Introduce v4 signature used by AWS, Outscale and GCP

[outscale-mgo]

This Pull Request add support for V4 signature as describe here:
https://wiki.outscale.net/display/EN/About+Signatures+of+API+Requests and here:
https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html

I didn't test with GCP as it's not the default authentication method.

I've try to describe the algorithm in 6e7186d commit message.

here is some examples how to use curl with this patch to either call Outscale API from CURL or AWS:

# ReadVms Outscale API with filters
curl -X POST https://api.eu-west-2.outscale.com/api/latest/ReadVms -H 'Content-Type:  application/json' -k --user XXXXACCESSKEYXXXX:XXXXXXXXXSECRETKEYXXXXXXXXX --v4-signature "osc" --data '{"Filters" : { "VmIds" : [ "i-ca54d28e" ] } }'

# OUTSCALE with AWS API using POST
curl  -X POST https://fcu.eu-west-2.outscale.com/ -H 'Content-Type: application/x-www-form-urlencoded' --user XXXXACCESSKEYXXXX:XXXXXXXXXSECRETKEYXXXXXXXXX --v4-signature  "aws:amz" --data-urlencode "Version=2020-01-24" --data-urlencode "Action=DescribeInstances"

# OUTSCALE with AWS API using GET
curl -X GET 'https://fcu.eu-west-2.outscale.com?Version=2020-01-24&Action=DescribeInstances' -k --user XXXXACCESSKEYXXXX:XXXXXXXXXSECRETKEYXXXXXXXXX --v4-signature  "aws:amz"

# AWS
curl -X GET 'https://ec2.eu-west-3.amazonaws.com?Action=DescribeInstances&Version=2013-10-15' -k --user XXXXACCESSKEYXXXX:XXXXXXXXXSECRETKEYXXXXXXXXX --v4-signature  "aws:amz" -v

[bagder]

build warnings/errors in almost every CI job...

[outscale-mgo]

build warnings/errors in almost every CI job...

It seems I've forgot to add docs/cmdline-opts/v4-signature.d file,
and had some warning that my compiler miss ...
I've just fix that and push -f, so it should be fix now.

Sorry for the inconvenience.

[lgtm-com]

This pull request introduces 1 alert when merging 9d55d38 into ff8b6ce - view on LGTM.com

new alerts:

• 1 for Use of potentially dangerous function

[lgtm-com]

This pull request introduces 1 alert when merging 70b30049f0496ce158e5b17a5504cd6950d38354 into 13030d0 - view on LGTM.com

new alerts:

• 1 for Use of potentially dangerous function

[bagder]

1. Note that lgtm is correct: we must not use gmtime() in curl code! Use Curl_gmtime() instead.
2. Merge conflicts

[bagder]

Test 971 and 1119 still fail. They should be easy to fix:

• For 971, add the new cmdline flag to docs/options-in-versions
• For 1119, add the new curl symbols to docs/libcurl/symbols-in-versions

[bagder]

There are details left to polish here. I stopped remarking at some point, but I'm sure you get the gist of what needs to be done. When you add a test case or two for this authentication, many of my notes would be noticed immediately as (torture) test failures.

What exactly is the official name for this algorithm? Isn't it "AWS HTTP v4 Signature" or something like that? I find calling it just "v4 signature" seems a bit... non-descriptive.

[bagder]

This is not safe code. What exactly is surl, shouldn't it rather use a decomposed URL part?

[bagder]

s/chat/bytes ?

[bagder]

Can we be sure this string always has a colon?

[bagder]

this leaks memory in api_type here, right?

[bagder]

That seems like a bad error code. Maybe also add an infof() to aid users?

[bagder]

unusual indent level

[bagder]

Isn't this the exact same loop again?

[bagder]

snprintf, please

[bagder]

Why does it require none or basic set to switch to signature_v4 ?

[bagder]

Spelling, and shouldn't it rather be *provides AWS V4 signature authentication" or similar?

[bagder]

Please describe this as detailed as possible without adding URLs. URLs should be avoided in the man page, but if they really add a value they could be added below somewhere perhaps with its own subtitle.

[bagder]

Please use an "example.com" URL or similar, not a real one.

[bagder]

What happens if you set another?

[bagder]

I would rather that you don't sprinkle the code with this macro but rather actually inline the code. That makes the code much more readable - and if that feels like too much repetitive code, then maybe that says something...

[bagder]

If no custom method is set, data->set.method knows it. It can't be nothing.

[bagder]

This is still pending. Why the sudden reversed order, and now we're looking at landing in time for 7.74.0

[bagder]

The point with curl_msnprintf is using the actual target size in the second argument, and not just a fixed length. How about passing in the target buffer size as an argument to the function and use that, plus deduct the size in the loop?

Maybe call it _hex instead of _str ?

[bagder]

Can we have the 17 instead be sizeof() the target buffer?

[bagder]

Here too, can we have 16 be sizeof -1? Hardcoded numbers are asking for future problems,

[bagder]

... and here

[bagder]

trailing e in the comment

[bagder]

msnprintf() already zero terminates

[bagder]

7.74.0 is the aim now!

[bagder]

You don't need to describe how the auth works here, that's out of scope for the man page.

[bagder]

I still have some questions around how this fits into CURLOPT_HTTPAUTH. Your code now sets the v4sig bit exclusively if the v4sig option is set, which seems to imply that this auth is more important than the others or doesn't play on the same level. HTTP authorization is typically the client using one out of possibly a set of the different ones that the server offers.

[vszakats]

I believe the name of the option shall make it clear this is an AWS-specific type (which is apparently supported by other vendors by now?) and that terminology used consistently accross docs, option name, source, filenames, constants, etc. [ Even though I generally prefer something vendor-agnostic if there is any such option — if someone knows about an RFC or something, we should consider it. ]

E.g.:

• --aws-sigv4
• CURLOPT_AWS_SIGV4
• CURLAUTH_AWS_SIGV4
• http_aws_sigv4.c
• http_aws_sigv4.h
• etc.

[outscale-mgo]

shall

That's a good point, I've rename the v4-signature as aws-sigv4, note that's I'm bad at naming thing, so I've just reuse your suggestion

[outscale-mgo]

I've just rebase so ping :)

[bagder]

These version mentions now need to be 7.75.0...

[bagder]

how about using sizeof(sk) instead of the define? Makes it crystal clear it won't overwrrite the buffer.

[bagder]

Since this HMAX_SHA256 is a macro anyway, can't you move the typecasts to the macro away from "the main code" ?

[bagder]

I propose you remove everything below the first three lines of the description. The details about the request bytes are just too specific for ordinary users. Remember that this goes into the man page. Regular command line users will read and use this.

[bagder]

No need to add extra blank lines before the next .SH.

Missing mention: this option overrides the other auth types you might have set in CURL_HTTPAUTH which should be highlighted as this makes this auth method special. It could probably also be mentioned that this method can't be combined with other auth types.

[bagder]

I propose you remove the CURLOPT_HTTPHEADER from the example, as it's unrelated.

[bagder]

please use example.com so the name gets shorter and won't wrap for most users

[outscale-mgo]

I've change it to https://api_type.region.example.com/uri, and split the line to keep it under 80 columes.
I've keep "api_type.region" because those information are used by the algorithm.

[bagder]

This should probably take a size_t for the size, as you'll be passing sizeof() to it.

[bagder]

I'm ready to merge this. Can you just take a look at the new merge conflicts due to other merges that landed?

[outscale-mgo]

I'm ready to merge this. Can you just take a look at the new merge conflicts due to other merges that landed?

Thanks, it should be ok now

[bagder]

Thanks!