commit aws-c-auth for openSUSE:Factory

Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package aws-c-auth for openSUSE:Factory checked in at 2024-08-09 16:14:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/aws-c-auth (Old) and /work/SRC/openSUSE:Factory/.aws-c-auth.new.7232 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "aws-c-auth" Fri Aug 9 16:14:50 2024 rev:9 rq:1192594 version:0.7.25 Changes: -------- --- /work/SRC/openSUSE:Factory/aws-c-auth/aws-c-auth.changes 2024-08-08 10:58:49.840686404 +0200 +++ /work/SRC/openSUSE:Factory/.aws-c-auth.new.7232/aws-c-auth.changes 2024-08-09 16:15:25.668844471 +0200 @@ -1,0 +2,6 @@ +Wed Aug 7 13:33:07 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> + +- Update to version 0.7.25 + * Add ProcessProvider to ProfileProvider by @waahm7 in (#245) + +------------------------------------------------------------------- Old: ---- v0.7.24.tar.gz New: ---- v0.7.25.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ aws-c-auth.spec ++++++ --- /var/tmp/diff_new_pack.BPXowz/_old 2024-08-09 16:15:26.868894561 +0200 +++ /var/tmp/diff_new_pack.BPXowz/_new 2024-08-09 16:15:26.872894728 +0200 @@ -20,7 +20,7 @@ %define library_pkg 1_0_0 %define library_soversion 1 Name: aws-c-auth -Version: 0.7.24 +Version: 0.7.25 Release: 0 Summary: AWS C99 library implementation of AWS client-side authentication License: Apache-2.0 ++++++ v0.7.24.tar.gz -> v0.7.25.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.7.24/source/credentials_provider_default_chain.c new/aws-c-auth-0.7.25/source/credentials_provider_default_chain.c --- old/aws-c-auth-0.7.24/source/credentials_provider_default_chain.c 2024-07-31 23:26:45.000000000 +0200 +++ new/aws-c-auth-0.7.25/source/credentials_provider_default_chain.c 2024-08-04 19:29:46.000000000 +0200 @@ -230,7 +230,6 @@ struct aws_tls_ctx *tls_ctx = NULL; struct aws_credentials_provider *environment_provider = NULL; struct aws_credentials_provider *profile_provider = NULL; - struct aws_credentials_provider *process_provider = NULL; struct aws_credentials_provider *sts_provider = NULL; struct aws_credentials_provider *ecs_or_imds_provider = NULL; struct aws_credentials_provider *chain_provider = NULL; @@ -263,7 +262,7 @@ #endif /* BYO_CRYPTO */ } - enum { providers_size = 5 }; + enum { providers_size = 4 }; struct aws_credentials_provider *providers[providers_size]; AWS_ZERO_ARRAY(providers); size_t index = 0; @@ -309,18 +308,6 @@ aws_atomic_fetch_add(&impl->shutdowns_remaining, 1); } - struct aws_credentials_provider_process_options process_options; - AWS_ZERO_STRUCT(process_options); - process_options.shutdown_options = sub_provider_shutdown_options; - process_options.config_profile_collection_cached = options->profile_collection_cached; - process_options.profile_to_use = options->profile_name_override; - process_provider = aws_credentials_provider_new_process(allocator, &process_options); - if (process_provider != NULL) { - providers[index++] = process_provider; - /* 1 shutdown call from the process provider's shutdown */ - aws_atomic_fetch_add(&impl->shutdowns_remaining, 1); - } - /* Providers that will always make a network call unless explicitly disabled... */ ecs_or_imds_provider = s_aws_credentials_provider_new_ecs_or_imds( @@ -348,7 +335,6 @@ */ aws_credentials_provider_release(environment_provider); aws_credentials_provider_release(profile_provider); - aws_credentials_provider_release(process_provider); aws_credentials_provider_release(sts_provider); aws_credentials_provider_release(ecs_or_imds_provider); @@ -390,7 +376,6 @@ } else { aws_credentials_provider_release(ecs_or_imds_provider); aws_credentials_provider_release(profile_provider); - aws_credentials_provider_release(process_provider); aws_credentials_provider_release(sts_provider); aws_credentials_provider_release(environment_provider); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.7.24/source/credentials_provider_profile.c new/aws-c-auth-0.7.25/source/credentials_provider_profile.c --- old/aws-c-auth-0.7.24/source/credentials_provider_profile.c 2024-07-31 23:26:45.000000000 +0200 +++ new/aws-c-auth-0.7.25/source/credentials_provider_profile.c 2024-08-04 19:29:46.000000000 +0200 @@ -28,6 +28,7 @@ AWS_STRING_FROM_LITERAL(s_source_profile_name, "source_profile"); AWS_STRING_FROM_LITERAL(s_access_key_id_profile_var, "aws_access_key_id"); AWS_STRING_FROM_LITERAL(s_secret_access_key_profile_var, "aws_secret_access_key"); +AWS_STATIC_STRING_FROM_LITERAL(s_credentials_process, "credential_process"); static struct aws_byte_cursor s_default_session_name_pfx = AWS_BYTE_CUR_INIT_FROM_STRING_LITERAL("aws-common-runtime-profile-config"); @@ -221,6 +222,22 @@ return provider; } +static struct aws_credentials_provider *s_create_process_based_provider( + struct aws_allocator *allocator, + const struct aws_string *profile_name, + struct aws_profile_collection *profile_collection) { + AWS_LOGF_INFO( + AWS_LS_AUTH_CREDENTIALS_PROVIDER, + "static: profile %s attempting to create process-based credentials provider", + aws_string_c_str(profile_name)); + + struct aws_credentials_provider_process_options options = { + .profile_to_use = aws_byte_cursor_from_string(profile_name), + .config_profile_collection_cached = profile_collection, + }; + return aws_credentials_provider_new_process(allocator, &options); +} + static struct aws_credentials_provider *s_credentials_provider_new_profile_internal( struct aws_allocator *allocator, const struct aws_credentials_provider_profile_options *options, @@ -492,6 +509,7 @@ aws_string_c_str(profile_name)); goto on_finished; } + /* check if sts provider is applicable */ const struct aws_profile_property *role_arn_property = aws_profile_get_property(profile, s_role_arn_name); bool profile_contains_access_key = aws_profile_get_property(profile, s_access_key_id_profile_var) != NULL; bool profile_contains_secret_access_key = @@ -513,9 +531,15 @@ } aws_hash_table_put(source_profiles_table, (void *)aws_string_c_str(profile_name), NULL, 0); + + /* check if process provider is applicable */ + const struct aws_profile_property *process_property = aws_profile_get_property(profile, s_credentials_process); + if (role_arn_property && (first_profile_in_chain || !profile_contains_credentials)) { provider = s_create_sts_based_provider( allocator, role_arn_property, profile, options, merged_profiles, source_profiles_table); + } else if (process_property) { + provider = s_create_process_based_provider(allocator, profile_name, merged_profiles); } else { provider = s_create_profile_based_provider( allocator, credentials_file_path, config_file_path, profile_name, options->profile_collection_cached); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.7.24/tests/CMakeLists.txt new/aws-c-auth-0.7.25/tests/CMakeLists.txt --- old/aws-c-auth-0.7.24/tests/CMakeLists.txt 2024-07-31 23:26:45.000000000 +0200 +++ new/aws-c-auth-0.7.25/tests/CMakeLists.txt 2024-08-04 19:29:46.000000000 +0200 @@ -113,6 +113,7 @@ add_test_case(credentials_provider_process_bad_command) add_test_case(credentials_provider_process_incorrect_command_output) add_test_case(credentials_provider_process_basic_success) +add_test_case(credentials_provider_process_basic_success_from_profile_provider) add_test_case(credentials_provider_process_basic_success_cached) add_net_test_case(credentials_provider_cognito_new_destroy) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-auth-0.7.24/tests/credentials_provider_process_tests.c new/aws-c-auth-0.7.25/tests/credentials_provider_process_tests.c --- old/aws-c-auth-0.7.24/tests/credentials_provider_process_tests.c 2024-07-31 23:26:45.000000000 +0200 +++ new/aws-c-auth-0.7.25/tests/credentials_provider_process_tests.c 2024-08-04 19:29:46.000000000 +0200 @@ -411,6 +411,54 @@ } AWS_TEST_CASE(credentials_provider_process_basic_success, s_credentials_provider_process_basic_success); +static int s_credentials_provider_process_basic_success_from_profile_provider( + struct aws_allocator *allocator, + void *ctx) { + (void)ctx; + + s_aws_process_tester_init(allocator); + + struct aws_byte_buf content_buf; + struct aws_byte_buf existing_content = aws_byte_buf_from_c_str(aws_string_c_str(s_process_config_file_contents)); + aws_byte_buf_init_copy(&content_buf, allocator, &existing_content); + struct aws_byte_cursor cursor = aws_byte_cursor_from_string(s_test_command); + ASSERT_TRUE(aws_byte_buf_append_dynamic(&content_buf, &cursor) == AWS_OP_SUCCESS); + cursor = aws_byte_cursor_from_c_str("\n"); + ASSERT_TRUE(aws_byte_buf_append_dynamic(&content_buf, &cursor) == AWS_OP_SUCCESS); + + struct aws_string *config_file_contents = aws_string_new_from_array(allocator, content_buf.buffer, content_buf.len); + ASSERT_TRUE(config_file_contents != NULL); + aws_byte_buf_clean_up(&content_buf); + + s_aws_process_test_init_config_profile(allocator, config_file_contents); + aws_string_destroy(config_file_contents); + + struct aws_credentials_provider_profile_options options = { + .shutdown_options = + { + .shutdown_callback = s_on_shutdown_complete, + .shutdown_user_data = NULL, + }, + .profile_name_override = aws_byte_cursor_from_string(s_credentials_process_profile), + }; + struct aws_credentials_provider *provider = aws_credentials_provider_new_profile(allocator, &options); + + aws_credentials_provider_get_credentials(provider, s_get_credentials_callback, NULL); + + s_aws_wait_for_credentials_result(); + + ASSERT_TRUE(s_tester.has_received_credentials_callback == true); + ASSERT_SUCCESS(s_verify_credentials(s_tester.credentials)); + + aws_credentials_provider_release(provider); + s_aws_wait_for_provider_shutdown_callback(); + s_aws_process_tester_cleanup(); + return 0; +} +AWS_TEST_CASE( + credentials_provider_process_basic_success_from_profile_provider, + s_credentials_provider_process_basic_success_from_profile_provider); + static int s_credentials_provider_process_basic_success_cached(struct aws_allocator *allocator, void *ctx) { (void)ctx;