diff --git a/boto-2.40.0-sigv4-protocol.patch b/boto-2.40.0-sigv4-protocol.patch new file mode 100644 index 0000000..74dc36b --- /dev/null +++ b/boto-2.40.0-sigv4-protocol.patch @@ -0,0 +1,68 @@ +From b856be32c4daf4d223efec85ef48b2cd80388713 Mon Sep 17 00:00:00 2001 +From: Tim Burke +Date: Mon, 6 Jun 2016 15:44:01 -0700 +Subject: [PATCH] Respect is_secure parameter in generate_url_sigv4 + +Previously, the protocol was hardcoded to https. +--- + boto/auth.py | 4 ++-- + tests/unit/s3/test_connection.py | 31 +++++++++++++++++++++++++++++++ + 2 files changed, 33 insertions(+), 2 deletions(-) + +Index: boto-2.40.0/boto/auth.py +=================================================================== +--- boto-2.40.0.orig/boto/auth.py ++++ boto-2.40.0/boto/auth.py +@@ -771,8 +771,8 @@ class S3HmacAuthV4Handler(HmacAuthV4Hand + # Add signature to params now that we have it + req.params['X-Amz-Signature'] = signature + +- return 'https://%s%s?%s' % (req.host, req.path, +- urllib.parse.urlencode(req.params)) ++ return '%s://%s%s?%s' % (req.protocol, req.host, req.path, ++ urllib.parse.urlencode(req.params)) + + + class STSAnonHandler(AuthHandler): +Index: boto-2.40.0/tests/unit/s3/test_connection.py +=================================================================== +--- boto-2.40.0.orig/tests/unit/s3/test_connection.py ++++ boto-2.40.0/tests/unit/s3/test_connection.py +@@ -141,6 +141,37 @@ class TestSigV4Presigned(MockServiceWith + 'a937f5fbc125d98ac8f04c49e0204ea1526a7b8ca058000a54c192457be05b7d', + url) + ++ def test_sigv4_presign_respects_is_secure(self): ++ self.config = { ++ 's3': { ++ 'use-sigv4': True, ++ } ++ } ++ ++ conn = self.connection_class( ++ aws_access_key_id='less', ++ aws_secret_access_key='more', ++ host='s3.amazonaws.com', ++ is_secure=True, ++ ) ++ ++ url = conn.generate_url_sigv4(86400, 'GET', bucket='examplebucket', ++ key='test.txt') ++ self.assertTrue(url.startswith( ++ 'https://examplebucket.s3.amazonaws.com/test.txt?')) ++ ++ conn = self.connection_class( ++ aws_access_key_id='less', ++ aws_secret_access_key='more', ++ host='s3.amazonaws.com', ++ is_secure=False, ++ ) ++ ++ url = conn.generate_url_sigv4(86400, 'GET', bucket='examplebucket', ++ key='test.txt') ++ self.assertTrue(url.startswith( ++ 'http://examplebucket.s3.amazonaws.com/test.txt?')) ++ + def test_sigv4_presign_optional_params(self): + self.config = { + 's3': { diff --git a/python-boto.spec b/python-boto.spec index 44828ac..69d6f35 100644 --- a/python-boto.spec +++ b/python-boto.spec @@ -38,6 +38,10 @@ Patch1: boto-2.39.0-devendor.patch # https://github.com/boto/boto/pull/3472 Patch2: boto-2.40.0-nat-gateway.patch +# Fix generate_url_sigv4 protocol selection +# https://github.com/boto/boto/pull/3553 +Patch3: boto-2.40.0-sigv4-protocol.patch + BuildRequires: python2-devel BuildRequires: python-setuptools BuildRequires: python-six @@ -119,6 +123,7 @@ cloud systems like Eucalyptus, OpenStack and Open Nebula. %setup -q -n boto-%{version} %patch1 -p1 %patch2 -p1 +%patch3 -p1 rm -r boto/vendored @@ -180,6 +185,7 @@ mv $RPM_BUILD_ROOT/%{_bindir} examples * Tue Jun 21 2016 Garrett Holmstrom - 2.40.0-2 - Cleaned up spec file - Added NAT gateway support +- Fixed sigv4 protocol selection * Mon May 23 2016 Jon Ciesla - 2.40.0-1 - 2.40.0.