Project

General

Profile

Bug #23663

libcurl ignores headers with empty value, leading to signature mismatches

Added by Casey Bodley over 2 years ago. Updated almost 2 years ago.

Status:
Resolved
Priority:
High
Assignee:
Target version:
-
% Done:

0%

Source:
Tags:
curl multisite
Backport:
jewel, luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature:

Description

From https://curl.haxx.se/libcurl/c/CURLOPT_HTTPHEADER.html:

If you add a header with no content as in 'Accept:' (no data on the right side of the colon), the internally used header will get disabled. With this option you can add new headers, replace internal headers and remove internal headers. To add a header with no content (nothing to the right side of the colon), use the form 'MyHeader;' (note the ending semicolon).

This shows up in multisite when requests are forwarded to the master zone. If the original request has a header in x_meta_map with an empty value, it's included in our signature but isn't actually sent over the wire. The receiver is then unable to calculate the correct signature.


Related issues

Copied to rgw - Backport #23906: luminous: libcurl ignores headers with empty value, leading to signature mismatches Resolved
Copied to rgw - Backport #23907: jewel: libcurl ignores headers with empty value, leading to signature mismatches Rejected

History

#1 Updated by Casey Bodley over 2 years ago

  • Description updated (diff)

#2 Updated by Casey Bodley over 2 years ago

  • Status changed from New to Fix Under Review

#3 Updated by Orit Wasserman over 2 years ago

  • Status changed from Fix Under Review to 17

#4 Updated by Matt Benjamin over 2 years ago

  • Backport set to jewel, luminous

#5 Updated by Casey Bodley over 2 years ago

  • Status changed from 17 to Pending Backport

#6 Updated by Nathan Cutler over 2 years ago

  • Copied to Backport #23906: luminous: libcurl ignores headers with empty value, leading to signature mismatches added

#7 Updated by Nathan Cutler over 2 years ago

  • Copied to Backport #23907: jewel: libcurl ignores headers with empty value, leading to signature mismatches added

#8 Updated by Nathan Cutler almost 2 years ago

  • Status changed from Pending Backport to Resolved

Also available in: Atom PDF