From 73ef85bc5db590c22689e11be20737a3dd88168f Mon Sep 17 00:00:00 2001 From: Niall Sheridan Date: Wed, 28 Dec 2016 21:18:36 +0000 Subject: Update dependencies --- .../aws/aws-sdk-go/aws/signer/v4/uri_path_1_4.go | 24 ---------------- .../github.com/aws/aws-sdk-go/aws/signer/v4/v4.go | 33 ++++++++++++++++++++-- 2 files changed, 30 insertions(+), 27 deletions(-) delete mode 100644 vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path_1_4.go (limited to 'vendor/github.com/aws/aws-sdk-go/aws/signer') diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path_1_4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path_1_4.go deleted file mode 100644 index 7966041..0000000 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path_1_4.go +++ /dev/null @@ -1,24 +0,0 @@ -// +build !go1.5 - -package v4 - -import ( - "net/url" - "strings" -) - -func getURIPath(u *url.URL) string { - var uri string - - if len(u.Opaque) > 0 { - uri = "/" + strings.Join(strings.Split(u.Opaque, "/")[3:], "/") - } else { - uri = u.Path - } - - if len(uri) == 0 { - uri = "/" - } - - return uri -} diff --git a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index 986530b..98bfe74 100644 --- a/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -42,6 +42,14 @@ // the URL.Opaque or URL.RawPath. The SDK will use URL.Opaque first and then // call URL.EscapedPath() if Opaque is not set. // +// If signing a request intended for HTTP2 server, and you're using Go 1.6.2 +// through 1.7.4 you should use the URL.RawPath as the pre-escaped form of the +// request URL. https://github.com/golang/go/issues/16847 points to a bug in +// Go pre 1.8 that failes to make HTTP2 requests using absolute URL in the HTTP +// message. URL.Opaque generally will force Go to make requests with absolute URL. +// URL.RawPath does not do this, but RawPath must be a valid escaping of Path +// or url.EscapedPath will ignore the RawPath escaping. +// // Test `TestStandaloneSign` provides a complete example of using the signer // outside of the SDK and pre-escaping the URI path. package v4 @@ -79,8 +87,9 @@ const ( var ignoredHeaders = rules{ blacklist{ mapRule{ - "Authorization": struct{}{}, - "User-Agent": struct{}{}, + "Authorization": struct{}{}, + "User-Agent": struct{}{}, + "X-Amzn-Trace-Id": struct{}{}, }, }, } @@ -171,6 +180,16 @@ type Signer struct { // http://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html DisableURIPathEscaping bool + // Disales the automatical setting of the HTTP request's Body field with the + // io.ReadSeeker passed in to the signer. This is useful if you're using a + // custom wrapper around the body for the io.ReadSeeker and want to preserve + // the Body value on the Request.Body. + // + // This does run the risk of signing a request with a body that will not be + // sent in the request. Need to ensure that the underlying data of the Body + // values are the same. + DisableRequestBodyOverwrite bool + // currentTimeFn returns the time value which represents the current time. // This value should only be used for testing. If it is nil the default // time.Now will be used. @@ -300,6 +319,10 @@ func (v4 Signer) signWithBody(r *http.Request, body io.ReadSeeker, service, regi DisableURIPathEscaping: v4.DisableURIPathEscaping, } + for key := range ctx.Query { + sort.Strings(ctx.Query[key]) + } + if ctx.isRequestSigned() { ctx.Time = currentTimeFn() ctx.handlePresignRemoval() @@ -317,7 +340,7 @@ func (v4 Signer) signWithBody(r *http.Request, body io.ReadSeeker, service, regi // If the request is not presigned the body should be attached to it. This // prevents the confusion of wanting to send a signed request without // the body the request was signed for attached. - if !ctx.isPresign { + if !(v4.DisableRequestBodyOverwrite || ctx.isPresign) { var reader io.ReadCloser if body != nil { var ok bool @@ -412,6 +435,10 @@ func signSDKRequestWithCurrTime(req *request.Request, curTimeFn func() time.Time // S3 service should not have any escaping applied v4.DisableURIPathEscaping = true } + // Prevents setting the HTTPRequest's Body. Since the Body could be + // wrapped in a custom io.Closer that we do not want to be stompped + // on top of by the signer. + v4.DisableRequestBodyOverwrite = true }) signingTime := req.Time -- cgit v1.2.3