Project

General

Profile

Actions

Bug #21581

closed

encryption: reject requests that don't provide all expected headers

Added by Casey Bodley over 6 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Target version:
-
% Done:

0%

Source:
Tags:
Backport:
luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

If someone want to upload an object using server-side encryption with providing customer key or kms key id, but not specify the encryption mode in the "x-amz-server-side-encryption-customer-algorithm" or "x-amz-server-side-encryption", the object will be uploaded successfully without encryption.

This is not a correct way to deal with it. It is better to return error.


Related issues 1 (0 open1 closed)

Copied to rgw - Backport #21792: luminous: encryption: reject requests that don't provide all expected headersResolvedAbhishek LekshmananActions
Actions #2

Updated by Matt Benjamin over 6 years ago

  • Status changed from 12 to 7
Actions #3

Updated by Casey Bodley over 6 years ago

  • Status changed from 7 to Pending Backport
Actions #4

Updated by Nathan Cutler over 6 years ago

  • Copied to Backport #21792: luminous: encryption: reject requests that don't provide all expected headers added
Actions #5

Updated by Nathan Cutler about 6 years ago

  • Status changed from Pending Backport to Resolved
Actions

Also available in: Atom PDF