Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rgw: include SSE-KMS headers in encrypted upload response #17999

Merged
merged 1 commit into from Oct 2, 2017
Merged

rgw: include SSE-KMS headers in encrypted upload response #17999

merged 1 commit into from Oct 2, 2017

Conversation

cbodley
Copy link
Contributor

@cbodley cbodley commented Sep 27, 2017

tested with boto3 against a vstart.sh cluster:

import boto3
session = boto3.session.Session()
s3 = session.client('s3', aws_access_key_id='0555b35654ad1656d804', aws_secret_access_key='h7GhxuBLTrlhVUyxSPUKUV8r/2EI4ngqJxD7iBdBYLhwluN30JaT3Q==', endpoint_url='http://localhost:8000')
s3.put_object(Bucket='bucket', Key='foo', Body='abcdefg', ServerSideEncryption='aws:kms', SSEKMSKeyId='testkey-1')

without this patch, the response is missing the expected encryption headers:

{u'ETag': '"7ac66c0f148de9519b8bd264312c4d64"', 'ResponseMetadata': {'HTTPStatusCode': 200, 'RetryAttempts': 0, 'HostId': '', 'RequestId': 'tx000000000000000000002-0059cbf0e9-100a-default', 'HTTPHeaders': {'date': 'Wed, 27 Sep 2017 18:41:46 GMT', 'content-length': '0', 'etag': '"7ac66c0f148de9519b8bd264312c4d64"', 'accept-ranges': 'bytes', 'x-amz-request-id': 'tx000000000000000000002-0059cbf0e9-100a-default'}}}

with this patch applied, the headers are included:

{u'SSEKMSKeyId': 'testkey-1', u'ETag': '"7ac66c0f148de9519b8bd264312c4d64"', 'ResponseMetadata': {'HTTPStatusCode': 200, 'RetryAttempts': 0, 'HostId': '', 'RequestId': 'tx000000000000000000002-0059cbec74-100a-default', 'HTTPHeaders': {'content-length': '0', 'accept-ranges': 'bytes', 'x-amz-server-side-encryption-aws-kms-key-id': 'testkey-1', 'etag': '"7ac66c0f148de9519b8bd264312c4d64"', 'x-amz-request-id': 'tx000000000000000000002-0059cbec74-100a-default', 'date': 'Wed, 27 Sep 2017 18:22:45 GMT', 'x-amz-server-side-encryption': 'aws:kms'}}, u'ServerSideEncryption': 'aws:kms'}

Fixes: http://tracker.ceph.com/issues/21576

@cbodley cbodley requested a review from aclamk September 27, 2017 18:46
@cbodley
Copy link
Contributor Author

cbodley commented Sep 27, 2017

oops, i didn't realize this was already fixed in #17882

@cbodley cbodley closed this Sep 27, 2017
@cbodley cbodley reopened this Oct 2, 2017
mattbenjamin
mattbenjamin approved these changes Oct 2, 2017
View reviewed changes
Copy link
Contributor

@mattbenjamin mattbenjamin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@cbodley cbodley merged commit cd0bd44 into ceph:master Oct 2, 2017
@cbodley cbodley deleted the wip-21576 branch October 2, 2017 20:57
@cbodley cbodley mentioned this pull request Oct 2, 2017
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mattbenjamin mattbenjamin mattbenjamin approved these changes

@aclamk aclamk Awaiting requested review from aclamk

Assignees
No one assigned
Labels
bug-fix rgw
Projects
None yet
Milestone
No milestone
2 participants
@cbodley @mattbenjamin