The command awscurl --service sts -X POST -d 'Action=GetCallerIdentity&Version=2011-06-15' -H 'Content-Type: application/x-www-form-urlencoded' https://sts.us-east-1.amazonaws.com successfully calls the GetCallerIdentity operation and returns a response.
If I change the URL by capitalizing some of the letters in the hostname, awscurl --service sts -X POST -d 'Action=GetCallerIdentity&Version=2011-06-15' -H 'Content-Type: application/x-www-form-urlencoded' https://STS.us-east-1.amazonaws.com, I get a SignatureDoesNotMatch error.
The command
awscurl --service sts -X POST -d 'Action=GetCallerIdentity&Version=2011-06-15' -H 'Content-Type: application/x-www-form-urlencoded' https://sts.us-east-1.amazonaws.com
successfully calls the GetCallerIdentity operation and returns a response.If I change the URL by capitalizing some of the letters in the hostname,
awscurl --service sts -X POST -d 'Action=GetCallerIdentity&Version=2011-06-15' -H 'Content-Type: application/x-www-form-urlencoded' https://STS.us-east-1.amazonaws.com
, I get aSignatureDoesNotMatch
error.The code apparently assumes that the header values are already in their canonical form at the point where a comment describes how to canonicalize them (https://github.com/okigan/awscurl/blob/b2ebe710877e7da93470001ea63b0f546b0abb0e/awscurl/awscurl.py#L198), but a mixed-case hostname reaches this point without ever being lowercased.