Project

General

Profile

Bug #7206

Authentication Method Used in Bug 6751 Removed by Amazon

Added by Jason McCormick 16 days ago. Updated 13 days ago.

Status:
Feedback
Priority:
Normal
Category:
Dynamic DNS
Target version:
Start date:
02/03/2017
Due date:
% Done:

100%

Affected version:
2.4
Affected Architecture:
All

Description

It appears that Route53 has stopped working with the AWS3-HTTP authentication method sometime in the last month. This was the authentication used to resolve Bug #6751. That authentication was an older API. While I cannot find any record it went away, my region/Route53 service no longer works. This bug is being opened to provide a patch to implement the "Signing Version 4" authentication in r53.class and dyndns.class.

The reason I did not previously use Signing Version 4 is that v4 requires the region code (e.g. us-east-1, eu-west-1, etc.). However what will now be required is a change in the configuration of the Dynamic DNS entry for Amazon Route53. When now entering "Zone ID", for Route54 the zone will have to be specified in the format "REGION/ZONE" - e.g. "us-east-1/JAUTQ3JSAK". Not sure how this will need to be documented in the release notes.

I am working on a patch for this now but wanted to raise visibility of this issue.

History

#1 Updated by Jason McCormick 16 days ago

Service no longer works in that is receives a signing error even though all details are correct.

#2 Updated by Jason McCormick 16 days ago

I've tested changes and created a pull request to resolve this issue: https://github.com/pfsense/pfsense/pull/3473.

Again please note the need to change how the Zone ID field now requires the region prepended to the zone ID. This seems cleaner than trying to shoehorn another field in no one but Route53 users will use. However this will have to be documented well in the release notes somehow.

#3 Updated by Jason McCormick 16 days ago

Also, wanted to note that the use of v4 signing enables newer regions that didn't support the legacy authentication type.

#4 Updated by Renato Botelho 13 days ago

  • Status changed from New to Feedback
  • Assignee set to Renato Botelho
  • Priority changed from High to Normal
  • % Done changed from 50 to 100

PR has been merged, thanks!

Also available in: Atom PDF