Fix boto version strip regex

the current regex pattern will match incorrect strings like: Boto/2x0t2 Change-Id: I260f4e0d98f082172a3a67a1fbaa05da5369ea49 Closes-Bug: #1658639
2017-01-23 15:11:09 +02:00 · 2017-01-23 15:11:09 +02:00 · 2e6459f2f1
parent f9e054fd74
commit 2e6459f2f1
2 changed files with 40 additions and 1 deletions
--- a/keystoneclient/contrib/ec2/utils.py
+++ b/keystoneclient/contrib/ec2/utils.py
@ -225,7 +225,7 @@ class Ec2Signer(object):
            # port if we detect an old boto version.  FIXME: remove when all
            # distros package boto >= 2.9.3, this is a transitional workaround
            user_agent = headers_lower.get('user-agent', '')
-            strip_port = re.match('Boto/2.[0-9].[0-2]', user_agent)
+            strip_port = re.match('Boto/2\.[0-9]\.[0-2]', user_agent)

            header_list = []
            sh_str = auth_param('SignedHeaders')
--- a/keystoneclient/tests/unit/test_ec2utils.py
+++ b/keystoneclient/tests/unit/test_ec2utils.py
@ -265,3 +265,42 @@ class Ec2SignerTest(testtools.TestCase):
        expected = ('26dd92ea79aaa49f533d13b1055acdc'
                    'd7d7321460d64621f96cc79c4f4d4ab2b')
        self.assertEqual(expected, signature)
+
+    def test_generate_v4_port_malformed_version(self):
+        """Test v4 generator with host:port format for malformed boto version.
+
+        Validate for malformed version of boto, where the port should
+        not be stripped.
+        """
+        # Create a new signer object with the AWS example key
+        secret = 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY'
+        signer = utils.Ec2Signer(secret)
+
+        body_hash = ('b6359072c78d70ebee1e81adcbab4f0'
+                     '1bf2c23245fa365ef83fe8f1f955085e2')
+        auth_str = ('AWS4-HMAC-SHA256 '
+                    'Credential=AKIAIOSFODNN7EXAMPLE/20110909/'
+                    'us-east-1/iam/aws4_request,'
+                    'SignedHeaders=content-type;host;x-amz-date,')
+        headers = {'Content-type':
+                   'application/x-www-form-urlencoded; charset=utf-8',
+                   'X-Amz-Date': '20110909T233600Z',
+                   'Host': 'foo:8000',
+                   'Authorization': auth_str,
+                   'User-Agent': 'Boto/2.922 (linux2)'}
+        # Note the example in the AWS docs is inconsistent, previous
+        # examples specify no query string, but the final POST example
+        # does, apparently incorrectly since an empty parameter list
+        # aligns all steps and the final signature with the examples
+        params = {}
+        credentials = {'host': 'foo:8000',
+                       'verb': 'POST',
+                       'path': '/',
+                       'params': params,
+                       'headers': headers,
+                       'body_hash': body_hash}
+        signature = signer.generate(credentials)
+
+        expected = ('26dd92ea79aaa49f533d13b1055acdc'
+                    'd7d7321460d64621f96cc79c4f4d4ab2b')
+        self.assertEqual(expected, signature)