Project

General

Profile

Bug #21581

encryption: reject requests that don't provide all expected headers

Added by Casey Bodley 3 months ago. Updated 2 months ago.

Status:
Pending Backport
Priority:
High
Assignee:
-
Target version:
-
Start date:
09/27/2017
Due date:
% Done:

0%

Source:
Tags:
Backport:
luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Release:
Needs Doc:
No

Description

If someone want to upload an object using server-side encryption with providing customer key or kms key id, but not specify the encryption mode in the "x-amz-server-side-encryption-customer-algorithm" or "x-amz-server-side-encryption", the object will be uploaded successfully without encryption.

This is not a correct way to deal with it. It is better to return error.


Related issues

Copied to rgw - Backport #21792: luminous: encryption: reject requests that don't provide all expected headers In Progress

History

#2 Updated by Matt Benjamin 2 months ago

  • Status changed from Verified to Testing

#3 Updated by Casey Bodley 2 months ago

  • Status changed from Testing to Pending Backport

#4 Updated by Nathan Cutler 2 months ago

  • Copied to Backport #21792: luminous: encryption: reject requests that don't provide all expected headers added

Also available in: Atom PDF