You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by 梶原 直之 <na...@inte.co.jp> on 2012/07/10 06:36:52 UTC
Bug on cloudapis.py
Hello, All
I found a bug in “cloudapis.py” on 3.0.2.
While calculating the results of Signature API request to cloudtool,
listAsyncJobs API startdate Signature error occur.
The result of the assumption could not be obtained.
Cloudtool had been encrypted with the URL-encoded from HmacSHA1.
While request parameter key gets generated, the cloudtool lowercased and requested.
Therefore, the cloudtood would not work properly.
Was this bug already fixed?
Thank you!
patch----------
--- cloudapis.py.org 2012-05-07 13:58:37.000000000 +0900
+++ cloudapis.py 2012-07-09 21:08:36.217474743 +0900
@@ -51,9 +51,9 @@
requests.sort(key=lambda x: str.lower(x[0]))
requestUrl = "&".join(["=".join([request[0], urllib.quote_plus(str(request[1]))]) for request in requests])
- hashStr = "&".join(["=".join([str.lower(request[0]), urllib.quote_plus(str.lower(str(request[1])))]) for request in requests])
+ hashStr = "&".join(["=".join([request[0], urllib.quote_plus(str(request[1]))]) for request in requests])
- sig = urllib.quote_plus(base64.encodestring(hmac.new(self.securityKey, hashStr, hashlib.sha1).digest()).strip())
+ sig = urllib.quote_plus(base64.encodestring(hmac.new(self.securityKey, str.lower(hashStr), hashlib.sha1).digest()).strip())
requestUrl += "&signature=%s"%sig
return requestUrl
@@ -68,9 +68,9 @@
requests.sort(key=lambda x: str.lower(x[0]))
requestUrl = "&".join(["=".join([request[0], urllib.quote_plus(str(request[1]))]) for request in requests])
- hashStr = "&".join(["=".join([str.lower(request[0]), urllib.quote_plus(str.lower(str(request[1])))]) for request in requests])
+ hashStr = "&".join(["=".join([request[0], urllib.quote_plus(str(request[1]))]) for request in requests])
- sig = urllib.quote_plus(base64.encodestring(hmac.new(self.securityKey, hashStr, hashlib.sha1).digest()).strip())
+ sig = urllib.quote_plus(base64.encodestring(hmac.new(self.securityKey, str.lower(hashStr), hashlib.sha1).digest()).strip())
requestUrl += "&signature=%s"%sig
----------patch
-- Helped by CloudStack Japanese user group core member --
--
Naoyuki Kajihara
Intelligence Business Solutions
1-4-4 Yanagibashi Taito-ku
Tokyo-to Japan 111-0052
Phone: +81 3 6385 6103
FAX: +81 3 6385 6104
http://ibs.inte.co.jp/