From: Stefan Andres <s.andres@syseleven.de>
Date: Mon, 15 May 2017 08:21:50 +0000 (+0200)
Subject: (#4913) apt_key now does not always send auth basic
X-Git-Tag: 4.1.0~1^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=920e34c0b6f5847965f1897c81e3123ddff172cf;p=puppet-modules%2Fpuppetlabs-apt.git

(#4913) apt_key now does not always send auth basic

Prior to this commit, apt_key always sent auth basic header when source
came from http(s). This might fail for some webservers (e.g. Amazon S3)
when empty auth basic is sent.

Now apt_key only sends the auth basic header when userinfo can
be parsed from the URL.
---

diff --git a/lib/puppet/provider/apt_key/apt_key.rb b/lib/puppet/provider/apt_key/apt_key.rb
index d7e85da..668fd0f 100644
--- a/lib/puppet/provider/apt_key/apt_key.rb
+++ b/lib/puppet/provider/apt_key/apt_key.rb
@@ -127,9 +127,15 @@ Puppet::Type.type(:apt_key).provide(:apt_key) do
       f
     else
       begin
-        user_pass = parsedValue.userinfo.nil? ? nil : parsedValue.userinfo.split(':')
-        parsedValue.userinfo = ''
-        key = open(parsedValue, :http_basic_authentication => user_pass).read
+        # Only send basic auth if URL contains userinfo
+        # Some webservers (e.g. Amazon S3) return code 400 if empty basic auth is sent
+        if parsedValue.userinfo.nil?
+          key = parsedValue.read
+        else
+          user_pass = parsedValue.userinfo.split(':')
+          parsedValue.userinfo = ''
+          key = open(parsedValue, :http_basic_authentication => user_pass).read
+        end
       rescue OpenURI::HTTPError, Net::FTPPermError => e
         fail("#{e.message} for #{resource[:source]}")
       rescue SocketError