[00:06:01] <Dreamy_Jazz>	 Actually that makes it use sqlite
[00:06:04] <Dreamy_Jazz>	 So that doesn't work
[00:17:35] <Reedy>	 you should be able to pass --dbtype=postgres or something should work for install.php
[00:19:11] <Reedy>	 but if the installer is broken, best file a bug in phab
[10:58:08] <eptalon>	 hello all
[10:58:55] <eptalon>	 I do have perhaps a very stupid question: I code a bor, and at some time the bot needs to login to do something. For that it reads username/password from a file.
[10:59:41] <eptalon>	 If the thing runs on toolserver, it will have a file like: username=mycoolbot and passwords=mysecretpassword.
[11:00:12] <eptalon>	 Ideally thething isn't stored in clear text, so what do you suggest I use for enncryption of the password?
[11:00:55] <eptalon>	 note that sha1/md5/sha256... are hashing (one-way functions), not encrption?
[11:06:07] <taavi>	 eptalon: I don't think encrypting the password in this case would help, since it'd just move the same problem to the encryption keys. just make sure to set the file permissions properly so that others can't read the file and ideally use a bot password or an owner-only oauth consumer that only has access to the needed rights, and you should be good
[11:06:18] <taavi>	 sigh
[11:56:16] <Sohom_Datta>	 How do I edit someone else's patch ? (I don't seem to be able to do it :( )
[11:59:48] <zabe>	 you need to be in the trusted-contributors gerrit group
[11:59:50] <zabe>	 added you
[12:00:12] <zabe>	 so you should now be capable of amending other's patches like your own ones
[12:03:07] <Sohom_Datta>	 Ah okay thanks :)
[13:53:45] <Dreamy_Jazz>	 I've found the reason why I can't install postgres. It's T167924. No idea how to fix it though. Removing the key from the updatelog table manually and re-running install.php does not fix anything
[13:53:45] <stashbot>	 T167924: WebInstaller and DatabasePostgres throws Error: 23505 ERROR: duplicate key value violates unique constraint "updatelog_pkey" - https://phabricator.wikimedia.org/T167924
[17:43:40] <eptalon>	 hello all. If I run a bot, I need to store its credentials in some way, lukely a file. Problem there, I need to encrypt the password of the user.
[17:43:54] <eptalon>	 What is the suggested algorithm for it?
[17:44:02] <taavi>	 eptalon: I don't think encrypting the password in this case would help, since it'd just move the same problem to the encryption keys. just make sure to set the file permissions properly so that others can't read the file and ideally use a bot password or an owner-only oauth consumer that only has access to the needed rights, and you should be good
[17:45:07] <eptalon>	 so even if the file reads user=mycoolusername, and password=mxysecretPassword?
[17:45:49] <eptalon>	 I thought about RSA, but this means you'll have two keys, in files.
[17:46:05] <eptalon>	 before you even start encrypting
[17:48:28] <taavi>	 oversimplifying things, there isn't a major difference between 'my password is "123456"' and 'my password is "654321" backwards'
[17:50:07] <eptalon>	 taavi: but if I encrypt that and end up with  AB CD EF 12 34 56.... thats at lrast no longer human-readable.
[17:50:14] <taavi>	 you need to store the encryption keys somewhere, and if those aren't stored securely they don't add any extra security to the password. and if they can be stored securely you can just store the password securely and avoid the hassle of encrypting in the first place
[17:50:34] <taavi>	 what is your risk model here?
[17:50:50] <taavi>	 i.e. what kind of attack are you trying to protect the password from?
[17:51:13] <eptalon>	 taavi: tthat abot account gets compromised.
[17:51:49] <eptalon>	 taavi: cat bot.proterties -> human readable password.
[17:52:18] <eptalon>	 I would have used hashing, but as you know hash functions are one way.
[17:53:01] <taavi>	 assuming this is on toolforge since that's what you talked about earlier, modify the file permissions so that only the tool account can read the password file
[17:54:11] <eptalon>	 taavi: it would be.
[17:54:23] <eptalon>	 does the toolforge server support a java bot?
[17:54:51] <taavi>	 yes
[17:55:24] <eptalon>	 jwiki, plus -12 other libs, maven build.
[18:12:08] <bawolff>	 As a rule of thumb, cryptography is never the answer :)
[21:21:23] <Aaron>	 hi
[21:21:33] <Aaron>	 I once sent out an email confirmation for phabricator
[21:21:59] <Aaron>	 but the email never arrives even when I click send again. I checked all folders so I decided to switch to another email.
[21:22:19] <Aaron>	 But the phabricator verification still tries to send to the old email address
[21:22:26] <Aaron>	 and when I click send another email
[21:22:38] <Aaron>	 the "Error  Our servers are currently under maintenance or experiencing a technical problem. Please try again in a few minutes." happens
[21:22:46] <Aaron>	 I tried yesterday and today
[21:22:56] <Aaron>	 via cp1081 cp1081, Varnish XID 53824880 Upstream caches: cp1081 int Error: 405, method not allowed at Sun, 29 Jan 2023 21:22:28 GMT
[21:23:51] <Aaron>	 the wikimedia sysadmin page says to try help via phab (non-accessible to me) or irc
[21:23:58] <Aaron>	 people can hear me right?
[21:24:12] <Reedy>	 yes
[21:24:22] <Aaron>	 phew