From 13ca418ce2abad4a4ba9d37c01868ca1adceab4e Mon Sep 17 00:00:00 2001
From: hobbyquaker <bastiraff@googlemail.com>
Date: Sun, 22 Jul 2018 00:21:44 +0200
Subject: [PATCH 1/4] add tcl libs for session check

---
 addon/lib/querystring.tcl |  9 +++++++++
 addon/lib/session.tcl     | 13 +++++++++++++
 2 files changed, 22 insertions(+)
 create mode 100644 addon/lib/querystring.tcl
 create mode 100644 addon/lib/session.tcl

diff --git a/addon/lib/querystring.tcl b/addon/lib/querystring.tcl
new file mode 100644
index 0000000..bd1f01f
--- /dev/null
+++ b/addon/lib/querystring.tcl
@@ -0,0 +1,9 @@
+catch {
+  set input $env(QUERY_STRING)
+  set pairs [split $input &]
+  foreach pair $pairs {
+    if {0 != [regexp "^(\[^=]*)=(.*)$" $pair dummy varname val]} {
+      set $varname $val
+    }
+  }
+}
diff --git a/addon/lib/session.tcl b/addon/lib/session.tcl
new file mode 100644
index 0000000..eb183a6
--- /dev/null
+++ b/addon/lib/session.tcl
@@ -0,0 +1,13 @@
+#!/bin/tclsh
+
+load tclrega.so
+
+proc check_session sid {
+    if {[regexp {@([0-9a-zA-Z]{10})@} $sid all sidnr]} {
+        set res [lindex [rega_script "Write(system.GetSessionVarStr('$sidnr'));"] 1]
+        if {$res != ""} {
+            return 1
+        }
+    }
+    return 0
+}

From 842cecf8d32a2c2ef28794baeb491ef11118a6aa Mon Sep 17 00:00:00 2001
From: hobbyquaker <bastiraff@googlemail.com>
Date: Sun, 22 Jul 2018 00:28:16 +0200
Subject: [PATCH 2/4] session check for rmupdate.html (former index.html) via
 new index.cgi

---
 addon/etc/rmupdate-addon.cfg            |  2 +-
 addon/www/index.cgi                     | 36 +++++++++++++++++++++++++
 addon/www/{index.html => rmupdate.html} |  0
 3 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 addon/www/index.cgi
 rename addon/www/{index.html => rmupdate.html} (100%)

diff --git a/addon/etc/rmupdate-addon.cfg b/addon/etc/rmupdate-addon.cfg
index cde4aa0..f456c31 100644
--- a/addon/etc/rmupdate-addon.cfg
+++ b/addon/etc/rmupdate-addon.cfg
@@ -1,5 +1,5 @@
 {
-  CONFIG_URL /addons/rmupdate
+  CONFIG_URL /addons/rmupdate/index.cgi
   CONFIG_DESCRIPTION {
     de {<li>System-Update</li>}
     en {<li>System-update</li>}
diff --git a/addon/www/index.cgi b/addon/www/index.cgi
new file mode 100644
index 0000000..46b5811
--- /dev/null
+++ b/addon/www/index.cgi
@@ -0,0 +1,36 @@
+#!/bin/tclsh
+
+load tclrega.so
+
+catch {
+  set input $env(QUERY_STRING)
+  set pairs [split $input &]
+  foreach pair $pairs {
+    if {0 != [regexp "^(\[^=]*)=(.*)$" $pair dummy varname val]} {
+      set $varname $val
+    }
+  }
+}
+
+if {[info exists sid] > 0} {
+    # Session prüfen
+    if {
+        ([string index $sid 0] != "@")
+        || ([string index $sid [expr [string length $sid] -1]]  != "@")
+        || ([string length $sid] != 12)} {
+        puts {error: session invalid}
+    } else {
+        regsub -all {@} $sid "" sid
+        set res [lindex [rega_script "Write(system.GetSessionVarStr('$sid'));"] 1]
+        if {$res != ""} {
+            # gültige Session
+            set fp [open "/usr/local/addons/rmupdate/www/rmupdate.html" r]
+            puts -nonewline [read $fp]
+            close $fp
+        } else {
+            puts {error: session invalid}
+        }
+    }
+} else {
+    puts {error: no session}
+}
diff --git a/addon/www/index.html b/addon/www/rmupdate.html
similarity index 100%
rename from addon/www/index.html
rename to addon/www/rmupdate.html

From 861859c947e83af75cd110860dd230334cd7327d Mon Sep 17 00:00:00 2001
From: hobbyquaker <bastiraff@googlemail.com>
Date: Sun, 22 Jul 2018 00:38:41 +0200
Subject: [PATCH 3/4] use libs

---
 addon/www/index.cgi | 34 +++++-----------------------------
 1 file changed, 5 insertions(+), 29 deletions(-)

diff --git a/addon/www/index.cgi b/addon/www/index.cgi
index 46b5811..2802d8f 100644
--- a/addon/www/index.cgi
+++ b/addon/www/index.cgi
@@ -1,36 +1,12 @@
 #!/bin/tclsh
 
-load tclrega.so
+source /usr/local/addons/rmupdate/lib/querystring.tcl
+source /usr/local/addons/rmupdate/lib/session.tcl
 
-catch {
-  set input $env(QUERY_STRING)
-  set pairs [split $input &]
-  foreach pair $pairs {
-    if {0 != [regexp "^(\[^=]*)=(.*)$" $pair dummy varname val]} {
-      set $varname $val
-    }
-  }
-}
-
-if {[info exists sid] > 0} {
-    # Session prüfen
-    if {
-        ([string index $sid 0] != "@")
-        || ([string index $sid [expr [string length $sid] -1]]  != "@")
-        || ([string length $sid] != 12)} {
-        puts {error: session invalid}
-    } else {
-        regsub -all {@} $sid "" sid
-        set res [lindex [rega_script "Write(system.GetSessionVarStr('$sid'));"] 1]
-        if {$res != ""} {
-            # gültige Session
-            set fp [open "/usr/local/addons/rmupdate/www/rmupdate.html" r]
+if {[info exists sid] && [check_session $sid]} {
+set fp [open "/usr/local/addons/rmupdate/www/rmupdate.html" r]
             puts -nonewline [read $fp]
             close $fp
-        } else {
-            puts {error: session invalid}
-        }
-    }
 } else {
-    puts {error: no session}
+    puts {error: invalid session}
 }

From b15fb681d175d62f590466ce52291ae9e4c7a116 Mon Sep 17 00:00:00 2001
From: hobbyquaker <bastiraff@googlemail.com>
Date: Sun, 22 Jul 2018 00:39:00 +0200
Subject: [PATCH 4/4] indentation

---
 addon/www/index.cgi | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/addon/www/index.cgi b/addon/www/index.cgi
index 2802d8f..92bdf32 100644
--- a/addon/www/index.cgi
+++ b/addon/www/index.cgi
@@ -4,9 +4,9 @@ source /usr/local/addons/rmupdate/lib/querystring.tcl
 source /usr/local/addons/rmupdate/lib/session.tcl
 
 if {[info exists sid] && [check_session $sid]} {
-set fp [open "/usr/local/addons/rmupdate/www/rmupdate.html" r]
-            puts -nonewline [read $fp]
-            close $fp
+    set fp [open "/usr/local/addons/rmupdate/www/rmupdate.html" r]
+    puts -nonewline [read $fp]
+    close $fp
 } else {
     puts {error: invalid session}
 }