commit - bd84be8a1a59cfed38bb44a3d921b3b16ffa6469
commit + 4615fe93f6be3799737f485f025f1ec9b89586f5
blob - 4638c10ed322c7d77ce9a38b39a234f80a172047
blob + 966c6008573b577e99cc85b6d7eada163453396c
--- gotd/gotd.conf.5
+++ gotd/gotd.conf.5
is provided, the request body will be signed using HMAC, allowing the
receiver to verify the notification message's authenticity and integrity.
The signature uses HMAC-SHA256 and will be sent in the HTTP header
-.Dq HTTP_X_GOTD_SIGNATURE_256 .
+.Dq X-Gotd-Signature .
Suitable secrets can be generated with
.Xr openssl 1
as follows:
blob - a181d871b13eedee0dc5684d90fb2bdab9e16c42
blob + 30623ad273c8b91f084de562be5d81d2b510d315
--- gotd/libexec/got-notify-http/got-notify-http.c
+++ gotd/libexec/got-notify-http/got-notify-http.c
path, host,
nonstd ? ":" : "", nonstd ? port : "",
(long long)paylen, USERAGENT,
- hmac_sig ? "HTTP_X_GOTD_SIGNATURE_256: " : "",
+ hmac_sig ? "X-Gotd-Signature: " : "",
hmac_sig ? "sha256=" : "",
hmac_sig ? hex : "",
hmac_sig ? "\r\n" : "");
blob - 800393052afde0178d8c080fbbf7ab7dffd883e8
blob + a332caed58809222d5e3fc8088715dbd55b25e34
--- regress/gotd/http-server
+++ regress/gotd/http-server
next;
}
- if (m/HTTP_X_GOTD_SIGNATURE_256/) {
+ if (m/X-Gotd-Signature/) {
die "bad hmac signature header"
- unless m/HTTP_X_GOTD_SIGNATURE_256: sha256=(.*)$/;
+ unless m/X-Gotd-Signature: sha256=(.*)$/;
$hmac_signature = $1;
next;
}