Bug 1759582
| Summary: | rgw: fix ipv6 signature calculation | ||
|---|---|---|---|
| Product: | [Red Hat Storage] Red Hat Ceph Storage | Reporter: | Matt Benjamin (redhat) <mbenjamin> |
| Component: | RGW | Assignee: | Matt Benjamin (redhat) <mbenjamin> |
| Status: | CLOSED ERRATA | QA Contact: | Tejas <tchandra> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.3 | CC: | cbodley, ceph-eng-bugs, kbader, kdreyer, mbenjamin, sweil, tserlin, vereddy |
| Target Milestone: | --- | Keywords: | TestOnly |
| Target Release: | 5.0 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | ceph-16.0.0-8633.el8cp | Doc Type: | If docs needed, set a value |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-08-30 08:22:57 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This comment was flagged a spam, view the edit history to see the original text if required. upstream tracker says this was resolved back in v14.2.10, so the code is available in ceph-14.2.11-95 that we shipped in http://access.redhat.com/errata/RHSA-2021:0081 today. Marking this TestOnly for QE verification. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat Ceph Storage 5.0 bug fix and enhancement), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2021:3294 |
From upstream tracker: """ here is my s3 java sdk test ipv6 AWSCredentials credentials = new BasicAWSCredentials("yly", "yly"); ClientConfiguration s3_opts = new ClientConfiguration(); s3_opts.setSignerOverride("S3SignerType"); AmazonS3 s3_client = new AmazonS3Client(credentials, s3_opts); s3_client.setEndpoint("http://[2409:8050:3000:5000:1400::238]"); s3_client.setS3ClientOptions(new S3ClientOptions().withPathStyleAccess(true)); s3_client.listObjects("test1"); and it is 403 SignatureDoesNotMatch error the rgw log below 2019-10-08T15:00:45.853+0800 7f5571da4700 15 req 1 0.007999973s s3:get_obj string_to_sign=GET application/octet-stream Tue, 08 Oct 2019 07:00:45 GMT /[2409/test1/ 2019-10-08T15:00:45.853+0800 7f5571da4700 15 req 1 0.007999973s s3:get_obj server signature=uWtjhLmR4ADsAdmrRWgTnJrRObI= 2019-10-08T15:00:45.853+0800 7f5571da4700 15 req 1 0.007999973s s3:get_obj client signature=3Ad+klS9c4Irf+A/D/4YGgUgE4M= 2019-10-08T15:00:45.853+0800 7f5571da4700 15 req 1 0.007999973s s3:get_obj compare=-66 2019-10-08T15:00:45.853+0800 7f5571da4700 20 req 1 0.007999973s s3:get_obj rgw::auth::s3::LocalEngine denied with reason=-2027 2019-10-08T15:00:45.853+0800 7f5571da4700 20 req 1 0.007999973s s3:get_obj rgw::auth::s3::AWSAuthStrategy denied with reason=-2027 2019-10-08T15:00:45.853+0800 7f5571da4700 20 req 1 0.007999973s s3:get_obj rgw::auth::StrategyRegistry::s3_main_strategy_t: trying rgw::auth::s3::AWSAuthStrategy 2019-10-08T15:00:45.853+0800 7f5571da4700 20 req 1 0.007999973s s3:get_obj rgw::auth::s3::AWSAuthStrategy: trying rgw::auth::s3::LocalEngine 2019-10-08T15:00:45.853+0800 7f5571da4700 10 get_canon_resource(): dest=/[2409/test1/ 2019-10-08T15:00:45.853+0800 7f5571da4700 10 req 1 0.007999973s string_to_sign: GET application/octet-stream Tue, 08 Oct 2019 07:00:45 GMT /[2409/test1/ <== wrong here 2019-10-08T15:00:45.853+0800 7f5571da4700 15 req 1 0.007999973s s3:get_obj string_to_sign=GET application/octet-stream Tue, 08 Oct 2019 07:00:45 GMT /[2409/test1/ """