aboutsummaryrefslogtreecommitdiff
path: root/src/util.c
diff options
context:
space:
mode:
authorSergey Poznyakoff <gray@gnu.org.ua>2014-07-09 13:01:57 +0300
committerSergey Poznyakoff <gray@gnu.org.ua>2014-07-09 23:20:17 +0300
commit131b6ab56cbec838346fd493f3fe96438e3b58e7 (patch)
tree1a30a33f6447fcbeba9810542121dc7003d3129a /src/util.c
parent7f40bb8674983f8e4fc11fbebe56f88daa812c1a (diff)
downloadeclat-131b6ab56cbec838346fd493f3fe96438e3b58e7.tar.gz
eclat-131b6ab56cbec838346fd493f3fe96438e3b58e7.tar.bz2
Implement signature version 4 signing process
* lib/libeclat.h (ec2_param) <encoded>: New member. (ec2_query) <signature>: Remove. <headers,region,access_key>: New members (eclat_query_create): Take two more arguments. All uses changed. (eclat_query_add_param_encoded) (eclat_query_add_header): New functions. * lib/q2url.c (eclat_query_to_url): Don't create Signature param: it is already in the param list (for v2 process). * lib/qaddparm.c (eclat_query_add_param_encoded): New function. (eclat_query_add_header): New function. * lib/qcreat.c (eclat_query_create): Take region and access key as additional parameters. * lib/qencode.c (encode_param): Skip parameters that have encoded set to true. * lib/reqsign.c (querysign2): Store access key in AWSAccessKeyId and the generated signature in the Signature parameters. (eclat_hex_encode): New function. (querysign4): Implement signature version 4 signing process. * src/ec2map.c: Update call to eclat_query_create. * src/eclat.c: Likewise. * src/util.c (eclat_send_query): Sign the query and add requested headers prior to sending. * doc/eclat.conf.5: Document signature-version. * NEWS: Likewise.
Diffstat (limited to 'src/util.c')
-rw-r--r--src/util.c41
1 files changed, 35 insertions, 6 deletions
diff --git a/src/util.c b/src/util.c
index 1a0a6d0..641d304 100644
--- a/src/util.c
+++ b/src/util.c
@@ -222,17 +222,44 @@ eclat_send_query(CURL *curl, struct ec2_query *q)
char *url;
CURLcode res;
int rc = 0;
+ struct curl_slist *headers = NULL;
- eclat_query_add_param(q, "AWSAccessKeyId", access_key);
-
+ /* Prepare the request */
eclat_query_sign(q, secret_key, signature_version);
url = eclat_query_to_url(q, NULL);
-
- debug(ECLAT_DEBCAT_MAIN, 1, ("using URL: %s", url));
curl_easy_setopt(curl, CURLOPT_URL, url);
-
+ debug(ECLAT_DEBCAT_MAIN, 1, ("using URL: %s", url));
free(url);
- eclat_query_free(q);
+ if (q->headers) {
+ struct grecs_list_entry *ep;
+ struct grecs_txtacc *acc;
+ int rc;
+
+ acc = grecs_txtacc_create();
+
+ for (ep = q->headers->head; ep; ep = ep->next) {
+ struct ec2_param *p = ep->data;
+ char *str;
+
+ grecs_txtacc_grow_string(acc, p->name);
+ grecs_txtacc_grow_char(acc, ':');
+ grecs_txtacc_grow_string(acc, p->value);
+ grecs_txtacc_grow_char(acc, 0);
+ str = grecs_txtacc_finish(acc, 0);
+ debug(ECLAT_DEBCAT_MAIN, 1, ("HDR: %s", str));
+
+ headers = curl_slist_append(headers, str);
+ grecs_txtacc_free_string(acc, str);
+ }
+
+ rc = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
+ grecs_txtacc_free(acc);
+
+ if (rc)
+ die(EX_SOFTWARE,
+ "failed to add headers: %s",
+ curl_easy_strerror(rc));
+ }
if (dry_run_mode)
debug(ECLAT_DEBCAT_MAIN, 1, ("not sending request"));
@@ -244,6 +271,8 @@ eclat_send_query(CURL *curl, struct ec2_query *q)
rc = 1;
}
}
+ eclat_query_free(q);
+ curl_slist_free_all(headers);
return rc;
}

Return to:

Send suggestions and report system problems to the System administrator.