Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
rgw: aws4: add presigned url bugfix in runtime
Runtime bugfix to handle presigned urls computed with canonical requests using the port number once. Boto2 computes canonical requests using the port number twice although it should be used once only. This behaviour is a bug supported by AWS S3. Boto2 is used in RGW S3 as reference implementation. The client-side tools not supporting this boto2 bug will fail although they should work too. In order to support both presigned url implementations this patch adds a config option to compute a second signature. With this option enabled, the code will compute two signatures when the first signature is not valid. The aws4 auth succeed if some of the two signatures is valid. The config option rgw_s3_auth_aws4_presigned_url_bugfix is disabled by default so one signature, working with boto2, is computed only. Fixes: http://tracker.ceph.com/issues/16463 Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com>
- Loading branch information
Showing
3 changed files
with
13 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters