commit 4615fe93f6be3799737f485f025f1ec9b89586f5 from: Stefan Sperling date: Mon Aug 19 16:50:50 2024 UTC rename gotd HTTP notification signature header; suggested by op@ commit - bd84be8a1a59cfed38bb44a3d921b3b16ffa6469 commit + 4615fe93f6be3799737f485f025f1ec9b89586f5 blob - 4638c10ed322c7d77ce9a38b39a234f80a172047 blob + 966c6008573b577e99cc85b6d7eada163453396c --- gotd/gotd.conf.5 +++ gotd/gotd.conf.5 @@ -374,7 +374,7 @@ If a is provided, the request body will be signed using HMAC, allowing the receiver to verify the notification message's authenticity and integrity. The signature uses HMAC-SHA256 and will be sent in the HTTP header -.Dq HTTP_X_GOTD_SIGNATURE_256 . +.Dq X-Gotd-Signature . Suitable secrets can be generated with .Xr openssl 1 as follows: blob - a181d871b13eedee0dc5684d90fb2bdab9e16c42 blob + 30623ad273c8b91f084de562be5d81d2b510d315 --- gotd/libexec/got-notify-http/got-notify-http.c +++ gotd/libexec/got-notify-http/got-notify-http.c @@ -1051,7 +1051,7 @@ main(int argc, char **argv) path, host, nonstd ? ":" : "", nonstd ? port : "", (long long)paylen, USERAGENT, - hmac_sig ? "HTTP_X_GOTD_SIGNATURE_256: " : "", + hmac_sig ? "X-Gotd-Signature: " : "", hmac_sig ? "sha256=" : "", hmac_sig ? hex : "", hmac_sig ? "\r\n" : ""); blob - 800393052afde0178d8c080fbbf7ab7dffd883e8 blob + a332caed58809222d5e3fc8088715dbd55b25e34 --- regress/gotd/http-server +++ regress/gotd/http-server @@ -77,9 +77,9 @@ while (<$out>) { next; } - if (m/HTTP_X_GOTD_SIGNATURE_256/) { + if (m/X-Gotd-Signature/) { die "bad hmac signature header" - unless m/HTTP_X_GOTD_SIGNATURE_256: sha256=(.*)$/; + unless m/X-Gotd-Signature: sha256=(.*)$/; $hmac_signature = $1; next; }