Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated cookie secrets management #378

Merged
merged 11 commits into from
Oct 23, 2024
Merged

Updated cookie secrets management #378

merged 11 commits into from
Oct 23, 2024

Commits on Aug 21, 2024

  1. --with-cookiesecretsfile=path for configure

    Partly addressing issue #196
    wtoorop committed Aug 21, 2024
    Configuration menu
    Copy the full SHA
    6bc8ae0 View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2024

  1. Configurable staing cookie

    wtoorop committed Aug 26, 2024
    Configuration menu
    Copy the full SHA
    7a34e20 View commit details
    Browse the repository at this point in the history

Commits on Aug 27, 2024

  1. Configuration menu
    Copy the full SHA
    65a5d64 View commit details
    Browse the repository at this point in the history

Commits on Aug 28, 2024

  1. Automatic migration of cookie secrets

    from the old to the new default location
    wtoorop committed Aug 28, 2024
    Configuration menu
    Copy the full SHA
    efe4cf6 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    a8f5b46 View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2024

  1. Tell were cookies came from

    even when they came from the old default location
    +some small code cleanup and reduced code repetition
    wtoorop committed Aug 29, 2024
    Configuration menu
    Copy the full SHA
    6534967 View commit details
    Browse the repository at this point in the history

Commits on Sep 4, 2024

  1. Apply suggestions from code review

    Thanks @wcawijngaards ! Yes, cleanup secrets on the stack after use is definitely more secure. I think you even found some occurrences that weren't covered before.
    
    Co-authored-by: Wouter Wijngaards <wcawijngaards@users.noreply.github.com>
    wtoorop and wcawijngaards authored Sep 4, 2024
    Configuration menu
    Copy the full SHA
    14d0a43 View commit details
    Browse the repository at this point in the history

Commits on Oct 22, 2024

  1. Update util.c

    wtoorop authored Oct 22, 2024
    Configuration menu
    Copy the full SHA
    5674228 View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    ec858b9 View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    b090af7 View commit details
    Browse the repository at this point in the history

Commits on Oct 23, 2024

  1. Pro-actively set cookie_secret_file value

    Right after config is read, so no wrapper is needed anymore to determine the value.
    wtoorop committed Oct 23, 2024
    Configuration menu
    Copy the full SHA
    c743742 View commit details
    Browse the repository at this point in the history