New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] salt.utils.aws.sig4 force usage of version as GET parameters even if method is not GET #61243
Comments
Seems I found a quick fix
|
I'm confused - https://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html#sig-v4-examples-get-query-string suggests that auth info in the query string is valid... is that incorrect? Or not what we're doing at this point? |
The fact is that when you perform POST operation AWS does not accept any GET parameters in the http requests BUT the cannonical requests signature requires:
Right now the behavior is the following:
So the fix is that sig4 method should add GET parameters only when method is GET |
Description
A clear and concise description of what the bug is.
** Setup
No Setup required
Steps to Reproduce the behavior
Expected behavior
request_url should not contains any params when not using GET method and then query_string should be empty in order to have a valid aws sig4 signature
Versions Report
salt --versions-report
``` Salt Version: Salt: 3004Dependency Versions:
cffi: Not Installed
cherrypy: Not Installed
dateutil: 2.7.3
docker-py: Not Installed
gitdb: 2.0.6
gitpython: 3.0.7
Jinja2: 2.10.1
libgit2: 0.28.3
M2Crypto: Not Installed
Mako: Not Installed
msgpack: 0.6.2
msgpack-pure: Not Installed
mysql-python: Not Installed
pycparser: Not Installed
pycrypto: Not Installed
pycryptodome: 3.6.1
pygit2: 1.0.3
Python: 3.8.10 (default, Sep 28 2021, 16:10:42)
python-gnupg: 0.4.5
PyYAML: 5.3.1
PyZMQ: 18.1.1
smmap: 2.0.5
timelib: Not Installed
Tornado: 4.5.3
ZMQ: 4.3.2
System Versions:
dist: ubuntu 20.04 focal
locale: utf-8
machine: x86_64
release: 5.11.0-1020-aws
system: Linux
version: Ubuntu 20.04 focal
The text was updated successfully, but these errors were encountered: