swift-temp-url wrong HMAC full url (with WARNING)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Object Storage (swift) |
Fix Released
|
Low
|
Unassigned |
Bug Description
If you want to get a tempurl for an object at a uri you might try:
vagrant@saio:~$ swift-temp-url GET 30 https:/
WARNING: "https:/
WARNING: Non-object paths will be rejected by tempurl.
https:/
It outputs a valid *looking* tempurl - but the warning does indicate something wrong (it used the wrong path for the HMAC)!
Expected output:
vagrant@saio:~$ swift-temp-url GET 30 https:/
https:/
summary: |
- swift-temp-url prints WARNING with full url + swift-temp-url wrong HMAC full url (with WARNING) |
Changed in swift: | |
assignee: | Mohit Motiani (mohit-motiani) → nobody |
I was able to reproduce it.
Warning message needs to update in this case. Also, a valid looking URI should not be generated if object or container does not exist. Instead, tempURL should be discarded.
#in below case, object does not exist. still it generates a valid URI. saio-experiment :~/swift$ swift-temp-url GET 3600 /v1/AUTH_ test/test_ container/ file4.txt secrete_key_b test/test_ container/ file4.txt? temp_url_ sig=a7b362cbb3a 5c3482b1cc26ee8 4a1741de5f3c9d& temp_url_ expires= 1469742082
ubuntu@
/v1/AUTH_
#in below case, container and object does not exist. still it generates a valid URI. saio-experiment :~/swift$ swift-temp-url GET 3600 /v1/AUTH_ test/test_ container1/ file4.txt secrete_key_b test/test_ container1/ file4.txt? temp_url_ sig=6cffe725134 48d2de0b31700fb 71427b727e3628& temp_url_ expires= 1469742091
ubuntu@
/v1/AUTH_