anomalizer / ngx_aws_auth

nginx module to proxy to authenticated AWS services
BSD 2-Clause "Simplified" License
470 stars 144 forks source link

It's not compatible with S3 Beijing region because endpoint is hardcoding. #32

Closed ichaozai closed 8 years ago

ichaozai commented 8 years ago

The endpoint of Beijing S3 endpoint is s3.cn-north-1.amazonaws.com.cn. However, s3.amazonaws.com is hardcoding and affects the canonical headers:

header_ptr = ngx_array_push(settable_header_array);
header_ptr->key = HOST_HEADER;
header_ptr->value.len = s3_bucket->len + 40;
header_ptr->value.data = ngx_palloc(pool, header_ptr->value.len);
header_ptr->value.len = ngx_snprintf(header_ptr->value.data, header_ptr->value.len, "%V.s3.amazonaws.com", s3_bucket) - header_ptr->value.data;

It will never compute the correct signature for Beijing S3 region. Make endpoint configurable can help to solve this problem.

anomalizer commented 8 years ago

@ichaozai your code is merged.