search

peterknife / boto

Automatically exported from code.google.com/p/boto
0 stars 0 forks source link

SignatureDoesNotMatch error when using a proxy #491

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
> What steps will reproduce the problem?

1. Create a simple code using boto to get a bucket:

from boto.s3.connection import S3Connection
conn = S3Connection()
bucket = conn.get_bucket('bucket-name')
print repr(bucket)

2. set the 'http_proxy' environment variable (or whatever is used to configure 
the proxy on your system) or provide the proxy address via appropriate option.

3. Run the code (the credentials must be configured and the named bucket must 
exist)

> What is the expected output? 

'<Bucket: bucket-name>', as when the code is used without any HTTP proxy.

> What do you see instead?

Traceback (most recent call last):
  File "./s3backup_cleaner.py", line 21, in <module>
    bucket = conn.get_bucket('eggsoft-b')
  File "/usr/share/python2.7/site-packages/boto/s3/connection.py", line 275, in get_bucket
    rs = bucket.get_all_keys(headers, maxkeys=0)
  File "/usr/share/python2.7/site-packages/boto/s3/bucket.py", line 214, in get_all_keys
    raise S3ResponseError(response.status, response.reason, body)
boto.exception.S3ResponseError: S3ResponseError: 403 Forbidden
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we 
calculated does not match the signature you provided. Check your key and 
signing method.</Message><StringToSignBytes>47 45 54 0a 0a 0a 54 68 75 2c 20 31 
37 20 46 65 62 20 32 30 31 31 20 31 30 3a 33 31 3a 34 33 20 47 4d 54 0a 
2f</StringToSignBytes><RequestId>AF4236FE792C9EF1</RequestId><HostId>JATsWHX17iH
SECJKX/I2DijMP0I9U3WoHzxH4I3XbvZWFgiyrLChXieTAHRmauzO</HostId><SignatureProvided
>QatvMnCl0gS6wrCqHw0FdaW98GA=</SignatureProvided><StringToSign>GET

Thu, 17 Feb 2011 10:31:43 GMT
/</StringToSign><AWSAccessKeyId>--- cut ---</AWSAccessKeyId></Error>

> What version of the product are you using? 

2.0b4

> On what operating system?

PLD Linux

> Please provide any additional information below.

This looks similar to issue 408. When enabling debug output we can see 'Host: 
s3.amazonaws.com:443' header is sent, which is probably not used in the 
signature computation.

Original issue reported on code.google.com by jajcus on 17 Feb 2011 at 10:35

GoogleCodeExporter commented 9 years ago 
Would it be possible for you to email the complete debug output?  I don't have 
an easy way to test proxy settings so the more information I can get the 
better.  When producing the debug output, make sure you do the following steps:

import boto
boto.set_stream_logger('foo')

c = boto.connect_s3(debug=2)

This should enable the full debug output to your console.  You can send it via 
email to mitch at garnaat dot com.  I'm pretty sure this is a regression 
introduced when we integrated the pluggable authentication code contribution 
from Google.  Thanks.

Original comment by Mitch.Ga...@gmail.com on 17 Feb 2011 at 12:42

GoogleCodeExporter commented 9 years ago 
I have sent the requested log to Mitch.

Original comment by jajcus on 17 Feb 2011 at 1:20

GoogleCodeExporter commented 9 years ago

Original comment by Mitch.Ga...@gmail.com on 4 May 2011 at 2:22