"GOT", but the "O" is a cute, smiling pufferfish. Index | Thread | Search

From:
Omar Polo <op@omarpolo.com>
Subject:
Re: initial gotd-secrets.conf implementation
To:
Stefan Sperling <stsp@stsp.name>
Cc:
gameoftrees@openbsd.org
Date:
Sun, 08 Sep 2024 16:48:18 +0200

Download raw body.

Thread
On 2024/09/08 13:52:25 +0200, Stefan Sperling <stsp@stsp.name> wrote:
> On Sun, Sep 08, 2024 at 10:14:15AM +0200, Omar Polo wrote:
> > Yep, that's my plan as well.  I just thought in this case it would have
> > been better to improve in-tree.
> > 
> > For that there are two ways I guess:
> > 
> >  - using the second field for both data, as in `auth label flan:password` or
> >  - adding another field for the password, as in `auth label flan password`
> > 
> > The latter is probably cleaner.
> 
> I agree the second form is better. Could even use keywords to make
> it easier to read:
> 
>   auth gothubflan user "flan" password "secret"
>   auth gothubhacker user "flan" password "secret"
>   hmac codeberghook1 "secretfoo"
>   hmac codeberghook2 "secretbar"

fine with me.  but just to be sure, do you really want to have quoting?

> > > > can improve in tree I believe.
> > > 
> > > Yes, agreed. Ok by me.
> > > 
> > > I would prefer to avoid linking secrets.c into gitwrapper, but we
> > > can fix that later. This might require running a separate binary
> > > to parse the secrets file, or perhaps just moving some mfunctions
> > > to different .c files will be enough.
> > 
> > I have to pull in secrets.c in gitwrapper because I'm using
> > gotd_secrets_get() in parse.y that is also pulled in by gitwrapper.
> > I could add a dummy implementation of it in gitwrapper to satisfy lld,
> > or maybe add a secrets-dummy.c file with only that function in it.
>  
> Indeed. Maybe just adding the dummy function to gitwrapper.c would work?

Yep, with something like this gitwrapper compiles.  I'm trading
secrets.c for secret.h, so if we change the signature we'll get an error
compiling gitwrapper.  Given that this won't ever be called, we could
play some other tricks, but I'd prefer to keep this clean.

if you prefer i can move this to a different file, say secrets-dummy.c,
and link that to gitwrapper instead.


diff /home/op/w/got
commit - 5fb267cb9e3ad437bb94f4fd9ecbf399028c76f7
path + /home/op/w/got
blob - a09ef25ef79277b04b90ae84b72aed522da5a4c1
file + gitwrapper/Makefile
--- gitwrapper/Makefile
+++ gitwrapper/Makefile
@@ -10,7 +10,7 @@ BINDIR ?=	${PREFIX}/bin
 PROG=		gitwrapper
 
 SRCS=		gitwrapper.c parse.y log.c dial.c path.c error.c \
-		reference_parse.c hash.c object_qid.c secrets.c
+		reference_parse.c hash.c object_qid.c
 
 CLEANFILES = parse.h
 
blob - 2017ec526d2f1120654078766a5c1dd7b5a0723b
file + gitwrapper/gitwrapper.c
--- gitwrapper/gitwrapper.c
+++ gitwrapper/gitwrapper.c
@@ -44,6 +44,7 @@
 
 #include "gotd.h"
 #include "log.h"
+#include "secrets.h"
 
 #ifndef GITWRAPPER_GIT_LIBEXEC_DIR
 #define GITWRAPPER_GIT_LIBEXEC_DIR "/usr/local/libexec/git"
@@ -53,6 +54,13 @@
 #define GITWRAPPER_MY_SERVER_PROG "gotsh"
 #endif
 
+/* only needed to satisfy the linker */
+const char *
+gotd_secrets_get(struct gotd_secrets *secrets, enum gotd_secret_type t,
+    const char *key)
+{
+	return NULL;
+}
 
 __dead static void
 usage(void)