Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1711746

Summary:	[rhos9] v4 signature support doesn't verify content for PUT request
Product:	Red Hat OpenStack	Reporter:	Summer Long <slong>
Component:	openstack-swift	Assignee:	Pete Zaitcev <zaitcev>
Status:	CLOSED EOL	QA Contact:	Mike Abrams <mabrams>
Severity:	medium	Docs Contact:	Tana <tberry>
Priority:	medium
Version:	9.0 (Mitaka)	CC:	derekh, zaitcev
Target Milestone:	---	Keywords:	Security, Triaged, ZStream
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:
Clones:	1711747 (view as bug list)		Environment:
Last Closed:	2019-08-30 15:01:39 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Summer Long 2019-05-20 03:46:28 UTC

Description of problem:
When support was added for v4 signatures, it required that the client provide a X-Amz-Content-SHA256 header and use it in computing the expected signature. However, it wasn't verified that content sent actually matched the SHA! As a result, an attacker that manages to capture the headers for a PUT request had a 5-minute window to overwrite the object with arbitrary content of the same length.

Because an attacker must already have to have secure access to exploit, this has been raised as a hardening task.

Additional info:
Upstream bug: https://bugs.launchpad.net/ossa/+bug/1765834, fixed in 2.21.0