"GOT", but the "O" is a cute, smiling pufferfish. Index | Thread | Search

From:
Stefan Sperling <stsp@stsp.name>
Subject:
Re: initial gotd-secrets.conf implementation
To:
Omar Polo <op@omarpolo.com>
Cc:
gameoftrees@openbsd.org
Date:
Sun, 8 Sep 2024 18:32:04 +0200

Download raw body.

Thread
On Sun, Sep 08, 2024 at 04:48:18PM +0200, Omar Polo wrote:
> On 2024/09/08 13:52:25 +0200, Stefan Sperling <stsp@stsp.name> wrote:
> > On Sun, Sep 08, 2024 at 10:14:15AM +0200, Omar Polo wrote:
> > > Yep, that's my plan as well.  I just thought in this case it would have
> > > been better to improve in-tree.
> > > 
> > > For that there are two ways I guess:
> > > 
> > >  - using the second field for both data, as in `auth label flan:password` or
> > >  - adding another field for the password, as in `auth label flan password`
> > > 
> > > The latter is probably cleaner.
> > 
> > I agree the second form is better. Could even use keywords to make
> > it easier to read:
> > 
> >   auth gothubflan user "flan" password "secret"
> >   auth gothubhacker user "flan" password "secret"
> >   hmac codeberghook1 "secretfoo"
> >   hmac codeberghook2 "secretbar"
> 
> fine with me.  but just to be sure, do you really want to have quoting?

Not sure. Probably not needed right now but we might need to
add other authentication types later so it might help to keep
things as generic as possible.

> Yep, with something like this gitwrapper compiles.  I'm trading
> secrets.c for secret.h, so if we change the signature we'll get an error
> compiling gitwrapper.  Given that this won't ever be called, we could
> play some other tricks, but I'd prefer to keep this clean.

Works for me, ok.