diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2014-07-09 13:01:57 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2014-07-09 23:20:17 +0300 |
commit | 131b6ab56cbec838346fd493f3fe96438e3b58e7 (patch) | |
tree | 1a30a33f6447fcbeba9810542121dc7003d3129a /doc | |
parent | 7f40bb8674983f8e4fc11fbebe56f88daa812c1a (diff) | |
download | eclat-131b6ab56cbec838346fd493f3fe96438e3b58e7.tar.gz eclat-131b6ab56cbec838346fd493f3fe96438e3b58e7.tar.bz2 |
Implement signature version 4 signing process
* lib/libeclat.h (ec2_param) <encoded>: New member.
(ec2_query) <signature>: Remove.
<headers,region,access_key>: New members
(eclat_query_create): Take two more arguments. All uses changed.
(eclat_query_add_param_encoded)
(eclat_query_add_header): New functions.
* lib/q2url.c (eclat_query_to_url): Don't create Signature param:
it is already in the param list (for v2 process).
* lib/qaddparm.c (eclat_query_add_param_encoded): New function.
(eclat_query_add_header): New function.
* lib/qcreat.c (eclat_query_create): Take region and access key
as additional parameters.
* lib/qencode.c (encode_param): Skip parameters that have encoded
set to true.
* lib/reqsign.c (querysign2): Store access key in AWSAccessKeyId
and the generated signature in the Signature parameters.
(eclat_hex_encode): New function.
(querysign4): Implement signature version 4 signing process.
* src/ec2map.c: Update call to eclat_query_create.
* src/eclat.c: Likewise.
* src/util.c (eclat_send_query): Sign the query and add
requested headers prior to sending.
* doc/eclat.conf.5: Document signature-version.
* NEWS: Likewise.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/eclat.conf.5 | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/doc/eclat.conf.5 b/doc/eclat.conf.5 index 59ac541..feb504f 100644 --- a/doc/eclat.conf.5 +++ b/doc/eclat.conf.5 @@ -13,7 +13,7 @@ .\" .\" You should have received a copy of the GNU General Public License .\" along with Eclat. If not, see <http://www.gnu.org/licenses/>. -.TH ECLAT.CONF 5 "February 13, 2014" "ECLAT" "Eclat User Reference" +.TH ECLAT.CONF 5 "July 9, 2014" "ECLAT" "Eclat User Reference" .SH NAME eclat.conf \- configuration file for .BR eclat (1). @@ -396,6 +396,10 @@ algorithm described below. If an access file cannot be opened due to insufficient privileges, no error message is issued (unless the debugging level \fBmain.1\fR or higher is requested). This allows you to have different access files for use by different groups of users. +.TP +\fBsignature\-version\fR \fIN\fR; +Declares the signature version. Valid values for \fIN\fR are \fB2\fR, +which is the default, and \fB4\fR, which provides a better security. .SS SSL CONFIGURATION The \fBssl\fR statement has two forms, and can be used as scalar or as a block statement. In scalar form it is used to enable SSL: |