path: root/doc
diff options
authorSergey Poznyakoff <gray@gnu.org.ua>2014-07-09 13:01:57 +0300
committerSergey Poznyakoff <gray@gnu.org.ua>2014-07-09 23:20:17 +0300
commit131b6ab56cbec838346fd493f3fe96438e3b58e7 (patch)
tree1a30a33f6447fcbeba9810542121dc7003d3129a /doc
parent7f40bb8674983f8e4fc11fbebe56f88daa812c1a (diff)
Implement signature version 4 signing process
* lib/libeclat.h (ec2_param) <encoded>: New member. (ec2_query) <signature>: Remove. <headers,region,access_key>: New members (eclat_query_create): Take two more arguments. All uses changed. (eclat_query_add_param_encoded) (eclat_query_add_header): New functions. * lib/q2url.c (eclat_query_to_url): Don't create Signature param: it is already in the param list (for v2 process). * lib/qaddparm.c (eclat_query_add_param_encoded): New function. (eclat_query_add_header): New function. * lib/qcreat.c (eclat_query_create): Take region and access key as additional parameters. * lib/qencode.c (encode_param): Skip parameters that have encoded set to true. * lib/reqsign.c (querysign2): Store access key in AWSAccessKeyId and the generated signature in the Signature parameters. (eclat_hex_encode): New function. (querysign4): Implement signature version 4 signing process. * src/ec2map.c: Update call to eclat_query_create. * src/eclat.c: Likewise. * src/util.c (eclat_send_query): Sign the query and add requested headers prior to sending. * doc/eclat.conf.5: Document signature-version. * NEWS: Likewise.
Diffstat (limited to 'doc')
1 files changed, 5 insertions, 1 deletions
diff --git a/doc/eclat.conf.5 b/doc/eclat.conf.5
index 59ac541..feb504f 100644
--- a/doc/eclat.conf.5
+++ b/doc/eclat.conf.5
@@ -13,7 +13,7 @@
.\" You should have received a copy of the GNU General Public License
.\" along with Eclat. If not, see <http://www.gnu.org/licenses/>.
-.TH ECLAT.CONF 5 "February 13, 2014" "ECLAT" "Eclat User Reference"
+.TH ECLAT.CONF 5 "July 9, 2014" "ECLAT" "Eclat User Reference"
eclat.conf \- configuration file for
.BR eclat (1).
@@ -396,6 +396,10 @@ algorithm described below. If an access file cannot be opened due to
insufficient privileges, no error message is issued (unless the
debugging level \fBmain.1\fR or higher is requested). This allows you
to have different access files for use by different groups of users.
+\fBsignature\-version\fR \fIN\fR;
+Declares the signature version. Valid values for \fIN\fR are \fB2\fR,
+which is the default, and \fB4\fR, which provides a better security.
The \fBssl\fR statement has two forms, and can be used as scalar or as
a block statement. In scalar form it is used to enable SSL:

Return to:

Send suggestions and report system problems to the System administrator.