ecweaver
commented
10 years ago Sorry I didn't send this sooner.
The last change was for a problem with handling of .netrc files, particularly ones without AWS in them.
Closed ecweaver closed 10 years ago
ecweaver
commented
10 years ago Sorry I didn't send this sooner.
The last change was for a problem with handling of .netrc files, particularly ones without AWS in them.
tzz
commented
10 years ago The idea with the AWS regex in the netrc was to only have one entry for all AWS interactions. Is it time to rethink that?
ecweaver
commented
10 years ago On 04/18/2014 06:28 PM, Ted Zlatanov wrote:
The idea with the |AWS| regex in the netrc was to only have one entry for all AWS interactions. Is it time to rethink that?
No, it's fine, the logic for detecting the netrc file format was just incorrect. If no entries had the AWS machine name, the file was treated like an ordinary .awssecret file, and read "machine" as the key.
I tripped over this on a host that had a .netrc file for FTP connections but wanted to use its "role" key (from the instance-data server) to do AWS transactions.
tzz
commented
10 years ago Cool, thanks for explaining. If you have any suggestions to improve the netrc stuff, please let me know.
...since they don't match match the *.s3.amazonaws.com cert. Most recent Openssl rejects such matches outright and curl --insecure does not seem to be able to override it. Also fix .netrc file handling.