aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2015-01-23 13:14:01 +0200
committerSergey Poznyakoff <gray@gnu.org.ua>2015-01-23 13:14:01 +0200
commit034b32134de9aad30f82858cf77dfbfc306a7805 (patch)
tree7fdff924f7d39ed06d597418ccc84f83f75e4c1c
parent0ed8a2275a3a6cda553b82e9e0222b9d3b8b3ff2 (diff)
downloadeclat-034b32134de9aad30f82858cf77dfbfc306a7805.tar.gz
eclat-034b32134de9aad30f82858cf77dfbfc306a7805.tar.bz2
Use signature version 4 by default
-rw-r--r--NEWS7
-rw-r--r--doc/eclat.conf.56
-rw-r--r--src/eclat.c2
3 files changed, 10 insertions, 5 deletions
diff --git a/NEWS b/NEWS
index d498bf7..781203c 100644
--- a/NEWS
+++ b/NEWS
@@ -14,10 +14,11 @@ Version 1.0.92, (Git)
* Implement signature version 4 signing
-The signature version 4 signing process is enabled by adding the
-following statement in the eclat configuration file:
+The signature version 4 signing process is now the default. Version
+2 can enabled by using the following statement in the eclat
+configuration file:
- signature-version 4;
+ signature-version 2;
* POST support
diff --git a/doc/eclat.conf.5 b/doc/eclat.conf.5
index 32147e8..6816484 100644
--- a/doc/eclat.conf.5
+++ b/doc/eclat.conf.5
@@ -389,12 +389,16 @@ region us\-east\-1 ec2.us\-east\-1.amazonaws.com;
# US West (Oregon) Region
region us\-west\-2 ec2.us\-west\-2.amazonaws.com;
.EE
-.SS HTTP METHOD
+.SS HTTP METHOD AND SIGNATURE
.TP
\fBhttp\-method\fR \fIARG\fR;
Configures HTTP method. Allowed values for \fIARG\fR are \fBGET\fR
(the default), and \fBPOST\fR. \fIARG\fR is case-insensitive. The
\fBPOST\fR method implies using signature version 4.
+.TP
+\fBsignature\-version\fR \fB2\fR|\fB4\fR;
+Use the given AWS signature version algorithm. Version \fB4\fR is
+more secure and is used by default.
.SS SSL CONFIGURATION
The \fBssl\fR statement has two forms, and can be used as scalar or as
a block statement. In scalar form it is used to enable SSL:
diff --git a/src/eclat.c b/src/eclat.c
index 2e46930..8cadebd 100644
--- a/src/eclat.c
+++ b/src/eclat.c
@@ -23,7 +23,7 @@ int match_command_mode;
int preprocess_only = 0;
char *endpoint = "ec2.amazonaws.com";
-char *signature_version = "2";
+char *signature_version = "4";
enum authentication_provider authentication_provider = authp_undefined;
char *access_key;

Return to:

Send suggestions and report system problems to the System administrator.