Skip to content

Commit

Permalink
fix: Add IPv6 support for signing HTTP request
Browse files Browse the repository at this point in the history
Add in a new function isIPv6() for IPv6 host check.
  • Loading branch information
Yue Yin authored and dougm committed Feb 2, 2022
1 parent f04d77d commit 2d7cd13
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 1 deletion.
18 changes: 17 additions & 1 deletion sts/signer.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ import (
"io"
"io/ioutil"
mrand "math/rand"
"net"
"net/http"
"net/url"
"strings"
Expand Down Expand Up @@ -274,11 +275,18 @@ func (s *Signer) SignRequest(req *http.Request) error {
}

var buf bytes.Buffer
host := req.URL.Hostname()

// Check if the host IP is in IPv6 format. If yes, add the opening and closing square brackets.
if isIPv6(host) {
host = fmt.Sprintf("%s%s%s", "[", host, "]")
}

msg := []string{
nonce,
req.Method,
req.URL.Path,
strings.ToLower(req.URL.Hostname()),
strings.ToLower(host),
port,
}
for i := range msg {
Expand Down Expand Up @@ -329,3 +337,11 @@ func (s *Signer) NewRequest() TokenRequest {
KeyID: s.keyID,
}
}

func isIPv6(s string) bool {
ip := net.ParseIP(s)
if ip == nil {
return false
}
return len(ip) == net.IPv6len
}
6 changes: 6 additions & 0 deletions sts/signer_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -133,4 +133,10 @@ func TestSigner(t *testing.T) {
if err != nil {
t.Fatal(err)
}

req, _ = http.NewRequest(http.MethodPost, "https://[0:0:0:0:0:0:0:1]", nil)
err = s.SignRequest(req)
if err != nil {
t.Fatal(err)
}
}

0 comments on commit 2d7cd13

Please sign in to comment.