OpenStack Object Storage (swift)

Regression with UNSIGNED-PAYLOAD requests

Bug #1910827 reported by Tim Burke
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Object Storage (swift)
New
Undecided
Unassigned

Bug Description

Following https://review.opendev.org/c/openstack/swift/+/767644, UNSIGNED-PAYLOAD requests all fail with SignatureDoesNotMatch errors. The trouble is the lower-casing of the provided X-Amz-Content-SHA256 value; the server then calculates a canonical request like

========================================
PUT
/bucket/server.py

content-md5:KRI0BANRt8GOkkAnWigz4w==
content-type:text/x-python
host:saio
x-amz-content-sha256:UNSIGNED-PAYLOAD
x-amz-date:20210108T224842Z

content-md5;content-type;host;x-amz-content-sha256;x-amz-date
unsigned-payload
========================================

while the client calculated

========================================
PUT
/bucket/server.py

content-md5:KRI0BANRt8GOkkAnWigz4w==
content-type:text/x-python
host:saio
x-amz-content-sha256:UNSIGNED-PAYLOAD
x-amz-date:20210108T224842Z

content-md5;content-type;host;x-amz-content-sha256;x-amz-date
UNSIGNED-PAYLOAD
========================================

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/swift 2.27.0

This issue was fixed in the openstack/swift 2.27.0 release.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to swift (stable/victoria)

Fix proposed to branch: stable/victoria
Review: https://review.opendev.org/c/openstack/swift/+/838576

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Change abandoned on swift (stable/victoria)

Change abandoned by "Tim Burke <email address hidden>" on branch: stable/victoria
Review: https://review.opendev.org/c/openstack/swift/+/838576

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.