2260356 – [rgw] uploads with java and golang SDKs can fail when checksum is requested

Bug 2260356 - [rgw] uploads with java and golang SDKs can fail when checksum is requested

Summary: [rgw] uploads with java and golang SDKs can fail when checksum is requested

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	RGW
Sub Component:
Version:	6.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	5.3z7
Assignee:	Matt Benjamin (redhat)
QA Contact:	Tejas
Docs Contact:
URL:
Whiteboard:
Depends On:	2256967 2256969 2260354
Blocks:
TreeView+	depends on / blocked

Reported:	2024-01-25 15:29 UTC by Matt Benjamin (redhat)
Modified:	2024-06-26 10:01 UTC (History)
CC List:	10 users (show)
Fixed In Version:	ceph-16.2.10-263.el8cp
Doc Type:	Bug Fix
Doc Text:	Previously, Ceph Object gateway would not recognize `STREAMING-AWS4-HMAC-SHA256-PAYLOAD` and `STREAMING-UNSIGNED-PAYLOAD-TRAILER` encoding forms resulting in request failures. With this fix, the logic to recognize, parse, and wherever applicable, verify new trailing request signatures provided for the new encoding forms is implemented. The Ceph Object gateway now passes requests with well-formed payloads of the new stream encoding forms.
Clone Of:	2256969
Environment:
Last Closed:	2024-06-26 10:01:53 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	RHCEPH-8228	0	None	None	None	2024-01-25 15:34:51 UTC
Red Hat Product Errata	RHSA-2024:4118	0	None	None	None	2024-06-26 10:01:56 UTC

Description Matt Benjamin (redhat) 2024-01-25 15:29:04 UTC

+++ This bug was initially created as a clone of Bug #2256969 +++

+++ This bug was initially created as a clone of Bug #2256967 +++

Description of problem:
RGW lacks support for new content checksums, and, in particular, two new forms of AWS STREAMING request formats.

This bz tracks support for the new STREAMING-AWS4-HMAC-SHA256-PAYLOAD STREAMING-UNSIGNED-PAYLOAD-TRAILER forms, which introduce new aws-chunked behavior, which cause RGW to fail otherwise valid requests

--- Additional comment from RHEL Program Management on 2024-01-05 18:31:06 UTC ---

Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.

--- Additional comment from Madhavi Kasturi on 2024-01-17 00:53:08 UTC ---

Hi Matt,

Could you please share a reproducer to verify the fix.

Thanks,
Madhavi

--- Additional comment from errata-xmlrpc on 2024-01-17 04:34:37 UTC ---

This bug has been added to advisory RHBA-2024:126401 by Thomas Serlin (tserlin)

--- Additional comment from errata-xmlrpc on 2024-01-17 04:34:52 UTC ---

Bug report changed to ON_QA status by Errata System.
A QE request has been submitted for advisory RHBA-2024:126401-01
https://errata.engineering.redhat.com/advisory/126401

Comment 7 errata-xmlrpc 2024-06-26 10:01:53 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: Red Hat Ceph Storage 5.3 security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2024:4118

Note You need to log in before you can comment on or make changes to this bug.