Actions
Bug #61473
opensse: rgw_crypt_default_encryption_key no longer applies default encryption
Status:
Pending Backport
Priority:
Normal
Assignee:
-
Target version:
-
% Done:
0%
Source:
Tags:
sse backport_processed
Backport:
quincy reef
Regression:
No
Severity:
3 - minor
Reviewed:
Description
it doesn't appear to be possible to trigger default encryption with rgw_crypt_default_encryption_key
any more
rgw_s3_prepare_encrypt()
only considers rgw_crypt_default_encryption_key
if
- the upload requests sse-s3 encryption with
x-amz-server-side-encryption: AES256
, and rgw_crypt_sse_s3_backend
is not set to "vault"
however, vault is the only valid value for the backend (enforced by enum_values), so the rgw_crypt_default_encryption_key
logic is unreachable
i believe this default encryption key is intended to apply to all requests that don't specify another encryption method
Updated by Casey Bodley 12 months ago
- Status changed from New to Fix Under Review
- Pull request ID set to 51786
Updated by Casey Bodley 10 months ago
- Status changed from Fix Under Review to Pending Backport
Updated by Backport Bot 10 months ago
- Copied to Backport #62310: quincy: sse: rgw_crypt_default_encryption_key no longer applies default encryption added
Updated by Backport Bot 10 months ago
- Copied to Backport #62311: reef: sse: rgw_crypt_default_encryption_key no longer applies default encryption added
Updated by Backport Bot 10 months ago
- Tags changed from sse to sse backport_processed
Actions