← Back to branch summary

~rconradharris/nova/dist-sched-2b

« back to all changes in this revision

Viewing changes to nova/auth/manager.py

  • Committer: Tarmac
  • Author(s): Masanori Itoh
  • Date: 2011-05-09 22:06:38 UTC
  • mfrom: (947.4.20 enable-rightaws)
  • Revision ID: tarmac-20110509220638-s0mgr3813ny7z6z5
Enable RightAWS style signature checking using server_string without port number, add test cases for authenticate() and a new helper routine, and fix lp753660.

Show diffs side-by-side

added added

removed removed

Lines of Context:
nova/auth/manager.py
305
305
        if check_type == 's3':
306
306
            sign = signer.Signer(user.secret.encode())
307
307
            expected_signature = sign.s3_authorization(headers, verb, path)
308
 
            LOG.debug('user.secret: %s', user.secret)
309
 
            LOG.debug('expected_signature: %s', expected_signature)
310
 
            LOG.debug('signature: %s', signature)
 
308
            LOG.debug(_('user.secret: %s'), user.secret)
 
309
            LOG.debug(_('expected_signature: %s'), expected_signature)
 
310
            LOG.debug(_('signature: %s'), signature)
311
311
            if signature != expected_signature:
312
312
                LOG.audit(_("Invalid signature for user %s"), user.name)
313
313
                raise exception.InvalidSignature(signature=signature,
317
317
            #             secret isn't unicode
318
318
            expected_signature = signer.Signer(user.secret.encode()).generate(
319
319
                    params, verb, server_string, path)
320
 
            LOG.debug('user.secret: %s', user.secret)
321
 
            LOG.debug('expected_signature: %s', expected_signature)
322
 
            LOG.debug('signature: %s', signature)
 
320
            LOG.debug(_('user.secret: %s'), user.secret)
 
321
            LOG.debug(_('expected_signature: %s'), expected_signature)
 
322
            LOG.debug(_('signature: %s'), signature)
323
323
            if signature != expected_signature:
 
324
                (addr_str, port_str) = utils.parse_server_string(server_string)
 
325
                # If the given server_string contains port num, try without it.
 
326
                if port_str != '':
 
327
                    host_only_signature = signer.Signer(
 
328
                        user.secret.encode()).generate(params, verb,
 
329
                                                       addr_str, path)
 
330
                    LOG.debug(_('host_only_signature: %s'),
 
331
                              host_only_signature)
 
332
                    if signature == host_only_signature:
 
333
                        return (user, project)
324
334
                LOG.audit(_("Invalid signature for user %s"), user.name)
325
335
                raise exception.InvalidSignature(signature=signature,
326
336
                                                 user=user)