New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix aws sigv4 date twice #11754
Fix aws sigv4 date twice #11754
Conversation
b2a2651
to
94407cf
Compare
94407cf
to
c78a3d5
Compare
lib/http_aws_sigv4.c
Outdated
@@ -612,14 +609,14 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data, bool proxy) | |||
"Credential=%s/%s, " | |||
"SignedHeaders=%s, " | |||
"Signature=%s\r\n" | |||
"%s\r\n" | |||
"%s" /* if providedd by user, must not be add */ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This comment does not make sense (apart from the broken English). If this header is provided by the user, it is not added here no, but it is still added to the request.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've just changed it to:
/*
* date_header is added here, only if it wasn't
* pass as header (using -H),
* otherwise, date_header include \r\n
*/
b5c2405
to
3d8bccc
Compare
lib/http_aws_sigv4.c
Outdated
"%s\r\n" | ||
/* | ||
* date_header is added here, only if it wasn't | ||
* pass as header (using -H), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The header is actually set with CURLOPT_HTTPHEADER
since this is library code.
fix curl#11738 When the user was providing the header X-XXX-Date, the header was re-added during signature computation, and we had it twice in the request. Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com>
3d8bccc
to
1483755
Compare
Thanks |
When the user was providing the header X-XXX-Date, the header was re-added during signature computation, and we had it twice in the request. Reported-by: apparentorder@users.noreply.github.com Signed-off-by: Matthias Gatto <matthias.gatto@outscale.com> Fixes: curl#11738 Closes: curl#11754
Fix #11738