Project

General

Profile

Download (2.18 KB)

Bug #19739 ยป content-md5-bug.php

Marcin Gibula, 04/21/2017 12:22 PM

 
<?php

// Use existing non-empty random content file
$TEST_FILE = 'test-file';

$BUCKET = 'BUCKETNAME';
$AWS_HOST = 'ENDPOINT_URL';
$AWS_ACCESS_KEY = 'ACCESS-KEY';
$AWS_SECRET_ACCESS = 'SECRET_KEY';

$AWS_URL = "http://$BUCKET.$AWS_HOST";

function test_upload($key, $path, $checksum) {
global $AWS_URL, $BUCKET, $AWS_ACCESS_KEY, $AWS_SECRET_ACCESS;

$expires = strftime('%Y-%m-%dT%H:%M:%SZ', time()+30);

$policy = [
"expiration" => $expires,
"conditions" => [
["bucket" => $BUCKET],
["starts-with", '$key', ""],
["acl" => "public-read"],
["starts-with", '$Content-Type', ""],
['success_action_status' => '201'],
["starts-with", '$Content-MD5', ""]
]
];

$policy = base64_encode(json_encode($policy));
$signature = base64_encode(hash_hmac('sha1', $policy, $AWS_SECRET_ACCESS, true));

$data['Signature'] = $signature;
$data['AWSAccessKeyId'] = $AWS_ACCESS_KEY;
$data['Policy'] = $policy;
$data['acl'] = 'public-read';
$data['success_action_status'] = 201;
$data['Key'] = $key;
$data['file'] = "@/".realpath($path);
$data['Content-MD5'] = $checksum;

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL,$AWS_URL);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("Expect: ", "Content-type: multipart/form-data"));
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);

$verbose = fopen('php://temp', 'rw+');
curl_setopt($ch, CURLOPT_STDERR, $verbose);

if (curl_exec ($ch)) {
rewind($verbose);
$verboseLog = stream_get_contents($verbose);
echo $verboseLog;
} else {
echo "curl execution failed\n";
echo curl_error($ch) . "\n";
}
}

echo "Uploading file with good checksum...\n";
test_upload('good-md5', $TEST_FILE, base64_encode(md5_file($TEST_FILE, true)));

echo "Uploading file with bad checksum...\n";
test_upload('bad-md5', $TEST_FILE, base64_encode(md5('foo', true)));
    (1-1/1)