Fix host:port handlingstable/victoria

When we check the EC2 signature without the port part of the host value
received, we should properly split host:port. Keep in mind the splitting
should work for values like [fc00::]:123 too.

Change-Id: I1d90dfcea3568e2a9b22069daa428ea6a2a38bd6
Closes-Bug: #1988168
(cherry picked from commit 6c35b366e3c8c6d7f47471b93f5315582301c5ef)
(cherry picked from commit d39790ac4e9dc25af09cdddc6217e36bacbc2bb1)
(cherry picked from commit 0bb9cdee71805af1a7cb0a7db110b336eae5da1e)
(cherry picked from commit aa50b963cce20a76db0c4834b3716d3658c784af)

1 files changed, 4 insertions, 2 deletions

diff --git a/keystone/api/ec2tokens.py b/keystone/api/ec2tokens.py
index 12096db9e..d21673a03 100644
--- a/keystone/api/ec2tokens.py
+++ b/keystone/api/ec2tokens.py
@@ -12,6 +12,8 @@
 
 # This file handles all flask-restful resources for /v3/ec2tokens
 
+import urllib.parse
+
 import flask
 import http.client
 from keystoneclient.contrib.ec2 import utils as ec2_utils
@@ -42,8 +44,8 @@ class EC2TokensResource(EC2_S3_Resource.ResourceBase):
             # NOTE(vish): Some client libraries don't use the port when
             # signing requests, so try again without the port.
             elif ':' in credentials['host']:
-                hostname, _port = credentials.split(':')
-                credentials['host'] = hostname
+                parsed = urllib.parse.urlsplit('//' + credentials['host'])
+                credentials['host'] = parsed.hostname
                 # NOTE(davechen): we need to reinitialize 'signer' to avoid
                 # contaminated status of signature, this is similar with
                 # other programming language libraries, JAVA for example.