Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package aws-c-auth for openSUSE:Factory
checked in at 2025-03-26 21:22:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/aws-c-auth (Old)
and /work/SRC/openSUSE:Factory/.aws-c-auth.new.2696 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "aws-c-auth"
Wed Mar 26 21:22:58 2025 rev:18 rq:1256215 version:0.8.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/aws-c-auth/aws-c-auth.changes 2025-03-13
15:07:11.884718256 +0100
+++ /work/SRC/openSUSE:Factory/.aws-c-auth.new.2696/aws-c-auth.changes
2025-03-26 21:25:16.259114142 +0100
@@ -1,0 +2,7 @@
+Tue Mar 18 08:28:45 UTC 2025 - John Paul Adrian Glaubitz
<adrian.glaub...@suse.com>
+
+- Update to version 0.8.7
+ * Only forbid `X-Amz-S3session-Token` when signing with s3 express
+ by @TingDaoK in (#268)
+
+-------------------------------------------------------------------
Old:
----
v0.8.6.tar.gz
New:
----
v0.8.7.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ aws-c-auth.spec ++++++
--- /var/tmp/diff_new_pack.BZjj36/_old 2025-03-26 21:25:16.943142264 +0100
+++ /var/tmp/diff_new_pack.BZjj36/_new 2025-03-26 21:25:16.943142264 +0100
@@ -20,7 +20,7 @@
%define library_pkg 1_0_0
%define library_soversion 1
Name: aws-c-auth
-Version: 0.8.6
+Version: 0.8.7
Release: 0
Summary: AWS C99 library implementation of AWS client-side
authentication
License: Apache-2.0
++++++ v0.8.6.tar.gz -> v0.8.7.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/aws-c-auth-0.8.6/source/aws_signing.c
new/aws-c-auth-0.8.7/source/aws_signing.c
--- old/aws-c-auth-0.8.6/source/aws_signing.c 2025-03-04 22:34:11.000000000
+0100
+++ new/aws-c-auth-0.8.7/source/aws_signing.c 2025-03-17 21:41:36.000000000
+0100
@@ -199,10 +199,8 @@
return AWS_OP_ERR;
}
+ // Only forbit this header if the signing algorithm is
AWS_SIGNING_ALGORITHM_V4_S3EXPRESS
s_amz_s3session_token_header_name =
aws_byte_cursor_from_string(g_aws_signing_s3session_token_name);
- if (aws_hash_table_put(&s_forbidden_headers,
&s_amz_s3session_token_header_name, NULL, NULL)) {
- return AWS_OP_ERR;
- }
if (aws_hash_table_init(
&s_forbidden_params,
@@ -1378,7 +1376,7 @@
return AWS_OP_SUCCESS;
}
-static int s_validate_signable_header_list(struct aws_array_list *header_list)
{
+static int s_validate_signable_header_list(struct aws_array_list *header_list,
enum aws_signing_algorithm algo) {
const size_t header_count = aws_array_list_length(header_list);
for (size_t i = 0; i < header_count; ++i) {
struct aws_signable_property_list_pair header;
@@ -1396,6 +1394,15 @@
AWS_BYTE_CURSOR_PRI(header.name));
return aws_raise_error(AWS_AUTH_SIGNING_ILLEGAL_REQUEST_HEADER);
}
+ if (algo == AWS_SIGNING_ALGORITHM_V4_S3EXPRESS) {
+ if (aws_byte_cursor_eq_ignore_case(&header.name,
&s_amz_s3session_token_header_name)) {
+ AWS_LOGF_ERROR(
+ AWS_LS_AUTH_SIGNING,
+ "AWS authorization header \"" PRInSTR "\" for S3Express
found in request while signing",
+ AWS_BYTE_CURSOR_PRI(header.name));
+ return
aws_raise_error(AWS_AUTH_SIGNING_ILLEGAL_REQUEST_HEADER);
+ }
+ }
}
return AWS_OP_SUCCESS;
@@ -1415,7 +1422,7 @@
return AWS_OP_ERR;
}
- if (s_validate_signable_header_list(signable_header_list)) {
+ if (s_validate_signable_header_list(signable_header_list,
state->config.algorithm)) {
return AWS_OP_ERR;
}
