Florian Obser <flor...@openbsd.org> wrote: > On 2024-02-20 22:32 +01, Christopher Zimmermann <chr...@openbsd.org> wrote: > > Hi, > > > > this diff adds a challenge hook to acme-client. This hook can be used > > to fulfill challenges. For example by putting the requested files onto > > a remote http server (http-01 challenge) or by modifying dns records > > (dns-01 challenge). The latter are needed to obtain wildcard > > certificates. > > Is this diff ok? Is the design of the hook interface sane? Any > > feedback is welcome. > > > > I'm not convinced passing random crap coming from the internet to a > shell script running as root is a good idea.
I also think this is a mistake. The proposed hook mechanism seems too powerful and overly general. To avoid that, maybe consider the minimum it could do, and still work. I think it should perform an action based only upon pre-configured information. Then the server can do it's job, and the hook mechanism watches for the job to be finished. Then the hook mechanism should communicate what it sees back (without any dangerous inspection or interpretation) to the main client engine for decision making. Something like that. The diff is hard to read for some reason, it seems to lack refactoring and abstraction.
