On Sat, Sep 07, 2024 at 05:01:42PM +0200, Omar Polo wrote:
> This is a first implementation of the mechanism discusse in the 'RFC:
> secrets for gotd' thread.  The overall idea is to move the
> authentication data (username and password) for HTTP notifications in a
> separate file, and the HMAC secret too.
> 
> This different file, gotd-secrets.conf, is meant to be root-owned,
> unlike gotd.conf which has to be world-readable for gitwrapper to work.
> 
> What's still missing:
> 
>  - checking the permissions on the file
>  - improving the documentation
> 
> We're also currently using the username as "key" in gotd.conf, which is
> fine but slightly annoying since we might want to have multiple
> notifications that are using the same username but different password.
> This is something that I've overlooked in the RFC thread and only
> realized while implementing it.

Indeed, which should adjust things to solve this problem.
Ideally we'll nail this down before shipping another release, such
that this problem only ever exists in development versions.

> Still, this is a starting point and we
> can improve in tree I believe.

Yes, agreed. Ok by me.

I would prefer to avoid linking secrets.c into gitwrapper, but we
can fix that later. This might require running a separate binary
to parse the secrets file, or perhaps just moving some mfunctions
to different .c files will be enough.