diff options
author | Sergey Poznyakoff <gray@gnu.org.ua> | 2014-07-09 13:01:57 +0300 |
---|---|---|
committer | Sergey Poznyakoff <gray@gnu.org.ua> | 2014-07-09 23:20:17 +0300 |
commit | 131b6ab56cbec838346fd493f3fe96438e3b58e7 (patch) | |
tree | 1a30a33f6447fcbeba9810542121dc7003d3129a /src/util.c | |
parent | 7f40bb8674983f8e4fc11fbebe56f88daa812c1a (diff) | |
download | eclat-131b6ab56cbec838346fd493f3fe96438e3b58e7.tar.gz eclat-131b6ab56cbec838346fd493f3fe96438e3b58e7.tar.bz2 |
Implement signature version 4 signing process
* lib/libeclat.h (ec2_param) <encoded>: New member.
(ec2_query) <signature>: Remove.
<headers,region,access_key>: New members
(eclat_query_create): Take two more arguments. All uses changed.
(eclat_query_add_param_encoded)
(eclat_query_add_header): New functions.
* lib/q2url.c (eclat_query_to_url): Don't create Signature param:
it is already in the param list (for v2 process).
* lib/qaddparm.c (eclat_query_add_param_encoded): New function.
(eclat_query_add_header): New function.
* lib/qcreat.c (eclat_query_create): Take region and access key
as additional parameters.
* lib/qencode.c (encode_param): Skip parameters that have encoded
set to true.
* lib/reqsign.c (querysign2): Store access key in AWSAccessKeyId
and the generated signature in the Signature parameters.
(eclat_hex_encode): New function.
(querysign4): Implement signature version 4 signing process.
* src/ec2map.c: Update call to eclat_query_create.
* src/eclat.c: Likewise.
* src/util.c (eclat_send_query): Sign the query and add
requested headers prior to sending.
* doc/eclat.conf.5: Document signature-version.
* NEWS: Likewise.
Diffstat (limited to 'src/util.c')
-rw-r--r-- | src/util.c | 41 |
1 files changed, 35 insertions, 6 deletions
@@ -222,17 +222,44 @@ eclat_send_query(CURL *curl, struct ec2_query *q) char *url; CURLcode res; int rc = 0; + struct curl_slist *headers = NULL; - eclat_query_add_param(q, "AWSAccessKeyId", access_key); - + /* Prepare the request */ eclat_query_sign(q, secret_key, signature_version); url = eclat_query_to_url(q, NULL); - - debug(ECLAT_DEBCAT_MAIN, 1, ("using URL: %s", url)); curl_easy_setopt(curl, CURLOPT_URL, url); - + debug(ECLAT_DEBCAT_MAIN, 1, ("using URL: %s", url)); free(url); - eclat_query_free(q); + if (q->headers) { + struct grecs_list_entry *ep; + struct grecs_txtacc *acc; + int rc; + + acc = grecs_txtacc_create(); + + for (ep = q->headers->head; ep; ep = ep->next) { + struct ec2_param *p = ep->data; + char *str; + + grecs_txtacc_grow_string(acc, p->name); + grecs_txtacc_grow_char(acc, ':'); + grecs_txtacc_grow_string(acc, p->value); + grecs_txtacc_grow_char(acc, 0); + str = grecs_txtacc_finish(acc, 0); + debug(ECLAT_DEBCAT_MAIN, 1, ("HDR: %s", str)); + + headers = curl_slist_append(headers, str); + grecs_txtacc_free_string(acc, str); + } + + rc = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers); + grecs_txtacc_free(acc); + + if (rc) + die(EX_SOFTWARE, + "failed to add headers: %s", + curl_easy_strerror(rc)); + } if (dry_run_mode) debug(ECLAT_DEBCAT_MAIN, 1, ("not sending request")); @@ -244,6 +271,8 @@ eclat_send_query(CURL *curl, struct ec2_query *q) rc = 1; } } + eclat_query_free(q); + curl_slist_free_all(headers); return rc; } |