From: Omar Polo Subject: Re: initial gotd-secrets.conf implementation To: Stefan Sperling Cc: gameoftrees@openbsd.org Date: Sun, 08 Sep 2024 10:14:15 +0200 On 2024/09/07 22:11:53 +0200, Stefan Sperling wrote: > On Sat, Sep 07, 2024 at 05:01:42PM +0200, Omar Polo wrote: > > This is a first implementation of the mechanism discusse in the 'RFC: > > secrets for gotd' thread. The overall idea is to move the > > authentication data (username and password) for HTTP notifications in a > > separate file, and the HMAC secret too. > > > > This different file, gotd-secrets.conf, is meant to be root-owned, > > unlike gotd.conf which has to be world-readable for gitwrapper to work. > > > > What's still missing: > > > > - checking the permissions on the file > > - improving the documentation > > > > We're also currently using the username as "key" in gotd.conf, which is > > fine but slightly annoying since we might want to have multiple > > notifications that are using the same username but different password. > > This is something that I've overlooked in the RFC thread and only > > realized while implementing it. > > Indeed, which should adjust things to solve this problem. > Ideally we'll nail this down before shipping another release, such > that this problem only ever exists in development versions. Yep, that's my plan as well. I just thought in this case it would have been better to improve in-tree. For that there are two ways I guess: - using the second field for both data, as in `auth label flan:password` or - adding another field for the password, as in `auth label flan password` The latter is probably cleaner. > > Still, this is a starting point and we > > can improve in tree I believe. > > Yes, agreed. Ok by me. > > I would prefer to avoid linking secrets.c into gitwrapper, but we > can fix that later. This might require running a separate binary > to parse the secrets file, or perhaps just moving some mfunctions > to different .c files will be enough. I have to pull in secrets.c in gitwrapper because I'm using gotd_secrets_get() in parse.y that is also pulled in by gitwrapper. I could add a dummy implementation of it in gitwrapper to satisfy lld, or maybe add a secrets-dummy.c file with only that function in it.