From c4cd0ae9ba3fb28ff316202d15b5a5b4a23a116a Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Wed, 5 Mar 2025 10:55:56 +0100 Subject: [PATCH] http_aws_sigv4: cannot be used for proxy Make sure it is never attempted. Reported-by: Philippe Antoine Closes #16569 --- lib/http.c | 5 +++-- lib/http_aws_sigv4.c | 5 +---- lib/http_aws_sigv4.h | 2 +- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/lib/http.c b/lib/http.c index 8a9fe6e887..466080cb79 100644 --- a/lib/http.c +++ b/lib/http.c @@ -634,9 +634,10 @@ output_auth_headers(struct Curl_easy *data, (void)path; #endif #ifndef CURL_DISABLE_AWS - if(authstatus->picked == CURLAUTH_AWS_SIGV4) { + if((authstatus->picked == CURLAUTH_AWS_SIGV4) && !proxy) { + /* this method is never for proxy */ auth = "AWS_SIGV4"; - result = Curl_output_aws_sigv4(data, proxy); + result = Curl_output_aws_sigv4(data); if(result) return result; } diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index 345ac0910f..712a726af8 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -569,7 +569,7 @@ static CURLcode canon_query(struct Curl_easy *data, } -CURLcode Curl_output_aws_sigv4(struct Curl_easy *data, bool proxy) +CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) { CURLcode result = CURLE_OUT_OF_MEMORY; struct connectdata *conn = data->conn; @@ -605,9 +605,6 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data, bool proxy) unsigned char sign1[CURL_SHA256_DIGEST_LENGTH] = {0}; char *auth_headers = NULL; - DEBUGASSERT(!proxy); - (void)proxy; - if(Curl_checkheaders(data, STRCONST("Authorization"))) { /* Authorization already present, Bailing out */ return CURLE_OK; diff --git a/lib/http_aws_sigv4.h b/lib/http_aws_sigv4.h index 57cc5706eb..8928f4f717 100644 --- a/lib/http_aws_sigv4.h +++ b/lib/http_aws_sigv4.h @@ -26,6 +26,6 @@ #include "curl_setup.h" /* this is for creating aws_sigv4 header output */ -CURLcode Curl_output_aws_sigv4(struct Curl_easy *data, bool proxy); +CURLcode Curl_output_aws_sigv4(struct Curl_easy *data); #endif /* HEADER_CURL_HTTP_AWS_SIGV4_H */ -- 2.47.3