hlvl = length( gensub( /^(#{1,6}).*$/, "\\1", "g", block ) );
-    htxt = gensub( /[[:space:]]*#*$/, "", "1", gensub( /^#{1,6}[[:space:]]*([^\n]+)([[:space:]]*#*)\n.*$/, "\\1", "g", block ) )
-    return "<h" hlvl ">" inline( htxt ) "</h" hlvl ">\n\n" \
+    htxt = gensub(/^#{1,6}[ \t]*(([^ \t\n]+|[ \t]+[^ \t\n#]|[ \t]+#+[^\n#])+)([ \t]*#*)(\n.*)?$/, "\\1", 1, block);
+    HL[hlvl]++; for ( n = hlvl + 1; n < 7; n++) { HL[n] = 0;}
+    hid = HL[1]; for ( n = 2; n <= hlvl; n++) { hid = hid "." HL[n] ; }
+    return "<h" hlvl " id=\"" hid " - " HTML(htxt) "\">" inline( htxt ) "</h" hlvl ">\n\n" \
            _block( substr( block, len + 1) );
 
   # Plain paragraph
@@ -409,6 +414,7 @@ BEGIN {
   # Global Vars
   file = ""; rl_href[""] = ""; rl_title[""] = "";
   if (ENVIRON["MD_HTML"] == "true") { AllowHTML = "true"; }
+  HL[1] = 0; HL[2] = 0; HL[3] = 0; HL[4] = 0; HL[5] = 0; HL[6] = 0;
 
   # Buffering of full file ist necessary, e.g. to find reference links
   while (getline) { file = file $0 "\n"; }
diff --git a/session.sh b/session.sh
index b9cef4d..8929ab3 100755
--- a/session.sh
+++ b/session.sh
@@ -3,6 +3,9 @@
 [ -n "$include_session" ] && return 0
 include_session="$0"
 
+_DATE="$(date +%s)"
+SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
+
 if ! which uuencode >/dev/null; then
   uuencode() { busybox uuencode "$@"; }
 fi
@@ -10,8 +13,12 @@ if ! which sha256sum >/dev/null; then
   sha256sum() { busybox sha256sum "$@"; }
 fi
 
-_DATE="$(date +%s)"
-SESSION_TIMEOUT="${SESSION_TIMEOUT:-7200}"
+if which openssl >/dev/null; then
+  session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode; }
+else
+  # sham hmac if openssl is unavailable
+  session_mac(){ { [ $# -gt 0 ] && printf %s "$*" || cat; server_key; } | sha256sum |cut -d\  -f1; }
+fi
 
 server_key(){
   IDFILE="${IDFILE:-${_DATA:-.}/serverkey}"
@@ -25,23 +32,13 @@ slopecode(){
   # 6-Bit Code that retains sort order of input data, while beeing safe to use
   # in ascii transmissions, unix file names, HTTP URLs, and HTML attributes
 
-  uuencode -m - | sed '
+  { [ $# -gt 0 ] && printf %s "$*" || cat; } \
+  | uuencode -m - | sed '
     1d;$d; 
     y;ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/;0123456789:=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz;
   '
 }
 
-session_mac(){
-  local info
-  [ $# -eq 0 ] && info="$(cat)" || info="$*"
-
-  if which openssl >/dev/null; then
-    printf %s "$info" |openssl dgst -sha1 -hmac "$(server_key)" -binary |slopecode
-  else
-    { printf %s "$info"; server_key; } |sha256sum |cut -d\  -f1
-  fi
-}
-
 randomid(){
   dd bs=12 count=1 if=/dev/urandom 2>&- \
   | slopecode
@@ -60,14 +57,14 @@ timeid(){
   } | slopecode
 }
 
-checkid(){ grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
-
 transid(){
   # transaction ID to modify a given file
   local file="$1"
   session_mac "$(stat -c %F%i%n%N%s%Y "$file" 2>&-)" "$SESSION_ID"
 }
 
+checkid(){ { [ $# -gt 0 ] && printf %s "$*" || cat; } | grep -m 1 -xE '[0-9a-zA-Z:=]{16}'; }
+
 update_session(){
   local session sid time sig checksig
 
@@ -90,18 +87,16 @@ update_session(){
   printf %s\\n "${sid} ${time} ${sig}"
 }
 
-SESSION_KEY="$(update_session)"
-SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
-SESSION_ID="${SESSION_KEY%% *}"
-
 SESSION_BIND() {
+  # Set tamper-proof authenticated cookie
   local key="$1" value="$2"
   SET_COOKIE session "$key"="${value} $(session_mac "$value" "$SESSION_ID")"
 }
 
 SESSION_VAR() {
-  local key="$1"
-  local value sig
+  # read authenticated cookie
+  # fail if value has been tampered with
+  local key="$1" value sig
   value="$(COOKIE "$key")"
   sig="${value##* }" value="${value% *}"
   if [ "$sig" = "$(session_mac "$value" "$SESSION_ID")" ]; then
@@ -110,3 +105,7 @@ SESSION_VAR() {
     return 1
   fi
 }
+
+SESSION_KEY="$(update_session)"
+SET_COOKIE 0 session="$SESSION_KEY" Path=/ SameSite=Strict HttpOnly
+SESSION_ID="${SESSION_KEY%% *}"
-- 
2.39.2