Actions
Bug #64084
openMissing validation for request header x_amz_content_sha256
% Done:
0%
Source:
Tags:
sigv4 backport_processed
Backport:
quincy reef
Regression:
No
Severity:
3 - minor
Reviewed:
Description
"When the value of the x_amz_content_sha256 request header in the request is incorrect, the response status code is 200 OK, which does not meet the expected outcome."
When the value of x_amz_content_sha256 is a non-64-character length string, the result returned upon sending a request to create a bucket is as follows
@18d470fd3a9d ▶ sh create_bucket_ceph.sh * Trying 127.0.0.1:8000... * Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0) > PUT /bkbk2 HTTP/1.1 > Host: 127.0.0.1:8000 > User-Agent: curl/7.76.1 > Accept: */* > Authorization: AWS4-HMAC-SHA256 Credential=user1/20240118/default/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=460f797c5cc316d6686fc9d60cf6e7bf5440292341faf20e94ec37efe5a34fa9 > x-amz-content-sha256: hudiepwhfrue45w > X-Amz-Date: 20240118T080246Z > * Mark bundle as not supporting multiuse < HTTP/1.1 200 OK < x-amz-request-id: tx00000b6cdb4d31b0106b0-0065a8db26-4137-default < Server: Ceph Object Gateway (squid) < Content-Length: 0 < Date: Thu, 18 Jan 2024 08:02:48 GMT < Connection: Keep-Alive < * Connection #0 to host 127.0.0.1 left intact
When the value of the x-amz-content-sha256 request header is incorrect, bkbk2 successfully creates the bucket without validating the request header.
Files
Actions