[pkg-eucalyptus-commits] [SCM] managing cloud instances for Eucalyptus branch, master, updated. 3.0.0-alpha3-257-g1da8e3a

Garrett Holmstrom gholms at fedoraproject.org
Sun Jun 16 02:31:16 UTC 2013 

The following commit has been merged in the master branch:
commit 0f2d8484911784477a829599d402df0783ff0989
Author: Garrett Holmstrom <gholms at fedoraproject.org>
Date:   Tue May 7 13:00:07 2013 -0700

    Add key ID spoofing to EucaRsaV2Auth

diff --git a/euca2ools/nc/auth.py b/euca2ools/nc/auth.py
index b17342b..1fadc29 100644
--- a/euca2ools/nc/auth.py
+++ b/euca2ools/nc/auth.py
@@ -48,10 +48,15 @@ class EucaRsaV2Auth(BaseAuth):
                 certificate to use when signing requests'''),
             Arg('--privatekey', metavar='FILE',
                 help='file containing the private key to sign requests with'),
+            Arg('--spoof-key-id', metavar='KEY_ID',
+                help='run this command as if signed by a specific access key'),
             Arg('--euca-auth', action='store_true', help=argparse.SUPPRESS)]
 
     def configure(self):
         BaseAuth.configure(self)
+        if not self.args.get('spoof_key_id'):
+            self.args['spoof_key_id'] = os.getenv('EC2_ACCESS_KEY')
+
         cert = self.args.get('cert') or os.getenv('EUCA_CERT')
         privkey = self.args.get('privatekey') or os.getenv('EUCA_PRIVATE_KEY')
         if not cert:
@@ -84,6 +89,10 @@ class EucaRsaV2Auth(BaseAuth):
         request.headers['Date'] = now.strftime('%Y%m%dT%H%M%SZ')
         if 'Authorization' in request.headers:
             del request.headers['Authorization']
+        if self.args.get('spoof_key_id'):
+            request.headers['AWSAccessKeyId'] = self.args['spoof_key_id']
+        elif 'AWSAccessKeyId' in request.headers:
+            del request.headers['AWSAccessKeyId']
 
         cert_fp = self._get_fingerprint()
         self.log.debug('certificate fingerprint: %s', cert_fp)
diff --git a/euca2ools/nc/commands/bundleandupload.py b/euca2ools/nc/commands/bundleandupload.py
index b237a50..099559f 100644
--- a/euca2ools/nc/commands/bundleandupload.py
+++ b/euca2ools/nc/commands/bundleandupload.py
@@ -64,6 +64,8 @@ class BundleAndUpload(requestbuilder.command.BaseCommand):
             Arg('--privatekey', metavar='FILE',
                 help='''file containing the private key to use when signing
                 requests and bundling the image'''),
+            Arg('--spoof-key-id', metavar='KEY_ID',
+                help='run this command as if signed by a specific access key'),
             Arg('--ec2cert', metavar='FILE',
                 help="file containing the cloud's X.509 certificate"),
             Arg('--user', metavar='ACCOUNT', help="the user's account ID"),
@@ -85,7 +87,8 @@ class BundleAndUpload(requestbuilder.command.BaseCommand):
 
         walrus_auth = EucaRsaV2Auth(
             config=self.config, loglevel=self.log.level,
-            cert=self.args.get('cert'), privatekey=self.args.get('privatekey'))
+            cert=self.args.get('cert'), privatekey=self.args.get('privatekey'),
+            spoof_key_id=self.args.get('spoof_key_id'))
         self.__walrus = NCInternalWalrus(auth=walrus_auth, config=self.config,
                                          loglevel=self.log.level,
                                          url=self.args.get('url'))

-- 
managing cloud instances for Eucalyptus

More information about the pkg-eucalyptus-commits mailing list