From b137634ba3adb7ac2feeeb343bde7aa54922cab2 Mon Sep 17 00:00:00 2001 From: Matthias Gatto Date: Mon, 28 Aug 2023 13:38:20 +0200 Subject: [PATCH] lib: fix aws-sigv4 having date header twice in some cases When the user was providing the header X-XXX-Date, the header was re-added during signature computation, and we had it twice in the request. Reported-by: apparentorder@users.noreply.github.com Signed-off-by: Matthias Gatto Fixes: https://github.com/curl/curl/issues/11738 Closes: https://github.com/curl/curl/pull/11754 --- lib/http_aws_sigv4.c | 16 +++++---- tests/data/Makefile.inc | 2 +- tests/data/test1964 | 68 ++++++++++++++++++++++++++++++++++++++ tests/libtest/Makefile.inc | 5 ++- tests/libtest/lib1964.c | 68 ++++++++++++++++++++++++++++++++++++++ 5 files changed, 150 insertions(+), 9 deletions(-) create mode 100644 tests/data/test1964 create mode 100644 tests/libtest/lib1964.c diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index 806016253f..3abfb096a2 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -214,15 +214,11 @@ static CURLcode make_headers(struct Curl_easy *data, if(!tmp_head) goto fail; head = tmp_head; - *date_header = curl_maprintf("%s: %s", date_hdr_key, timestamp); + *date_header = curl_maprintf("%s: %s\r\n", date_hdr_key, timestamp); } else { char *value; - *date_header = strdup(*date_header); - if(!*date_header) - goto fail; - value = strchr(*date_header, ':'); if(!value) goto fail; @@ -231,6 +227,7 @@ static CURLcode make_headers(struct Curl_easy *data, ++value; strncpy(timestamp, value, TIMESTAMP_SIZE - 1); timestamp[TIMESTAMP_SIZE - 1] = 0; + *date_header = NULL; } /* alpha-sort in a case sensitive manner */ @@ -612,14 +609,19 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data, bool proxy) "Credential=%s/%s, " "SignedHeaders=%s, " "Signature=%s\r\n" - "%s\r\n" + /* + * date_header is added here, only if it wasn't + * user-specified (using CURLOPT_HTTPHEADER). + * date_header includes \r\n + */ + "%s" "%s", /* optional sha256 header includes \r\n */ provider0, user, credential_scope, Curl_dyn_ptr(&signed_headers), sha_hex, - date_header, + date_header ? date_header : "", content_sha256_hdr); if(!auth_headers) { goto fail; diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index cb01122a3a..a337c3c75f 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -224,7 +224,7 @@ test1916 test1917 test1918 test1919 \ \ test1933 test1934 test1935 test1936 test1937 test1938 test1939 test1940 \ test1941 test1942 test1943 test1944 test1945 test1946 test1947 test1948 \ -test1955 test1956 test1957 test1958 test1959 test1960 \ +test1955 test1956 test1957 test1958 test1959 test1960 test1964 \ test1970 test1971 test1972 test1973 test1974 test1975 \ \ test2000 test2001 test2002 test2003 test2004 \ diff --git a/tests/data/test1964 b/tests/data/test1964 new file mode 100644 index 0000000000..43e56e2973 --- /dev/null +++ b/tests/data/test1964 @@ -0,0 +1,68 @@ + + + +HTTP +CURLOPT_AWS_SIGV4 + + + +# Server-side + + +HTTP/1.1 302 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 +Location: /%TESTNUMBER0002 + + + +HTTP/1.1 200 OK +Date: Tue, 09 Nov 2010 14:49:00 GMT +Server: test-server/fake +Content-Type: text/html +Content-Length: 0 + + + + +# Client-side + + +http + +# this relies on the debug feature which allow to set the time + +SSL +crypto + + + +HTTP AWS_SIGV4 with one provider and auth cred via URL, but X-Xxx-Date header set manually + + +lib%TESTNUMBER + + + +http://xxx:yyy@127.0.0.1:9000/%TESTNUMBER/testapi/test 127.0.0.1:9000:%HOSTIP:%HTTPPORT + + + +# Verify data after the test has been "shot" + + +^User-Agent:.* +^Content-Type:.* +^Accept:.* + + +GET /%TESTNUMBER/testapi/test HTTP/1.1 +Host: 127.0.0.1:9000 +Authorization: XXX4-HMAC-SHA256 Credential=xxx/19700101/0/127/xxx4_request, SignedHeaders=content-type;host;x-xxx-date, Signature=35da102c1df68f2ef85ade08ecc212fa663a66e3a973146f6578a5c5426e9669 +X-Xxx-Date: 19700101T000000Z + + + + diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index 648536eb0a..c9b52392a6 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -69,7 +69,7 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect libprereq \ lib1915 lib1916 lib1917 lib1918 lib1919 \ lib1933 lib1934 lib1935 lib1936 lib1937 lib1938 lib1939 lib1940 \ lib1945 lib1946 lib1947 lib1948 lib1955 lib1956 lib1957 lib1958 lib1959 \ - lib1960 \ + lib1960 lib1964 \ lib1970 lib1971 lib1972 lib1973 lib1974 lib1975 \ lib2301 lib2302 lib2304 lib2305 lib2306 \ lib2402 lib2404 \ @@ -624,6 +624,9 @@ lib1959_LDADD = $(TESTUTIL_LIBS) lib1960_SOURCES = lib1960.c $(SUPPORTFILES) lib1960_LDADD = $(TESTUTIL_LIBS) +lib1964_SOURCES = lib1964.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib1964_LDADD = $(TESTUTIL_LIBS) + lib1970_SOURCES = lib1970.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib1970_LDADD = $(TESTUTIL_LIBS) diff --git a/tests/libtest/lib1964.c b/tests/libtest/lib1964.c new file mode 100644 index 0000000000..a9881e98dd --- /dev/null +++ b/tests/libtest/lib1964.c @@ -0,0 +1,68 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) Daniel Stenberg, , et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + * SPDX-License-Identifier: curl + * + ***************************************************************************/ +#include "test.h" + +#include "memdebug.h" + +int test(char *URL) +{ + CURL *curl; + CURLcode res = CURLE_OK; + struct curl_slist *connect_to = NULL; + struct curl_slist *list = NULL, *tmp; + + global_init(CURL_GLOBAL_ALL); + easy_init(curl); + + easy_setopt(curl, CURLOPT_VERBOSE, 1L); + easy_setopt(curl, CURLOPT_AWS_SIGV4, "xxx"); + easy_setopt(curl, CURLOPT_URL, URL); + if(libtest_arg2) { + connect_to = curl_slist_append(connect_to, libtest_arg2); + if(!connect_to) { + res = CURLE_FAILED_INIT; + goto test_cleanup; + } + } + easy_setopt(curl, CURLOPT_CONNECT_TO, connect_to); + list = curl_slist_append(list, "Content-Type: application/json"); + tmp = curl_slist_append(list, "X-Xxx-Date: 19700101T000000Z"); + if(!list || !tmp) { + res = CURLE_FAILED_INIT; + goto test_cleanup; + } + list = tmp; + easy_setopt(curl, CURLOPT_HTTPHEADER, list); + + res = curl_easy_perform(curl); + +test_cleanup: + + curl_slist_free_all(connect_to); + curl_slist_free_all(list); + curl_easy_cleanup(curl); + curl_global_cleanup(); + + return res; +} -- 2.47.3