Bug #16806
openS3 API returns bad Canonical User ID
0%
Description
list all buckets request returs something like:
<?xml version="1.0" encoding="UTF-8"?> <ListAllMyBucketsResult xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Owner><ID>someowner</ID><DisplayName>SOMEOWNER</DisplayName></Owner>
note the
<ID>someowner</ID>
in our case "someowner" is our company name, and I think we configured it as our "realm"
But, according to S3 API docs owner id must be 64 char hex string:
http://docs.aws.amazon.com/general/latest/gr/acct-identifiers.html
===
The canonical user ID is a long string, such as
79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be.
===
http://docs.aws.amazon.com/AmazonS3/latest/dev/example-walkthroughs-managing-access-example4.html
====
The canonical user ID is the Amazon S3–only concept. It is s
64-character obfuscated version of the account ID.
====
I think CEPH should return 64 hex string in this case (and don't allow users to configure it to return something else).
Real problem with it, that at least one S3 client crash on this data, it expects 64 byte hex string.
Here is it, most popular Perl client library
https://metacpan.org/pod/Net::Amazon::S3
Here is the validation line:
https://metacpan.org/source/RCONOVER/Net-Amazon-S3-0.80/lib/Net/Amazon/S3/Client.pm#L12
Releted discussion:
http://lists.ceph.com/pipermail/ceph-users-ceph.com/2016-July/011574.html
Ceph version:
Version "ceph version 10.2.1 (3a66dd4f30852819c1bdaa8ec23c795d4ad77269)"
Updated by Robin Johnson over 7 years ago
I'd say it's a bug in the client library more than Ceph; and I've filed a bug with them
https://github.com/rustyconover/net-amazon-s3/issues/18
Updated by Gaudenz Steinlin almost 7 years ago
Just for the record it's not the realm but the UID of the user account which is shown in the ID field.
The S3 API docs are arguably a bit unclear about the exact format of this string. It does not say this will always be a 64 char hex string. But to be as compatible as possible it would be best if radosgw would also return some sort of hash of the uid with the same length as Amazon currently uses.