From f9c613783c93864d7cd557330547b1af24c9b23c Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Wed, 14 Aug 2024 12:37:44 -0700 Subject: [PATCH 1/4] Consider sigv4a supported without crt check --- gems/aws-sdk-core/aws-sdk-core.gemspec | 2 +- gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/gems/aws-sdk-core/aws-sdk-core.gemspec b/gems/aws-sdk-core/aws-sdk-core.gemspec index 12f78a41c66..6b393f4bfd3 100644 --- a/gems/aws-sdk-core/aws-sdk-core.gemspec +++ b/gems/aws-sdk-core/aws-sdk-core.gemspec @@ -14,7 +14,7 @@ Gem::Specification.new do |spec| spec.add_dependency('jmespath', '~> 1', '>= 1.6.1') # necessary for secure jmespath JSON parsing spec.add_dependency('aws-partitions', '~> 1', '>= 1.651.0') # necessary for new endpoint resolution - spec.add_dependency('aws-sigv4', '~> 1.8') # necessary for s3 express auth + spec.add_dependency('aws-sigv4', '~> 1.9') # necessary for s3 express auth/native sigv4a support spec.add_dependency('aws-eventstream', '~> 1', '>= 1.3.0') # necessary for binary eventstream spec.metadata = { diff --git a/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb b/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb index 2c069bb9e2a..b8374131898 100644 --- a/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb +++ b/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb @@ -13,8 +13,7 @@ class Sign < Seahorse::Client::Plugin option(:sigv4_region) option(:unsigned_operations, default: []) - supported_auth_types = %w[sigv4 bearer sigv4-s3express none] - supported_auth_types += ['sigv4a'] if Aws::Sigv4::Signer.use_crt? + supported_auth_types = %w[sigv4 bearer sigv4-s3express sigv4a none] SUPPORTED_AUTH_TYPES = supported_auth_types.freeze def add_handlers(handlers, cfg) From 7696e3c528579ddec8e7a650c8c010f849bb0d71 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Wed, 14 Aug 2024 13:27:56 -0700 Subject: [PATCH 2/4] Add changelog --- gems/aws-sdk-core/CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/gems/aws-sdk-core/CHANGELOG.md b/gems/aws-sdk-core/CHANGELOG.md index dacef83d581..6e61c0e6ba3 100644 --- a/gems/aws-sdk-core/CHANGELOG.md +++ b/gems/aws-sdk-core/CHANGELOG.md @@ -1,6 +1,8 @@ Unreleased Changes ------------------ +* Issue - Consider sigv4a supported without crt check. + 3.201.4 (2024-08-08) ------------------ From 63d61414f042cfd4c79d0dacdcc980f6af0ba496 Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Wed, 14 Aug 2024 13:51:10 -0700 Subject: [PATCH 3/4] Allow legacy/undocumented sigv4_signer configuration to override resolved signer --- gems/aws-sdk-core/CHANGELOG.md | 1 + gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/gems/aws-sdk-core/CHANGELOG.md b/gems/aws-sdk-core/CHANGELOG.md index 6e61c0e6ba3..785d9a8cd55 100644 --- a/gems/aws-sdk-core/CHANGELOG.md +++ b/gems/aws-sdk-core/CHANGELOG.md @@ -1,6 +1,7 @@ Unreleased Changes ------------------ +* Issue - Allow legacy/undocumented sigv4_signer configuration to override resolved signer. * Issue - Consider sigv4a supported without crt check. 3.201.4 (2024-08-08) diff --git a/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb b/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb index b8374131898..5a447707222 100644 --- a/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb +++ b/gems/aws-sdk-core/lib/aws-sdk-core/plugins/sign.rb @@ -106,7 +106,7 @@ def initialize(auth_scheme, config, sigv4_overrides = {}) auth_scheme['signingRegion'] end begin - @signer = Aws::Sigv4::Signer.new( + @signer = config.sigv4_signer || Aws::Sigv4::Signer.new( service: config.sigv4_name || auth_scheme['signingName'], region: sigv4_overrides[:region] || config.sigv4_region || region, credentials_provider: sigv4_overrides[:credentials] || config.credentials, From d91cbbc871ac58a14e0b68ddd11f0338e4b7878a Mon Sep 17 00:00:00 2001 From: Alex Woods Date: Wed, 14 Aug 2024 14:14:15 -0700 Subject: [PATCH 4/4] add backticks --- gems/aws-sdk-core/CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gems/aws-sdk-core/CHANGELOG.md b/gems/aws-sdk-core/CHANGELOG.md index 785d9a8cd55..08b46430174 100644 --- a/gems/aws-sdk-core/CHANGELOG.md +++ b/gems/aws-sdk-core/CHANGELOG.md @@ -1,7 +1,7 @@ Unreleased Changes ------------------ -* Issue - Allow legacy/undocumented sigv4_signer configuration to override resolved signer. +* Issue - Allow legacy/undocumented `sigv4_signer` configuration to override resolved signer. * Issue - Consider sigv4a supported without crt check. 3.201.4 (2024-08-08)