commit 7131669ca5516991c728286f3ff04e829aaed754
from: Stefan Sperling <stsp@stsp.name>
via: Thomas Adam <thomas@xteddy.org>
date: Wed Sep 04 19:32:33 2024 UTC

rename gotd HTTP notification signature header; suggested by op@

commit - 97858f5c321756c6495a682f6913b59211b51a96
commit + 7131669ca5516991c728286f3ff04e829aaed754
blob - 4638c10ed322c7d77ce9a38b39a234f80a172047
blob + 966c6008573b577e99cc85b6d7eada163453396c
--- gotd/gotd.conf.5
+++ gotd/gotd.conf.5
@@ -374,7 +374,7 @@ If a
 is provided, the request body will be signed using HMAC, allowing the
 receiver to verify the notification message's authenticity and integrity.
 The signature uses HMAC-SHA256 and will be sent in the HTTP header
-.Dq HTTP_X_GOTD_SIGNATURE_256 .
+.Dq X-Gotd-Signature .
 Suitable secrets can be generated with
 .Xr openssl 1
 as follows:
blob - 81a563d1b9541e72594736ccf73c37af464ef9a7
blob + eebd2a4e6afc6e940d7c7491668d0378e83154e2
--- gotd/libexec/got-notify-http/got-notify-http.c
+++ gotd/libexec/got-notify-http/got-notify-http.c
@@ -1059,7 +1059,7 @@ main(int argc, char **argv)
 	    path, host,
 	    nonstd ? ":" : "", nonstd ? port : "",
 	    (long long)paylen, USERAGENT,
-	    hmac_sig ? "HTTP_X_GOTD_SIGNATURE_256: " : "",
+	    hmac_sig ? "X-Gotd-Signature: " : "",
 	    hmac_sig ? "sha256=" : "",
 	    hmac_sig ? hex : "",
 	    hmac_sig ? "\r\n" : "");
blob - 800393052afde0178d8c080fbbf7ab7dffd883e8
blob + a332caed58809222d5e3fc8088715dbd55b25e34
--- regress/gotd/http-server
+++ regress/gotd/http-server
@@ -77,9 +77,9 @@ while (<$out>) {
 		next;
 	}
 
-	if (m/HTTP_X_GOTD_SIGNATURE_256/) {
+	if (m/X-Gotd-Signature/) {
 		die "bad hmac signature header"
-		    unless m/HTTP_X_GOTD_SIGNATURE_256: sha256=(.*)$/;
+		    unless m/X-Gotd-Signature: sha256=(.*)$/;
 		$hmac_signature = $1;
 		next;
 	}