New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
jewel: rgw: aws4: add STREAMING-AWS4-HMAC-SHA256-PAYLOAD support #10167
Conversation
@jmunhoz Could you cherry-pick this again and:
This is very helpful in case something unexpected happens and a forensic investigation becomes necessary. |
@smithfarm sure! I would like to run some more manual testing on the backport so I will work on it for the next days. |
@jmunhoz Thanks! Marking DNM in the meantime. |
Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com> (cherry picked from commit ddbb0ab)
This is purely for code maintainability. Signed-off-by: Radoslaw Zarzynski <rzarzynski@mirantis.com> (cherry picked from commit 6f273eb)
When authenticating requests using the Authorization header in AWS4, you have the option of uploading the payload in chunks. You can send data in fixed size or variable size chunks. This patch enables streaming mode and signed headers support with chunked uploads. Fixes: http://tracker.ceph.com/issues/16146 Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com> (cherry picked from commit 5de5876) Conflicts: src/rgw/rgw_rest_s3.cc No change required to resolve the conflict. Manual merge was enough.
ae1bde5
to
8cd7f44
Compare
@smithfarm I would suggest backporting two commits related to memory management in AWS4. With those commits in place and simple manual fixing all things are working ok on my side. |
@jmunhoz If you think this needs #9689 I would suggest to cherry-pick that into this PR. Also the memory-management commits. As long as @oritwas and @yehudasa agree for this whole feature to be backported into jewel (the "default policy" is to backport only bugfixes, but exceptions can be made), then we might as well include everything, right? |
Signed-off-by: Javier M. Mellid <jmunhoz@igalia.com> (cherry picked from commit dd9f531)
@smithfarm I was considering adding #9689 as a new PR but now it is part of this batch as suggested. The memory-management commits are in place too. Thanks! |
@jmunhoz Good. I think including all relevant patches in a single PR makes it easier to test and review. |
…PAYLOAD support Reviewed-by: Loic Dachary <ldachary@redhat.com>
Hey jenkins, test this please ! (bluefs crash) |
…PAYLOAD support Reviewed-by: Loic Dachary <ldachary@redhat.com>
…SHA256-PAYLOAD support Reviewed-by: Loic Dachary <ldachary@redhat.com>
@mattbenjamin does this backport look good to merge ? It passed the rgw suite http://tracker.ceph.com/issues/16344#note-19 (the failure was due to another pull request). |
…SHA256-PAYLOAD support Reviewed-by: Loic Dachary <ldachary@redhat.com>
…SHA256-PAYLOAD support Reviewed-by: Loic Dachary <ldachary@redhat.com>
…SHA256-PAYLOAD support Reviewed-by: Loic Dachary <ldachary@redhat.com>
…SHA256-PAYLOAD support Reviewed-by: Loic Dachary <ldachary@redhat.com>
When authenticating requests using the Authorization header in AWS4, you have
the option of uploading the payload in chunks. You can send data in fixed size
or variable size chunks.
This patch enables streaming mode and signed headers support with chunked
uploads.
Fixes: http://tracker.ceph.com/issues/16311
Signed-off-by: Javier M. Mellid jmunhoz@igalia.com
(cherry picked from commit 5de5876)