diff options
| author | Dmitry Wagin <dmitry.wagin@ya.ru> | 2021-01-25 17:02:09 +0300 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2021-01-30 23:48:22 +0100 |
| commit | 796ce293defeeefb001bd8b76bbb75eb77a1ce0c (patch) | |
| tree | 5de053a8198e191860a9bc7177c9788880e094a5 /src | |
| parent | 3c2210713e2427d567a6c44b83b3c9ac2a8577bc (diff) | |
| download | curl-796ce293defeeefb001bd8b76bbb75eb77a1ce0c.tar.gz | |
http: improve AWS HTTP v4 Signature auth
- Add support services without region and service prefixes in
the URL endpoint (ex. Min.IO, GCP, Yandex Cloud, Mail.Ru Cloud Solutions, etc)
by providing region and service parameters via aws-sigv4 option.
- Add [:region[:service]] suffix to aws-sigv4 option;
- Fix memory allocation errors.
- Refactor memory management.
- Use Curl_http_method instead() STRING_CUSTOMREQUEST.
- Refactor canonical headers generating.
- Remove repeated sha256_to_hex() usage.
- Add some docs fixes.
- Add some codestyle fixes.
- Add overloaded strndup() for debug - curl_dbg_strndup().
- Update tests.
Closes #6524
Diffstat (limited to 'src')
| -rw-r--r-- | src/tool_cfgable.c | 2 | ||||
| -rw-r--r-- | src/tool_cfgable.h | 2 | ||||
| -rw-r--r-- | src/tool_getparam.c | 5 | ||||
| -rw-r--r-- | src/tool_help.c | 2 | ||||
| -rw-r--r-- | src/tool_operate.c | 2 |
5 files changed, 7 insertions, 6 deletions
diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index ff05c295b..cc85475c4 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -169,7 +169,7 @@ static void free_config_fields(struct OperationConfig *config) Curl_safefree(config->ftp_account); Curl_safefree(config->ftp_alternative_to_user); - Curl_safefree(config->aws_sigv4_provider); + Curl_safefree(config->aws_sigv4); } void config_free(struct OperationConfig *config) diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index ad0d40233..68f06e66e 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -284,7 +284,7 @@ struct OperationConfig { 0 is valid. default: CURL_HET_DEFAULT. */ bool haproxy_protocol; /* whether to send HAProxy protocol v1 */ bool disallow_username_in_url; /* disallow usernames in URLs */ - char *aws_sigv4_provider; + char *aws_sigv4; struct GlobalConfig *global; struct OperationConfig *prev; struct OperationConfig *next; /* Always last in the struct */ diff --git a/src/tool_getparam.c b/src/tool_getparam.c index 10efe3612..812ce7fd9 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -113,7 +113,7 @@ static const struct LongShort aliases[]= { {"*t", "proxy-ntlm", ARG_BOOL}, {"*u", "crlf", ARG_BOOL}, {"*v", "stderr", ARG_FILENAME}, - {"*V", "aws-sigv4", ARG_STRING}, + {"*V", "aws-sigv4", ARG_STRING}, {"*w", "interface", ARG_STRING}, {"*x", "krb", ARG_STRING}, {"*x", "krb4", ARG_STRING}, @@ -806,8 +806,9 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ case 'V': /* --aws-sigv4 */ config->authtype |= CURLAUTH_AWS_SIGV4; - GetStr(&config->aws_sigv4_provider, nextarg); + GetStr(&config->aws_sigv4, nextarg); break; + case 'v': /* --stderr */ if(strcmp(nextarg, "-")) { FILE *newfile = fopen(nextarg, FOPEN_WRITETEXT); diff --git a/src/tool_help.c b/src/tool_help.c index 1166218e7..a094450e5 100644 --- a/src/tool_help.c +++ b/src/tool_help.c @@ -133,7 +133,7 @@ static const struct helptxt helptext[] = { {"-a, --append", "Append to target file when uploading", CURLHELP_FTP | CURLHELP_SFTP}, - {" --aws-sigv4 <provider1[:provider2]>", + {" --aws-sigv4 <provider1[:provider2[:region[:service]]]>", "Use AWS V4 signature authentication", CURLHELP_AUTH | CURLHELP_HTTP}, {" --basic", diff --git a/src/tool_operate.c b/src/tool_operate.c index ae8a4f2ed..140142a32 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1662,7 +1662,7 @@ static CURLcode single_transfer(struct GlobalConfig *global, my_setopt_str(curl, CURLOPT_PROXY_SSLKEYTYPE, config->proxy_key_type); my_setopt_str(curl, CURLOPT_AWS_SIGV4, - config->aws_sigv4_provider); + config->aws_sigv4); if(config->insecure_ok) { my_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); |