Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package aws-c-auth for openSUSE:Factory checked in at 2025-02-06 22:05:27 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/aws-c-auth (Old) and /work/SRC/openSUSE:Factory/.aws-c-auth.new.2316 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "aws-c-auth" Thu Feb 6 22:05:27 2025 rev:15 rq:1243453 version:0.8.4 Changes: -------- --- /work/SRC/openSUSE:Factory/aws-c-auth/aws-c-auth.changes 2025-01-23 18:06:48.603597174 +0100 +++ /work/SRC/openSUSE:Factory/.aws-c-auth.new.2316/aws-c-auth.changes 2025-02-06 22:06:59.193976921 +0100 @@ -1,0 +2,11 @@ +Thu Jan 30 12:02:20 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaub...@suse.com> + +- Update to version 0.8.4 + * A bunch of CMake fixes by @graebm in (#258) +- from version 0.8.3 + * Add Account Id to Credentials by @waahm7 in (#260) +- from version 0.8.2 + * Skip Transfer-Encoding from signing by @DmitriyMusatkin in (#261) +- Drop aca_fix-cmake-modules-path.patch, fixed upstream + +------------------------------------------------------------------- Old: ---- aca_fix-cmake-modules-path.patch v0.8.1.tar.gz New: ---- v0.8.4.tar.gz BETA DEBUG BEGIN: Old: * Skip Transfer-Encoding from signing by @DmitriyMusatkin in (#261) - Drop aca_fix-cmake-modules-path.patch, fixed upstream BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ aws-c-auth.spec ++++++ --- /var/tmp/diff_new_pack.GUcsT9/_old 2025-02-06 22:06:59.834003296 +0100 +++ /var/tmp/diff_new_pack.GUcsT9/_new 2025-02-06 22:06:59.834003296 +0100 @@ -20,14 +20,13 @@ %define library_pkg 1_0_0 %define library_soversion 1 Name: aws-c-auth -Version: 0.8.1 +Version: 0.8.4 Release: 0 Summary: AWS C99 library implementation of AWS client-side authentication License: Apache-2.0 Group: Development/Libraries/C and C++ URL: https://github.com/awslabs/aws-c-auth Source0: https://github.com/awslabs/%{name}/archive/v%{version}.tar.gz -Patch0: aca_fix-cmake-modules-path.patch BuildRequires: cmake BuildRequires: fdupes BuildRequires: cmake(aws-c-common) ++++++ v0.8.1.tar.gz -> v0.8.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/.github/workflows/codecov.yml new/aws-c-auth-0.8.4/.github/workflows/codecov.yml --- old/aws-c-auth-0.8.1/.github/workflows/codecov.yml 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/.github/workflows/codecov.yml 2025-01-29 00:11:12.000000000 +0100 @@ -4,7 +4,7 @@ push: env: - BUILDER_VERSION: v0.9.72 + BUILDER_VERSION: v0.9.74 BUILDER_HOST: https://d19elf31gohf1l.cloudfront.net BUILDER_SOURCE: releases PACKAGE_NAME: aws-c-auth @@ -28,4 +28,4 @@ run: | python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')" chmod a+x builder - ./builder build -p ${{ env.PACKAGE_NAME }} --compiler=gcc-9 --cmake-extra=-DASSERT_LOCK_HELD=ON --coverage + ./builder build -p ${{ env.PACKAGE_NAME }} --compiler=gcc --cmake-extra=-DASSERT_LOCK_HELD=ON --coverage diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/CMakeLists.txt new/aws-c-auth-0.8.4/CMakeLists.txt --- old/aws-c-auth-0.8.1/CMakeLists.txt 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/CMakeLists.txt 2025-01-29 00:11:12.000000000 +0100 @@ -1,33 +1,18 @@ -cmake_minimum_required(VERSION 3.9) +cmake_minimum_required(VERSION 3.9...3.31) project(aws-c-auth C) -if (DEFINED CMAKE_PREFIX_PATH) - file(TO_CMAKE_PATH "${CMAKE_PREFIX_PATH}" CMAKE_PREFIX_PATH) +if (NOT IN_SOURCE_BUILD) + # this is required so we can use aws-c-common's CMake modules + find_package(aws-c-common REQUIRED) endif() -if (DEFINED CMAKE_INSTALL_PREFIX) - file(TO_CMAKE_PATH "${CMAKE_INSTALL_PREFIX}" CMAKE_INSTALL_PREFIX) -endif() - - -if (UNIX AND NOT APPLE) - include(GNUInstallDirs) -elseif(NOT DEFINED CMAKE_INSTALL_LIBDIR) - set(CMAKE_INSTALL_LIBDIR "lib") -endif() - -# This is required in order to append /lib/cmake to each element in CMAKE_PREFIX_PATH -set(AWS_MODULE_DIR "/${CMAKE_INSTALL_LIBDIR}/cmake") -string(REPLACE ";" "${AWS_MODULE_DIR};" AWS_MODULE_PATH "${CMAKE_PREFIX_PATH}${AWS_MODULE_DIR}") -# Append that generated list to the module search path -list(APPEND CMAKE_MODULE_PATH ${AWS_MODULE_PATH}) - include(AwsCFlags) include(AwsCheckHeaders) include(AwsSharedLibSetup) include(AwsSanitizers) include(AwsFindPackage) +include(GNUInstallDirs) option(BUILD_RELOCATABLE_BINARIES "Build Relocatable Binaries, this will turn off features that will fail on older kernels than used for the build." @@ -89,7 +74,7 @@ aws_prepare_shared_lib_exports(${PROJECT_NAME}) -install(FILES ${AWS_AUTH_ROOT_HEADERS} DESTINATION "include/aws/auth" COMPONENT Development) +install(FILES ${AWS_AUTH_ROOT_HEADERS} DESTINATION "${CMAKE_INSTALL_INCLUDEDIR}/aws/auth" COMPONENT Development) if (BUILD_SHARED_LIBS) set (TARGET_DIR "shared") @@ -98,7 +83,7 @@ endif() install(EXPORT "${PROJECT_NAME}-targets" - DESTINATION "${LIBRARY_DIRECTORY}/${PROJECT_NAME}/cmake/${TARGET_DIR}/" + DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/${PROJECT_NAME}/${TARGET_DIR}/" NAMESPACE AWS:: COMPONENT Development) @@ -107,7 +92,7 @@ @ONLY) install(FILES "${CMAKE_CURRENT_BINARY_DIR}/${PROJECT_NAME}-config.cmake" - DESTINATION "${LIBRARY_DIRECTORY}/${PROJECT_NAME}/cmake/" + DESTINATION "${CMAKE_INSTALL_LIBDIR}/cmake/${PROJECT_NAME}/" COMPONENT Development) include(CTest) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/include/aws/auth/credentials.h new/aws-c-auth-0.8.4/include/aws/auth/credentials.h --- old/aws-c-auth-0.8.1/include/aws/auth/credentials.h 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/include/aws/auth/credentials.h 2025-01-29 00:11:12.000000000 +0100 @@ -82,6 +82,7 @@ struct aws_byte_cursor access_key_id; struct aws_byte_cursor secret_access_key; struct aws_byte_cursor session_token; + struct aws_byte_cursor account_id; }; /** @@ -744,6 +745,28 @@ uint64_t expiration_timepoint_seconds); /** + * Creates a new set of aws credentials with account_id + * + * @param allocator memory allocator to use + * @param access_key_id_cursor value for the aws access key id field + * @param secret_access_key_cursor value for the secret access key field + * @param session_token_cursor (optional) security token associated with the credentials + * @param account_id (optional) value for the account_id field + * @param expiration_timepoint_seconds timepoint, in seconds since epoch, that the credentials will no longer + * be valid past. For credentials that do not expire, use UINT64_MAX + * + * @return a valid credentials object, or NULL + */ +AWS_AUTH_API +struct aws_credentials *aws_credentials_new_with_account_id( + struct aws_allocator *allocator, + struct aws_byte_cursor access_key_id_cursor, + struct aws_byte_cursor secret_access_key_cursor, + struct aws_byte_cursor session_token_cursor, + struct aws_byte_cursor account_id_cursor, + uint64_t expiration_timepoint_seconds); + +/** * Creates a new set of aws anonymous credentials. * Use Anonymous credentials, when you want to skip the signing process. * @@ -849,6 +872,15 @@ struct aws_byte_cursor aws_credentials_get_session_token(const struct aws_credentials *credentials); /** + * Get the AWS account id from a set of credentials + * + * @param credentials to get the account id from + * @return a byte cursor to the account id or an empty byte cursor if there is no account id + */ +AWS_AUTH_API +struct aws_byte_cursor aws_credentials_get_account_id(const struct aws_credentials *credentials); + +/** * Get the expiration timepoint (in seconds since epoch) associated with a set of credentials * * @param credentials credentials to get the expiration timepoint for @@ -883,7 +915,7 @@ * the hybrid mode based on AWS credentials. * * @param allocator memory allocator to use for all memory allocation - * @param credentials AWS credentials to derive the ECC key from using the AWS sigv4a key deriviation specification + * @param credentials AWS credentials to derive the ECC key from using the AWS sigv4a key derivation specification * @return a new ecc key pair or NULL on failure */ AWS_AUTH_API diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/include/aws/auth/signing_config.h new/aws-c-auth-0.8.4/include/aws/auth/signing_config.h --- old/aws-c-auth-0.8.1/include/aws/auth/signing_config.h 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/include/aws/auth/signing_config.h 2025-01-29 00:11:12.000000000 +0100 @@ -209,7 +209,7 @@ void *should_sign_header_ud; /* - * Put all flags in here at the end. If this grows, stay aware of bit-space overflow and ABI compatibilty. + * Put all flags in here at the end. If this grows, stay aware of bit-space overflow and ABI compatibility. */ struct { /** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/aws_imds_client.c new/aws-c-auth-0.8.4/source/aws_imds_client.c --- old/aws-c-auth-0.8.1/source/aws_imds_client.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/aws_imds_client.c 2025-01-29 00:11:12.000000000 +0100 @@ -954,7 +954,7 @@ return ret; } /** - * Once a requseter returns from token request, it should call this function to unblock all other + * Once a requester returns from token request, it should call this function to unblock all other * waiting requesters. When the token parameter is NULL, means the token request failed. Now we need * a new requester to acquire the token again. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/aws_signing.c new/aws-c-auth-0.8.4/source/aws_signing.c --- old/aws-c-auth-0.8.1/source/aws_signing.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/aws_signing.c 2025-01-29 00:11:12.000000000 +0100 @@ -82,6 +82,7 @@ static struct aws_byte_cursor s_sec_websocket_protocol_header_name; static struct aws_byte_cursor s_sec_websocket_version_header_name; static struct aws_byte_cursor s_upgrade_header_name; +static struct aws_byte_cursor s_transfer_encoding_header_name; static struct aws_byte_cursor s_amz_content_sha256_header_name; static struct aws_byte_cursor s_amz_date_header_name; @@ -157,6 +158,11 @@ return AWS_OP_ERR; } + s_transfer_encoding_header_name = aws_byte_cursor_from_c_str("transfer-encoding"); + if (aws_hash_table_put(&s_skipped_headers, &s_transfer_encoding_header_name, NULL, NULL)) { + return AWS_OP_ERR; + } + if (aws_hash_table_init( &s_forbidden_headers, allocator, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/credentials.c new/aws-c-auth-0.8.4/source/credentials.c --- old/aws-c-auth-0.8.1/source/credentials.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/credentials.c 2025-01-29 00:11:12.000000000 +0100 @@ -22,6 +22,7 @@ struct aws_string *access_key_id; struct aws_string *secret_access_key; struct aws_string *session_token; + struct aws_string *account_id; }; /* aws_token identity contains only a token to represent token only identities like a bearer token. */ @@ -85,6 +86,7 @@ /* * Credentials API implementations */ + struct aws_credentials *aws_credentials_new( struct aws_allocator *allocator, struct aws_byte_cursor access_key_id_cursor, @@ -92,6 +94,26 @@ struct aws_byte_cursor session_token_cursor, uint64_t expiration_timepoint_seconds) { + struct aws_byte_cursor account_id; + AWS_ZERO_STRUCT(account_id); + + return aws_credentials_new_with_account_id( + allocator, + access_key_id_cursor, + secret_access_key_cursor, + session_token_cursor, + account_id, + expiration_timepoint_seconds); +} + +struct aws_credentials *aws_credentials_new_with_account_id( + struct aws_allocator *allocator, + struct aws_byte_cursor access_key_id_cursor, + struct aws_byte_cursor secret_access_key_cursor, + struct aws_byte_cursor session_token_cursor, + struct aws_byte_cursor account_id_cursor, + uint64_t expiration_timepoint_seconds) { + if (access_key_id_cursor.ptr == NULL || access_key_id_cursor.len == 0) { aws_raise_error(AWS_ERROR_INVALID_ARGUMENT); return NULL; @@ -133,6 +155,14 @@ } } + if (account_id_cursor.ptr != NULL && account_id_cursor.len > 0) { + credentials_identity->account_id = + aws_string_new_from_array(allocator, account_id_cursor.ptr, account_id_cursor.len); + if (credentials_identity->account_id == NULL) { + goto error; + } + } + credentials->expiration_timepoint_seconds = expiration_timepoint_seconds; return credentials; @@ -166,6 +196,7 @@ aws_string_destroy(credentials->identity.credentials_identity.access_key_id); aws_string_destroy_secure(credentials->identity.credentials_identity.secret_access_key); aws_string_destroy_secure(credentials->identity.credentials_identity.session_token); + aws_string_destroy_secure(credentials->identity.credentials_identity.account_id); break; case ECC_IDENTITY: aws_string_destroy(credentials->identity.ecc_identity.access_key_id); @@ -250,6 +281,19 @@ } break; default: + break; + } + return s_empty_token_cursor; +} + +struct aws_byte_cursor aws_credentials_get_account_id(const struct aws_credentials *credentials) { + switch (credentials->identity_type) { + case AWS_CREDENTIALS_IDENTITY: + if (credentials->identity.credentials_identity.account_id != NULL) { + return aws_byte_cursor_from_string(credentials->identity.credentials_identity.account_id); + } + break; + default: break; } return s_empty_token_cursor; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/credentials_provider_cached.c new/aws-c-auth-0.8.4/source/credentials_provider_cached.c --- old/aws-c-auth-0.8.1/source/credentials_provider_cached.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/credentials_provider_cached.c 2025-01-29 00:11:12.000000000 +0100 @@ -60,7 +60,7 @@ AWS_LOGF_DEBUG( AWS_LS_AUTH_CREDENTIALS_PROVIDER, - "(id=%p) Cached credentials provider succesfully sourced credentials on refresh", + "(id=%p) Cached credentials provider successfully sourced credentials on refresh", (void *)provider); } else { AWS_LOGF_DEBUG( diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/credentials_provider_sso.c new/aws-c-auth-0.8.4/source/credentials_provider_sso.c --- old/aws-c-auth-0.8.1/source/credentials_provider_sso.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/credentials_provider_sso.c 2025-01-29 00:11:12.000000000 +0100 @@ -378,7 +378,7 @@ struct aws_byte_cursor token = aws_credentials_get_token(credentials); AWS_LOGF_INFO( AWS_LS_AUTH_CREDENTIALS_PROVIDER, - "(id=%p): successfully accquired a token", + "(id=%p): successfully acquired a token", (void *)sso_query_context->provider); sso_query_context->token = aws_string_new_from_cursor(sso_query_context->allocator, &token); @@ -401,7 +401,7 @@ } AWS_LOGF_INFO( AWS_LS_AUTH_CREDENTIALS_PROVIDER, - "(id=%p): successfully accquired a connection", + "(id=%p): successfully acquired a connection", (void *)sso_query_context->provider); sso_query_context->connection = connection; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/credentials_provider_static.c new/aws-c-auth-0.8.4/source/credentials_provider_static.c --- old/aws-c-auth-0.8.1/source/credentials_provider_static.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/credentials_provider_static.c 2025-01-29 00:11:12.000000000 +0100 @@ -51,8 +51,13 @@ AWS_ZERO_STRUCT(*provider); - struct aws_credentials *credentials = aws_credentials_new( - allocator, options->access_key_id, options->secret_access_key, options->session_token, UINT64_MAX); + struct aws_credentials *credentials = aws_credentials_new_with_account_id( + allocator, + options->access_key_id, + options->secret_access_key, + options->session_token, + options->account_id, + UINT64_MAX); if (credentials == NULL) { goto on_new_credentials_failure; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/credentials_provider_sts.c new/aws-c-auth-0.8.4/source/credentials_provider_sts.c --- old/aws-c-auth-0.8.1/source/credentials_provider_sts.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/credentials_provider_sts.c 2025-01-29 00:11:12.000000000 +0100 @@ -742,7 +742,7 @@ const struct aws_credentials_provider_sts_options *options) { if (!options->bootstrap) { - AWS_LOGF_ERROR(AWS_LS_AUTH_CREDENTIALS_PROVIDER, "a client bootstrap is necessary for quering STS"); + AWS_LOGF_ERROR(AWS_LS_AUTH_CREDENTIALS_PROVIDER, "a client bootstrap is necessary for querying STS"); aws_raise_error(AWS_ERROR_INVALID_ARGUMENT); return NULL; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/credentials_utils.c new/aws-c-auth-0.8.4/source/credentials_utils.c --- old/aws-c-auth-0.8.1/source/credentials_utils.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/credentials_utils.c 2025-01-29 00:11:12.000000000 +0100 @@ -96,7 +96,7 @@ if (aws_json_value_get_string(value, &expiration_cursor)) { AWS_LOGF_INFO( AWS_LS_AUTH_CREDENTIALS_PROVIDER, - "Unabled to extract credentials Expiration field from Json document."); + "Unable to extract credentials Expiration field from Json document."); return false; } @@ -123,7 +123,7 @@ if (aws_json_value_get_number(value, &expiration_value)) { AWS_LOGF_INFO( AWS_LS_AUTH_CREDENTIALS_PROVIDER, - "Unabled to extract credentials Expiration field from Json document."); + "Unable to extract credentials Expiration field from Json document."); return false; } @@ -136,7 +136,7 @@ if (aws_json_value_get_number(value, &expiration_value_ms)) { AWS_LOGF_INFO( AWS_LS_AUTH_CREDENTIALS_PROVIDER, - "Unabled to extract credentials Expiration field from Json document."); + "Unable to extract credentials Expiration field from Json document."); return false; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/source/token_provider_sso_session.c new/aws-c-auth-0.8.4/source/token_provider_sso_session.c --- old/aws-c-auth-0.8.1/source/token_provider_sso_session.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/source/token_provider_sso_session.c 2025-01-29 00:11:12.000000000 +0100 @@ -53,7 +53,7 @@ goto done; } - /* TODO: Refresh token if it is within refresh window and refreshable */ + /* TODO: Refresh token if it is within refresh window and refreshble */ credentials = aws_credentials_new_token( provider->allocator, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/tests/CMakeLists.txt new/aws-c-auth-0.8.4/tests/CMakeLists.txt --- old/aws-c-auth-0.8.1/tests/CMakeLists.txt 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/tests/CMakeLists.txt 2025-01-29 00:11:12.000000000 +0100 @@ -195,6 +195,7 @@ add_test_case(sigv4_skip_xray_header_test) add_test_case(sigv4_skip_user_agent_header_test) add_test_case(sigv4_skip_custom_header_test) +add_test_case(sigv4_skip_transfer_encoding_header_test) add_test_case(sigv4_fail_date_header_test) add_test_case(sigv4_fail_content_header_test) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/tests/credentials_tests.c new/aws-c-auth-0.8.4/tests/credentials_tests.c --- old/aws-c-auth-0.8.1/tests/credentials_tests.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/tests/credentials_tests.c 2025-01-29 00:11:12.000000000 +0100 @@ -28,6 +28,7 @@ AWS_STATIC_STRING_FROM_LITERAL(s_access_key_id_test_value, "My Access Key"); AWS_STATIC_STRING_FROM_LITERAL(s_secret_access_key_test_value, "SekritKey"); AWS_STATIC_STRING_FROM_LITERAL(s_session_token_test_value, "Some Session Token"); +AWS_STATIC_STRING_FROM_LITERAL(s_account_id_test_value, "Some Account Value"); static int s_credentials_create_destroy_test(struct aws_allocator *allocator, void *ctx) { (void)ctx; @@ -115,7 +116,8 @@ int expected_calls, const struct aws_string *expected_access_key_id, const struct aws_string *expected_secret_access_key, - const struct aws_string *expected_session_token) { + const struct aws_string *expected_session_token, + const struct aws_string *expected_account_id) { struct aws_get_credentials_test_callback_result callback_results; aws_get_credentials_test_callback_result_init(&callback_results, expected_calls); @@ -141,6 +143,13 @@ } else { ASSERT_TRUE(aws_credentials_get_session_token(callback_results.credentials).len == 0); } + + if (expected_account_id != NULL) { + ASSERT_CURSOR_VALUE_STRING_EQUALS( + aws_credentials_get_account_id(callback_results.credentials), expected_account_id); + } else { + ASSERT_TRUE(aws_credentials_get_account_id(callback_results.credentials).len == 0); + } } else { ASSERT_TRUE(expected_access_key_id == NULL); ASSERT_TRUE(expected_secret_access_key == NULL); @@ -159,6 +168,7 @@ .access_key_id = aws_byte_cursor_from_string(s_access_key_id_test_value), .secret_access_key = aws_byte_cursor_from_string(s_secret_access_key_test_value), .session_token = aws_byte_cursor_from_string(s_session_token_test_value), + .account_id = aws_byte_cursor_from_string(s_account_id_test_value), .shutdown_options = { .shutdown_callback = s_on_shutdown_complete, @@ -172,8 +182,12 @@ ASSERT_TRUE( s_do_basic_provider_test( - provider, 1, s_access_key_id_test_value, s_secret_access_key_test_value, s_session_token_test_value) == - AWS_OP_SUCCESS); + provider, + 1, + s_access_key_id_test_value, + s_secret_access_key_test_value, + s_session_token_test_value, + s_account_id_test_value) == AWS_OP_SUCCESS); aws_credentials_provider_release(provider); @@ -198,7 +212,7 @@ struct aws_credentials_provider *provider = aws_credentials_provider_new_anonymous(allocator, &shutdown_options); - ASSERT_TRUE(s_do_basic_provider_test(provider, 1, NULL, NULL, NULL) == AWS_OP_SUCCESS); + ASSERT_TRUE(s_do_basic_provider_test(provider, 1, NULL, NULL, NULL, NULL) == AWS_OP_SUCCESS); aws_credentials_provider_release(provider); @@ -236,8 +250,12 @@ ASSERT_TRUE( s_do_basic_provider_test( - provider, 1, s_access_key_id_test_value, s_secret_access_key_test_value, s_session_token_test_value) == - AWS_OP_SUCCESS); + provider, + 1, + s_access_key_id_test_value, + s_secret_access_key_test_value, + s_session_token_test_value, + NULL) == AWS_OP_SUCCESS); aws_credentials_provider_release(provider); @@ -270,7 +288,7 @@ struct aws_credentials_provider *provider = aws_credentials_provider_new_environment(allocator, &options); /* Instead of getting an empty credentials, should just fail to fetch credentials */ - ASSERT_TRUE(s_do_basic_provider_test(provider, 1, NULL, NULL, NULL) == AWS_OP_SUCCESS); + ASSERT_TRUE(s_do_basic_provider_test(provider, 1, NULL, NULL, NULL, NULL) == AWS_OP_SUCCESS); aws_credentials_provider_release(provider); @@ -300,7 +318,7 @@ struct aws_credentials_provider *provider = aws_credentials_provider_new_environment(allocator, &options); - ASSERT_TRUE(s_do_basic_provider_test(provider, 1, NULL, NULL, NULL) == AWS_OP_SUCCESS); + ASSERT_TRUE(s_do_basic_provider_test(provider, 1, NULL, NULL, NULL, NULL) == AWS_OP_SUCCESS); aws_credentials_provider_release(provider); @@ -1338,8 +1356,12 @@ ASSERT_TRUE( s_do_basic_provider_test( - provider, 1, s_access_key_id_test_value, s_secret_access_key_test_value, s_session_token_test_value) == - AWS_OP_SUCCESS); + provider, + 1, + s_access_key_id_test_value, + s_secret_access_key_test_value, + s_session_token_test_value, + NULL) == AWS_OP_SUCCESS); /* * Verify that there's some caching before the environment by modifying the environment and requerying @@ -1350,8 +1372,12 @@ ASSERT_TRUE( s_do_basic_provider_test( - provider, 1, s_access_key_id_test_value, s_secret_access_key_test_value, s_session_token_test_value) == - AWS_OP_SUCCESS); + provider, + 1, + s_access_key_id_test_value, + s_secret_access_key_test_value, + s_session_token_test_value, + NULL) == AWS_OP_SUCCESS); aws_credentials_provider_release(provider); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.8.1/tests/sigv4_signing_tests.c new/aws-c-auth-0.8.4/tests/sigv4_signing_tests.c --- old/aws-c-auth-0.8.1/tests/sigv4_signing_tests.c 2025-01-22 00:40:21.000000000 +0100 +++ new/aws-c-auth-0.8.4/tests/sigv4_signing_tests.c 2025-01-29 00:11:12.000000000 +0100 @@ -1600,6 +1600,33 @@ AWS_TEST_CASE(sigv4_skip_user_agent_header_test, s_sigv4_skip_user_agent_header_test); AWS_STATIC_STRING_FROM_LITERAL( + s_skip_transfer_encoding_header_request, + "GET / HTTP/1.1\n" + "Transfer-Encoding: chunked\n" + "Host:example.amazonaws.com\n\n"); + +AWS_STATIC_STRING_FROM_LITERAL( + s_skip_transfer_encoding_header_expected_canonical_request, + "GET\n" + "/\n" + "\n" + "host:example.amazonaws.com\n" + "x-amz-date:20150830T123600Z\n" + "\n" + "host;x-amz-date\n" + "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"); + +static int s_sigv4_skip_transfer_encoding_header_test(struct aws_allocator *allocator, void *ctx) { + (void)ctx; + return s_do_header_skip_test( + allocator, + NULL, + s_skip_transfer_encoding_header_request, + s_skip_transfer_encoding_header_expected_canonical_request); +} +AWS_TEST_CASE(sigv4_skip_transfer_encoding_header_test, s_sigv4_skip_transfer_encoding_header_test); + +AWS_STATIC_STRING_FROM_LITERAL( s_skip_custom_header_request, "GET / HTTP/1.1\n" "MyHeader:Blahblah\n"
