commit aws-c-auth for openSUSE:Factory

Source-Sync Wed, 31 Dec 2025 01:49:43 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package aws-c-auth for openSUSE:Factory 
checked in at 2025-12-31 10:47:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/aws-c-auth (Old)
 and      /work/SRC/openSUSE:Factory/.aws-c-auth.new.1928 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "aws-c-auth"

Wed Dec 31 10:47:48 2025 rev:23 rq:1324862 version:0.9.4

Changes:
--------
--- /work/SRC/openSUSE:Factory/aws-c-auth/aws-c-auth.changes    2025-12-03 
14:13:54.810075439 +0100
+++ /work/SRC/openSUSE:Factory/.aws-c-auth.new.1928/aws-c-auth.changes  
2025-12-31 10:48:27.273005491 +0100
@@ -1,0 +2,6 @@
+Tue Dec  9 08:43:22 UTC 2025 - John Paul Adrian Glaubitz 
<[email protected]>
+
+- Update to version 0.9.4
+  * Add proxy config for credential providers by @azkrishpy in (#281)
+
+-------------------------------------------------------------------

Old:
----
  v0.9.3.tar.gz

New:
----
  v0.9.4.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ aws-c-auth.spec ++++++
--- /var/tmp/diff_new_pack.3LtFkt/_old  2025-12-31 10:48:28.049037247 +0100
+++ /var/tmp/diff_new_pack.3LtFkt/_new  2025-12-31 10:48:28.049037247 +0100
@@ -20,7 +20,7 @@
 %define library_pkg 1_0_0
 %define library_soversion 1
 Name:           aws-c-auth
-Version:        0.9.3
+Version:        0.9.4
 Release:        0
 Summary:        AWS C99 library implementation of AWS client-side 
authentication
 License:        Apache-2.0

++++++ v0.9.3.tar.gz -> v0.9.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/include/aws/auth/aws_imds_client.h 
new/aws-c-auth-0.9.4/include/aws/auth/aws_imds_client.h
--- old/aws-c-auth-0.9.3/include/aws/auth/aws_imds_client.h     2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/include/aws/auth/aws_imds_client.h     2025-12-06 
03:46:00.000000000 +0100
@@ -44,6 +44,12 @@
     struct aws_retry_strategy *retry_strategy;
 
     /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
+    /*
      * What version of the imds protocol to use
      *
      * Defaults to IMDS_PROTOCOL_V2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/include/aws/auth/credentials.h 
new/aws-c-auth-0.9.4/include/aws/auth/credentials.h
--- old/aws-c-auth-0.9.3/include/aws/auth/credentials.h 2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/include/aws/auth/credentials.h 2025-12-06 
03:46:00.000000000 +0100
@@ -10,6 +10,7 @@
 #include <aws/common/array_list.h>
 #include <aws/common/atomics.h>
 #include <aws/common/linked_list.h>
+#include <aws/http/proxy.h>
 #include <aws/io/io.h>
 
 AWS_PUSH_SANE_WARNING_LEVEL
@@ -224,6 +225,12 @@
 
     /* For mocking the http layer in tests, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
+
+    /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
 };
 
 /*
@@ -259,6 +266,12 @@
      */
     struct aws_tls_ctx *tls_ctx;
 
+    /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking the http layer in tests, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
 };
@@ -310,6 +323,12 @@
      */
     struct aws_tls_ctx *tls_ctx;
 
+    /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking the http layer in tests, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
 
@@ -354,6 +373,12 @@
      */
     const struct aws_http_proxy_options *proxy_options;
 
+    /**
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking the http layer in tests, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
 };
@@ -401,6 +426,12 @@
      */
     struct aws_tls_ctx *tls_ctx;
 
+    /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking the http layer in tests, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
 
@@ -470,6 +501,12 @@
      */
     struct aws_tls_ctx *tls_ctx;
 
+    /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
     aws_io_clock_fn *system_clock_fn;
@@ -526,6 +563,12 @@
     const struct aws_http_proxy_options *http_proxy_options;
 
     /**
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
+    /**
      * (Optional)
      * Uses a cached config file profile collection (~/.aws/config). You can 
also pass a merged profile collection,
      * which contains both a config file and a credentials file.
@@ -628,6 +671,12 @@
      * If enabled, the Environment Credentials Provider is not added to the 
chain.
      */
     bool skip_environment_credentials_provider;
+
+    /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
 };
 
 typedef int(aws_credentials_provider_delegate_get_credentials_fn)(
@@ -722,6 +771,12 @@
      */
     const struct aws_http_proxy_options *http_proxy_options;
 
+    /**
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking the http layer in tests, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
 
@@ -795,6 +850,12 @@
      */
     struct aws_tls_ctx *tls_ctx;
 
+    /*
+     * (Optional) Settings propagated down to http connection manager to 
choose proxy options from environment. Read
+     * aws_http_credentials_provider.h for more information.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking, leave NULL otherwise */
     struct aws_auth_http_system_vtable *function_table;
     aws_io_clock_fn *system_clock_fn;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/include/aws/auth/private/aws_http_credentials_provider.h 
new/aws-c-auth-0.9.4/include/aws/auth/private/aws_http_credentials_provider.h
--- 
old/aws-c-auth-0.9.3/include/aws/auth/private/aws_http_credentials_provider.h   
    2025-12-01 22:35:07.000000000 +0100
+++ 
new/aws-c-auth-0.9.4/include/aws/auth/private/aws_http_credentials_provider.h   
    2025-12-06 03:46:00.000000000 +0100
@@ -50,6 +50,15 @@
      */
     struct aws_retry_strategy *retry_strategy;
 
+    /*
+     * Optional.
+     * Configuration for fetching proxy configuration from environment for 
http connections.
+     * By Default proxy_ev_settings.aws_http_proxy_env_var_type is set to 
AWS_HPEV_DISABLE which means we don't read
+     * proxy configuration from environment. If proxy_options exist for a 
particular credential provider and is set by
+     * the user, it overrides what is set from the environment.
+     */
+    const struct proxy_env_var_settings *proxy_ev_settings;
+
     /* For mocking the http layer in tests, leave NULL otherwise */
     const struct aws_auth_http_system_vtable *function_table;
 };
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/source/aws_http_credentials_provider.c 
new/aws-c-auth-0.9.4/source/aws_http_credentials_provider.c
--- old/aws-c-auth-0.9.3/source/aws_http_credentials_provider.c 2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/aws_http_credentials_provider.c 2025-12-06 
03:46:00.000000000 +0100
@@ -419,6 +419,7 @@
     manager_options.shutdown_complete_callback = 
s_on_connection_manager_shutdown;
     manager_options.shutdown_complete_user_data = provider;
     manager_options.tls_connection_options = &tls_connection_options;
+    manager_options.proxy_ev_settings = options->proxy_ev_settings;
 
     impl->function_table = options->function_table;
     if (impl->function_table == NULL) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/source/aws_imds_client.c 
new/aws-c-auth-0.9.4/source/aws_imds_client.c
--- old/aws-c-auth-0.9.3/source/aws_imds_client.c       2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/aws_imds_client.c       2025-12-06 
03:46:00.000000000 +0100
@@ -168,6 +168,7 @@
     manager_options.max_connections = 10;
     manager_options.shutdown_complete_callback = 
s_on_connection_manager_shutdown;
     manager_options.shutdown_complete_user_data = client;
+    manager_options.proxy_ev_settings = options->proxy_ev_settings;
 
     client->connection_manager = 
client->function_table->aws_http_connection_manager_new(allocator, 
&manager_options);
     if (!client->connection_manager) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/source/credentials_provider_cognito.c 
new/aws-c-auth-0.9.4/source/credentials_provider_cognito.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_cognito.c  2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_cognito.c  2025-12-06 
03:46:00.000000000 +0100
@@ -817,6 +817,7 @@
     manager_options.shutdown_complete_user_data = provider;
     manager_options.tls_connection_options = &tls_connection_options;
     manager_options.proxy_options = options->http_proxy_options;
+    manager_options.proxy_ev_settings = options->proxy_ev_settings;
 
     impl->function_table = options->function_table;
     if (impl->function_table == NULL) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/source/credentials_provider_default_chain.c 
new/aws-c-auth-0.9.4/source/credentials_provider_default_chain.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_default_chain.c    
2025-12-01 22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_default_chain.c    
2025-12-06 03:46:00.000000000 +0100
@@ -35,13 +35,15 @@
     struct aws_allocator *allocator,
     const struct aws_credentials_provider_shutdown_options *shutdown_options,
     struct aws_client_bootstrap *bootstrap,
-    struct aws_tls_ctx *tls_ctx) {
+    struct aws_tls_ctx *tls_ctx,
+    const struct proxy_env_var_settings *proxy_ev_settings) {
 
     /* Try to create the ECS provider. This will fail if its environment 
variables aren't set */
     struct aws_credentials_provider_ecs_environment_options ecs_options = {
         .shutdown_options = *shutdown_options,
         .bootstrap = bootstrap,
         .tls_ctx = tls_ctx,
+        .proxy_ev_settings = proxy_ev_settings,
     };
     struct aws_credentials_provider *ecs_provider =
         aws_credentials_provider_new_ecs_from_environment(allocator, 
&ecs_options);
@@ -64,6 +66,7 @@
         struct aws_credentials_provider_imds_options imds_options = {
             .shutdown_options = *shutdown_options,
             .bootstrap = bootstrap,
+            .proxy_ev_settings = proxy_ev_settings,
         };
         return aws_credentials_provider_new_imds(allocator, &imds_options);
     }
@@ -301,6 +304,7 @@
     sts_options.shutdown_options = sub_provider_shutdown_options;
     sts_options.config_profile_collection_cached = 
options->profile_collection_cached;
     sts_options.profile_name_override = options->profile_name_override;
+    sts_options.proxy_ev_settings = options->proxy_ev_settings;
     sts_provider = aws_credentials_provider_new_sts_web_identity(allocator, 
&sts_options);
     if (sts_provider != NULL) {
         providers[index++] = sts_provider;
@@ -311,7 +315,7 @@
     /* Providers that will always make a network call unless explicitly 
disabled... */
 
     ecs_or_imds_provider = s_aws_credentials_provider_new_ecs_or_imds(
-        allocator, &sub_provider_shutdown_options, options->bootstrap, 
tls_ctx);
+        allocator, &sub_provider_shutdown_options, options->bootstrap, 
tls_ctx, options->proxy_ev_settings);
     if (ecs_or_imds_provider != NULL) {
         providers[index++] = ecs_or_imds_provider;
         /* 1 shutdown call from the imds or ecs provider's shutdown */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/source/credentials_provider_ecs.c 
new/aws-c-auth-0.9.4/source/credentials_provider_ecs.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_ecs.c      2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_ecs.c      2025-12-06 
03:46:00.000000000 +0100
@@ -799,6 +799,7 @@
     manager_options.shutdown_complete_callback = 
s_on_connection_manager_shutdown;
     manager_options.shutdown_complete_user_data = provider;
     manager_options.tls_connection_options = options->tls_ctx ? 
&tls_connection_options : NULL;
+    manager_options.proxy_ev_settings = options->proxy_ev_settings;
 
     impl->function_table = options->function_table;
     if (impl->function_table == NULL) {
@@ -869,6 +870,7 @@
         .shutdown_options = options->shutdown_options,
         .bootstrap = options->bootstrap,
         .function_table = options->function_table,
+        .proxy_ev_settings = options->proxy_ev_settings,
     };
 
     struct aws_string *ecs_env_token_file_path = NULL;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/source/credentials_provider_imds.c 
new/aws-c-auth-0.9.4/source/credentials_provider_imds.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_imds.c     2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_imds.c     2025-12-06 
03:46:00.000000000 +0100
@@ -90,6 +90,7 @@
                 .shutdown_callback = s_on_imds_client_shutdown,
                 .shutdown_user_data = provider,
             },
+        .proxy_ev_settings = options->proxy_ev_settings,
     };
 
     impl->client = aws_imds_client_new(allocator, &client_options);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/source/credentials_provider_login.c 
new/aws-c-auth-0.9.4/source/credentials_provider_login.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_login.c    2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_login.c    2025-12-06 
03:46:00.000000000 +0100
@@ -463,6 +463,7 @@
     http_options.function_table = options->function_table;
     http_options.endpoint = aws_byte_cursor_from_string(parameters->endpoint);
     http_options.max_connections = 2;
+    http_options.proxy_ev_settings = options->proxy_ev_settings;
 
     login_user_data->parameters = parameters;
     login_user_data->request_vtable = &s_login_request_vtable;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/source/credentials_provider_sso.c 
new/aws-c-auth-0.9.4/source/credentials_provider_sso.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_sso.c      2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_sso.c      2025-12-06 
03:46:00.000000000 +0100
@@ -426,6 +426,7 @@
     http_options->function_table = options->function_table;
     http_options->endpoint = aws_byte_cursor_from_string(parameters->endpoint);
     http_options->max_connections = 2;
+    http_options->proxy_ev_settings = options->proxy_ev_settings;
 
     sso_user_data->parameters = parameters;
     sso_user_data->request_vtable = &s_sso_request_vtable;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/source/credentials_provider_sts.c 
new/aws-c-auth-0.9.4/source/credentials_provider_sts.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_sts.c      2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_sts.c      2025-12-06 
03:46:00.000000000 +0100
@@ -954,6 +954,7 @@
         .socket_options = &socket_options,
         .tls_connection_options = &tls_connection_options,
         .proxy_options = options->http_proxy_options,
+        .proxy_ev_settings = options->proxy_ev_settings,
     };
 
     impl->connection_manager =
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/source/credentials_provider_sts_web_identity.c 
new/aws-c-auth-0.9.4/source/credentials_provider_sts_web_identity.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_sts_web_identity.c 
2025-12-01 22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_sts_web_identity.c 
2025-12-06 03:46:00.000000000 +0100
@@ -1166,6 +1166,7 @@
     manager_options.shutdown_complete_callback = 
s_on_connection_manager_shutdown;
     manager_options.shutdown_complete_user_data = provider;
     manager_options.tls_connection_options = &tls_connection_options;
+    manager_options.proxy_ev_settings = options->proxy_ev_settings;
 
     impl->function_table = options->function_table;
     if (impl->function_table == NULL) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/source/credentials_provider_x509.c 
new/aws-c-auth-0.9.4/source/credentials_provider_x509.c
--- old/aws-c-auth-0.9.3/source/credentials_provider_x509.c     2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/source/credentials_provider_x509.c     2025-12-06 
03:46:00.000000000 +0100
@@ -583,6 +583,7 @@
     manager_options.shutdown_complete_user_data = provider;
     manager_options.tls_connection_options = &impl->tls_connection_options;
     manager_options.proxy_options = options->proxy_options;
+    manager_options.proxy_ev_settings = options->proxy_ev_settings;
 
     impl->function_table = options->function_table;
     if (impl->function_table == NULL) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/aws-c-auth-0.9.3/tests/CMakeLists.txt 
new/aws-c-auth-0.9.4/tests/CMakeLists.txt
--- old/aws-c-auth-0.9.3/tests/CMakeLists.txt   2025-12-01 22:35:07.000000000 
+0100
+++ new/aws-c-auth-0.9.4/tests/CMakeLists.txt   2025-12-06 03:46:00.000000000 
+0100
@@ -41,6 +41,7 @@
 add_test_case(credentials_provider_imds_success_multi_part_role_name)
 add_test_case(credentials_provider_imds_success_multi_part_doc)
 add_test_case(credentials_provider_imds_real_new_destroy)
+add_net_test_case(credentials_provider_imds_proxy_routing_enabled_test)
 
 if(AWS_BUILDING_ON_EC2)
     add_test_case(credentials_provider_imds_real_success)
@@ -58,6 +59,7 @@
 add_net_test_case(credentials_provider_ecs_no_auth_token_success)
 add_net_test_case(credentials_provider_ecs_success_multi_part_doc)
 add_net_test_case(credentials_provider_ecs_real_new_destroy)
+add_net_test_case(credentials_provider_ecs_proxy_routing_enabled_test)
 
 if(AWS_BUILDING_ON_ECS)
     add_test_case(credentials_provider_ecs_real_success)
@@ -70,6 +72,7 @@
 add_test_case(credentials_provider_x509_basic_success)
 add_test_case(credentials_provider_x509_success_multi_part_doc)
 add_test_case(credentials_provider_x509_real_new_destroy)
+add_test_case(credentials_provider_x509_proxy_routing_enabled_test)
 
 
add_net_test_case(credentials_provider_sts_web_identity_new_destroy_from_parameters)
 add_net_test_case(credentials_provider_sts_web_identity_new_destroy_from_env)
@@ -86,6 +89,7 @@
 add_net_test_case(credentials_provider_sts_web_identity_basic_success_config)
 add_net_test_case(credentials_provider_sts_web_identity_success_multi_part_doc)
 add_net_test_case(credentials_provider_sts_web_identity_real_new_destroy)
+add_net_test_case(credentials_provider_sts_web_identity_proxy_routing_enabled_test)
 
 add_net_test_case(credentials_provider_sts_direct_config_succeeds)
 
add_net_test_case(credentials_provider_sts_direct_config_with_external_id_succeeds)
@@ -108,6 +112,7 @@
 
add_net_test_case(credentials_provider_sts_from_profile_config_manual_tls_succeeds)
 
add_net_test_case(credentials_provider_sts_from_profile_config_environment_succeeds)
 add_net_test_case(credentials_provider_sts_cache_expiration_conflict)
+add_net_test_case(credentials_provider_sts_proxy_routing_enabled_test)
 
 add_test_case(credentials_provider_process_new_destroy_from_config)
 
add_test_case(credentials_provider_process_new_destroy_from_config_without_token)
@@ -130,6 +135,7 @@
 add_net_test_case(credentials_provider_cognito_failure_dynamic_token_pairs)
 
add_net_test_case(credentials_provider_cognito_failure_dynamic_token_pairs_completion)
 add_net_test_case(credentials_provider_cognito_success_dynamic_token_pairs)
+add_net_test_case(credentials_provider_cognito_proxy_routing_enabled_test)
 
 if(AWS_HAS_CI_ENVIRONMENT)
     add_net_test_case(credentials_provider_cognito_success_unauthenticated)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/tests/credentials_provider_cognito_tests.c 
new/aws-c-auth-0.9.4/tests/credentials_provider_cognito_tests.c
--- old/aws-c-auth-0.9.3/tests/credentials_provider_cognito_tests.c     
2025-12-01 22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/tests/credentials_provider_cognito_tests.c     
2025-12-06 03:46:00.000000000 +0100
@@ -53,6 +53,8 @@
 
     void (*manager_destructor_fn)(void *);
     void *manager_destructor_user_data;
+
+    struct proxy_env_var_settings *proxy_config;
 };
 
 static struct aws_mock_web_credential_provider_tester s_tester;
@@ -64,6 +66,12 @@
     (void)allocator;
     (void)options;
 
+    if (s_tester.proxy_config != NULL) {
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->env_var_type == 
s_tester.proxy_config->env_var_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->connection_type == 
s_tester.proxy_config->connection_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->tls_options == 
s_tester.proxy_config->tls_options);
+    }
+
     s_tester.manager_destructor_fn = options->shutdown_complete_callback;
     s_tester.manager_destructor_user_data = 
options->shutdown_complete_user_data;
 
@@ -816,3 +824,41 @@
 AWS_TEST_CASE(
     credentials_provider_cognito_success_dynamic_token_pairs,
     s_credentials_provider_cognito_success_dynamic_token_pairs_fn);
+
+static int s_credentials_provider_cognito_proxy_routing_enabled_test(struct 
aws_allocator *allocator, void *ctx) {
+    (void)ctx;
+
+    s_aws_cognito_tester_init(allocator);
+
+    struct proxy_env_var_settings proxy_config = {
+        .env_var_type = AWS_HPEV_ENABLE,
+    };
+
+    s_tester.proxy_config = &proxy_config;
+
+    struct aws_credentials_provider_cognito_options options = {
+        .bootstrap = s_tester.bootstrap,
+        .function_table = &s_mock_function_table,
+        .endpoint = aws_byte_cursor_from_c_str("somewhere.amazonaws.com"),
+        .identity = aws_byte_cursor_from_c_str("someone"),
+        .tls_ctx = s_tester.ctx,
+        .proxy_ev_settings = &proxy_config,
+    };
+
+    struct aws_credentials_provider *provider = 
aws_credentials_provider_new_cognito(allocator, &options);
+
+    aws_credentials_provider_get_credentials(provider, 
s_get_credentials_callback, NULL);
+
+    s_aws_wait_for_credentials_result();
+
+    ASSERT_TRUE(s_tester.credentials == NULL);
+
+    aws_credentials_provider_release(provider);
+
+    s_aws_cognito_tester_cleanup();
+
+    return 0;
+}
+AWS_TEST_CASE(
+    credentials_provider_cognito_proxy_routing_enabled_test,
+    s_credentials_provider_cognito_proxy_routing_enabled_test);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/tests/credentials_provider_ecs_tests.c 
new/aws-c-auth-0.9.4/tests/credentials_provider_ecs_tests.c
--- old/aws-c-auth-0.9.3/tests/credentials_provider_ecs_tests.c 2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/tests/credentials_provider_ecs_tests.c 2025-12-06 
03:46:00.000000000 +0100
@@ -9,6 +9,7 @@
 
 #include <aws/auth/credentials.h>
 #include <aws/auth/private/credentials_utils.h>
+#include <aws/common/byte_buf.h>
 #include <aws/common/clock.h>
 #include <aws/common/condition_variable.h>
 #include <aws/common/date_time.h>
@@ -16,6 +17,7 @@
 #include <aws/common/string.h>
 #include <aws/common/thread.h>
 #include <aws/common/uri.h>
+#include <aws/http/proxy.h>
 #include <aws/http/request_response.h>
 #include <aws/http/status_code.h>
 #include <aws/io/channel_bootstrap.h>
@@ -56,6 +58,8 @@
     struct aws_host_resolver *host_resolver;
     struct aws_client_bootstrap *bootstrap;
     struct aws_tls_ctx *tls_ctx;
+
+    struct proxy_env_var_settings *proxy_config;
 };
 
 static struct aws_mock_ecs_tester s_tester;
@@ -95,6 +99,12 @@
     s_tester.selected_tls = options->tls_connection_options != NULL;
     aws_mutex_unlock(&s_tester.lock);
 
+    if (s_tester.proxy_config != NULL) {
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->env_var_type == 
s_tester.proxy_config->env_var_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->connection_type == 
s_tester.proxy_config->connection_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->tls_options == 
s_tester.proxy_config->tls_options);
+    }
+
     return (struct aws_http_connection_manager *)1;
 }
 
@@ -1223,3 +1233,50 @@
 }
 
 AWS_TEST_CASE(credentials_provider_ecs_real_success, 
s_credentials_provider_ecs_real_success);
+
+static int s_credentials_provider_ecs_proxy_routing_enabled_test(struct 
aws_allocator *allocator, void *ctx) {
+    (void)ctx;
+
+    s_aws_ecs_tester_init(allocator);
+
+    struct proxy_env_var_settings proxy_config = {
+        .env_var_type = AWS_HPEV_ENABLE,
+    };
+
+    s_tester.proxy_config = &proxy_config;
+
+    struct aws_credentials_provider_ecs_options options = {
+        .bootstrap = s_tester.bootstrap,
+        .function_table = &s_mock_function_table,
+        .shutdown_options =
+            {
+                .shutdown_callback = s_on_shutdown_complete,
+                .shutdown_user_data = NULL,
+            },
+        .host = aws_byte_cursor_from_c_str("127.0.0.1"),
+        .path_and_query = aws_byte_cursor_from_c_str("/path"),
+        .tls_ctx = s_tester.tls_ctx,
+        .proxy_ev_settings = &proxy_config,
+    };
+
+    struct aws_credentials_provider *provider = 
aws_credentials_provider_new_ecs(allocator, &options);
+
+    aws_credentials_provider_get_credentials(provider, 
s_get_credentials_callback, NULL);
+
+    s_aws_wait_for_credentials_result();
+
+    ASSERT_TRUE(s_tester.credentials == NULL);
+
+    aws_credentials_provider_release(provider);
+
+    s_aws_wait_for_provider_shutdown_callback();
+
+    aws_mem_release(provider->allocator, provider);
+
+    s_aws_ecs_tester_cleanup();
+
+    return 0;
+}
+AWS_TEST_CASE(
+    credentials_provider_ecs_proxy_routing_enabled_test,
+    s_credentials_provider_ecs_proxy_routing_enabled_test);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/tests/credentials_provider_imds_tests.c 
new/aws-c-auth-0.9.4/tests/credentials_provider_imds_tests.c
--- old/aws-c-auth-0.9.3/tests/credentials_provider_imds_tests.c        
2025-12-01 22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/tests/credentials_provider_imds_tests.c        
2025-12-06 03:46:00.000000000 +0100
@@ -9,8 +9,10 @@
 #include <aws/auth/private/credentials_utils.h>
 #include <aws/common/clock.h>
 #include <aws/common/condition_variable.h>
+#include <aws/common/environment.h>
 #include <aws/common/string.h>
 #include <aws/common/thread.h>
+#include <aws/http/proxy.h>
 #include <aws/http/request_response.h>
 #include <aws/http/status_code.h>
 #include <aws/io/channel_bootstrap.h>
@@ -61,6 +63,8 @@
     bool token_header_exist[IMDS_MAX_REQUESTS];
     bool token_header_expected[IMDS_MAX_REQUESTS];
     bool alternate_closed_connections;
+
+    struct proxy_env_var_settings *proxy_config;
 };
 
 static struct aws_mock_imds_tester s_tester;
@@ -98,6 +102,12 @@
     (void)allocator;
     (void)options;
 
+    if (s_tester.proxy_config != NULL) {
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->env_var_type == 
s_tester.proxy_config->env_var_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->connection_type == 
s_tester.proxy_config->connection_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->tls_options == 
s_tester.proxy_config->tls_options);
+    }
+
     return (struct aws_http_connection_manager *)1;
 }
 
@@ -1188,3 +1198,49 @@
 }
 
 AWS_TEST_CASE(credentials_provider_imds_real_success, 
s_credentials_provider_imds_real_success);
+
+static int s_credentials_provider_imds_proxy_routing_enabled_test(struct 
aws_allocator *allocator, void *ctx) {
+    (void)ctx;
+
+    s_aws_imds_tester_init(allocator);
+
+    struct proxy_env_var_settings proxy_config = {
+        .env_var_type = AWS_HPEV_ENABLE,
+    };
+
+    s_tester.proxy_config = &proxy_config;
+
+    struct aws_credentials_provider_imds_options options = {
+        .bootstrap = s_tester.bootstrap,
+        .function_table = &s_mock_function_table,
+        .shutdown_options =
+            {
+                .shutdown_callback = s_on_shutdown_complete,
+                .shutdown_user_data = NULL,
+            },
+        .proxy_ev_settings = &proxy_config,
+    };
+
+    struct aws_credentials_provider *provider = 
aws_credentials_provider_new_imds(allocator, &options);
+
+    aws_credentials_provider_get_credentials(provider, 
s_get_credentials_callback, NULL);
+
+    s_aws_wait_for_credentials_result();
+
+    ASSERT_TRUE(s_tester.credentials == NULL);
+
+    aws_credentials_provider_release(provider);
+
+    s_aws_wait_for_provider_shutdown_callback();
+
+    struct aws_credentials_provider_imds_impl *impl = provider->impl;
+    aws_mem_release(provider->allocator, impl->client);
+    aws_mem_release(provider->allocator, provider);
+
+    ASSERT_SUCCESS(s_aws_imds_tester_cleanup());
+
+    return 0;
+}
+AWS_TEST_CASE(
+    credentials_provider_imds_proxy_routing_enabled_test,
+    s_credentials_provider_imds_proxy_routing_enabled_test);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/tests/credentials_provider_sts_tests.c 
new/aws-c-auth-0.9.4/tests/credentials_provider_sts_tests.c
--- old/aws-c-auth-0.9.3/tests/credentials_provider_sts_tests.c 2025-12-01 
22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/tests/credentials_provider_sts_tests.c 2025-12-06 
03:46:00.000000000 +0100
@@ -15,6 +15,7 @@
 
 #include <aws/http/connection.h>
 #include <aws/http/connection_manager.h>
+#include <aws/http/proxy.h>
 #include <aws/http/request_response.h>
 
 #include <aws/auth/private/credentials_utils.h>
@@ -66,6 +67,8 @@
     struct aws_client_bootstrap *bootstrap;
 
     struct aws_tls_ctx *tls_ctx;
+
+    struct proxy_env_var_settings *proxy_config;
 };
 
 static struct aws_mock_sts_tester s_tester;
@@ -120,6 +123,13 @@
 static struct aws_http_connection_manager 
*s_aws_http_connection_manager_new_mock(
     struct aws_allocator *allocator,
     const struct aws_http_connection_manager_options *options) {
+
+    if (s_tester.proxy_config != NULL) {
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->env_var_type == 
s_tester.proxy_config->env_var_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->connection_type == 
s_tester.proxy_config->connection_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->tls_options == 
s_tester.proxy_config->tls_options);
+    }
+
     /* copy the shutdown callback */
     struct aws_shutdown_callback_options *shutdown_callback =
         aws_mem_calloc(allocator, 1, sizeof(struct 
aws_shutdown_callback_options));
@@ -2152,3 +2162,55 @@
 }
 
 AWS_TEST_CASE(credentials_provider_sts_cache_expiration_conflict, 
s_credentials_provider_sts_cache_expiration_conflict)
+
+static int s_credentials_provider_sts_proxy_routing_enabled_test(struct 
aws_allocator *allocator, void *ctx) {
+    (void)ctx;
+
+    s_aws_sts_tester_init(allocator);
+
+    struct proxy_env_var_settings proxy_config = {
+        .env_var_type = AWS_HPEV_ENABLE,
+    };
+
+    s_tester.proxy_config = &proxy_config;
+    s_tester.fail_connection = true;
+
+    struct aws_credentials_provider_static_options static_options = {
+        .access_key_id = s_access_key_cur,
+        .secret_access_key = s_secret_key_cur,
+        .session_token = s_session_token_cur,
+    };
+    struct aws_credentials_provider *static_provider = 
aws_credentials_provider_new_static(allocator, &static_options);
+
+    struct aws_credentials_provider_sts_options options = {
+        .creds_provider = static_provider,
+        .bootstrap = s_tester.bootstrap,
+        .tls_ctx = s_tester.tls_ctx,
+        .role_arn = s_role_arn_cur,
+        .session_name = s_session_name_cur,
+        .duration_seconds = 0,
+        .function_table = &s_mock_function_table,
+        .system_clock_fn = mock_aws_get_system_time,
+        .proxy_ev_settings = &proxy_config,
+    };
+
+    mock_aws_set_system_time(0);
+
+    struct aws_credentials_provider *sts_provider = 
aws_credentials_provider_new_sts(allocator, &options);
+
+    aws_credentials_provider_get_credentials(sts_provider, 
s_get_credentials_callback, NULL);
+
+    s_aws_wait_for_credentials_result();
+
+    ASSERT_TRUE(s_tester.credentials == NULL);
+
+    aws_credentials_provider_release(sts_provider);
+    s_aws_wait_for_connection_manager_shutdown_callback();
+    aws_credentials_provider_release(static_provider);
+    ASSERT_SUCCESS(s_aws_sts_tester_cleanup());
+
+    return AWS_OP_SUCCESS;
+}
+AWS_TEST_CASE(
+    credentials_provider_sts_proxy_routing_enabled_test,
+    s_credentials_provider_sts_proxy_routing_enabled_test)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/tests/credentials_provider_sts_web_identity_tests.c 
new/aws-c-auth-0.9.4/tests/credentials_provider_sts_web_identity_tests.c
--- old/aws-c-auth-0.9.3/tests/credentials_provider_sts_web_identity_tests.c    
2025-12-01 22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/tests/credentials_provider_sts_web_identity_tests.c    
2025-12-06 03:46:00.000000000 +0100
@@ -43,6 +43,8 @@
     int attempts;
     int response_code;
     int error_code;
+
+    struct proxy_env_var_settings *proxy_config;
 } s_tester;
 
 static void s_on_shutdown_complete(void *user_data) {
@@ -79,6 +81,12 @@
     struct aws_allocator *allocator,
     const struct aws_http_connection_manager_options *options) {
 
+    if (s_tester.proxy_config != NULL) {
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->env_var_type == 
s_tester.proxy_config->env_var_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->connection_type == 
s_tester.proxy_config->connection_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->tls_options == 
s_tester.proxy_config->tls_options);
+    }
+
     struct mock_connection_manager *mock_manager = aws_mem_calloc(allocator, 
1, sizeof(struct mock_connection_manager));
     mock_manager->allocator = allocator;
     mock_manager->shutdown_complete_callback = 
options->shutdown_complete_callback;
@@ -1317,3 +1325,62 @@
 AWS_TEST_CASE(
     credentials_provider_sts_web_identity_real_new_destroy,
     s_credentials_provider_sts_web_identity_real_new_destroy);
+
+static int s_credentials_provider_sts_web_identity_proxy_routing_enabled_test(
+    struct aws_allocator *allocator,
+    void *ctx) {
+    (void)ctx;
+
+    s_aws_sts_web_identity_tester_init(allocator);
+
+    struct proxy_env_var_settings proxy_config = {
+        .env_var_type = AWS_HPEV_ENABLE,
+    };
+
+    s_tester.proxy_config = &proxy_config;
+
+    s_aws_sts_web_identity_test_unset_env_parameters();
+
+    struct aws_string *token_file_path_str = 
aws_create_process_unique_file_name(allocator);
+    ASSERT_TRUE(token_file_path_str != NULL);
+    ASSERT_TRUE(aws_create_profile_file(token_file_path_str, 
s_sts_web_identity_token_contents) == AWS_OP_SUCCESS);
+
+    s_aws_sts_web_identity_test_init_env_parameters(
+        allocator,
+        "us-east-1",
+        "arn:aws:iam::1234567890:role/test-arn",
+        "9876543210",
+        aws_string_c_str(token_file_path_str));
+    aws_string_destroy(token_file_path_str);
+
+    struct aws_credentials_provider_sts_web_identity_options options = {
+        .bootstrap = NULL,
+        .tls_ctx = s_tester.tls_ctx,
+        .function_table = &s_mock_function_table,
+        .shutdown_options =
+            {
+                .shutdown_callback = s_on_shutdown_complete,
+                .shutdown_user_data = NULL,
+            },
+        .proxy_ev_settings = &proxy_config,
+    };
+
+    struct aws_credentials_provider *provider = 
aws_credentials_provider_new_sts_web_identity(allocator, &options);
+
+    aws_credentials_provider_get_credentials(provider, 
s_get_credentials_callback, NULL);
+
+    s_aws_wait_for_credentials_result();
+
+    ASSERT_TRUE(s_tester.credentials == NULL);
+
+    aws_credentials_provider_release(provider);
+
+    s_aws_wait_for_provider_shutdown_callback();
+
+    s_aws_sts_web_identity_tester_cleanup();
+
+    return 0;
+}
+AWS_TEST_CASE(
+    credentials_provider_sts_web_identity_proxy_routing_enabled_test,
+    s_credentials_provider_sts_web_identity_proxy_routing_enabled_test);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/aws-c-auth-0.9.3/tests/credentials_provider_x509_tests.c 
new/aws-c-auth-0.9.4/tests/credentials_provider_x509_tests.c
--- old/aws-c-auth-0.9.3/tests/credentials_provider_x509_tests.c        
2025-12-01 22:35:07.000000000 +0100
+++ new/aws-c-auth-0.9.4/tests/credentials_provider_x509_tests.c        
2025-12-06 03:46:00.000000000 +0100
@@ -10,6 +10,7 @@
 #include <aws/common/clock.h>
 #include <aws/common/condition_variable.h>
 #include <aws/common/date_time.h>
+#include <aws/common/environment.h>
 #include <aws/common/string.h>
 #include <aws/common/thread.h>
 #include <aws/http/request_response.h>
@@ -36,6 +37,8 @@
 
     struct aws_tls_ctx *ctx;
     struct aws_tls_connection_options tls_connection_options;
+
+    struct proxy_env_var_settings *proxy_config;
 };
 
 static struct aws_mock_x509_tester s_tester;
@@ -69,6 +72,12 @@
     (void)allocator;
     (void)options;
 
+    if (s_tester.proxy_config != NULL) {
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->env_var_type == 
s_tester.proxy_config->env_var_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->connection_type == 
s_tester.proxy_config->connection_type);
+        AWS_FATAL_ASSERT(options->proxy_ev_settings->tls_options == 
s_tester.proxy_config->tls_options);
+    }
+
     return (struct aws_http_connection_manager *)1;
 }
 
@@ -653,3 +662,51 @@
 }
 
 AWS_TEST_CASE(credentials_provider_x509_real_new_destroy, 
s_credentials_provider_x509_real_new_destroy);
+
+static int s_credentials_provider_x509_proxy_routing_enabled_test(struct 
aws_allocator *allocator, void *ctx) {
+    (void)ctx;
+
+    s_aws_x509_tester_init(allocator);
+
+    struct proxy_env_var_settings proxy_config = {
+        .env_var_type = AWS_HPEV_ENABLE,
+    };
+
+    s_tester.proxy_config = &proxy_config;
+
+    struct aws_credentials_provider_x509_options options = {
+        .bootstrap = NULL,
+        .function_table = &s_mock_function_table,
+        .shutdown_options =
+            {
+                .shutdown_callback = s_on_shutdown_complete,
+                .shutdown_user_data = NULL,
+            },
+        .endpoint = 
aws_byte_cursor_from_c_str("c2sakl5huz0afv.credentials.iot.us-east-1.amazonaws.com"),
+        .thing_name = aws_byte_cursor_from_c_str("my_iot_thing_name"),
+        .role_alias = aws_byte_cursor_from_c_str("my_test_role_alias"),
+        .tls_connection_options = &s_tester.tls_connection_options,
+        .proxy_ev_settings = &proxy_config,
+    };
+
+    struct aws_credentials_provider *provider = 
aws_credentials_provider_new_x509(allocator, &options);
+
+    aws_credentials_provider_get_credentials(provider, 
s_get_credentials_callback, NULL);
+
+    s_aws_wait_for_credentials_result();
+
+    ASSERT_TRUE(s_tester.credentials == NULL);
+
+    aws_credentials_provider_release(provider);
+
+    s_aws_wait_for_provider_shutdown_callback();
+
+    aws_mem_release(provider->allocator, provider);
+
+    s_aws_x509_tester_cleanup();
+
+    return 0;
+}
+AWS_TEST_CASE(
+    credentials_provider_x509_proxy_routing_enabled_test,
+    s_credentials_provider_x509_proxy_routing_enabled_test);

commit aws-c-auth for openSUSE:Factory

Reply via email to