Actions
Fix #41376
closedSanitize HTTP_X_AUTH_TOKEN http header element to remove trailing <CR> and <LF> characters
% Done:
0%
Source:
Support
Tags:
Backport:
Reviewed:
Affected Versions:
Description
The trailing <CR> and <LF> characters in HTTP_X_AUTH_TOKEN http header
cause swift requests to fail authentication
2019-08-18 19:24:19.045115 7fd50dd99700 20 HTTP_X_AUTH_TOKEN=AUTH_rgwtk110000006c626865616c746863686b3a7377696674b12a50488693ce3ba22f5b5d6d00221faa0e55d983da2f4d2821c4de915b3346398bfaee^M
^^
2019-08-18 19:24:19.045118 7fd50dd99700 20 REQUEST_METHOD=GET
2019-08-18 19:21:58.988801 7fd50ed9b700 10 op=24RGWGetObj_ObjStore_SWIFT
2019-08-18 19:21:58.988802 7fd50ed9b700 2 req 31:0.000067:swift:GET /swift/v1/1-5SIIR/b59fc18a-8b68-4c41-a0dd-5075fc0d9705:get_obj:verifying requester
2019-08-18 19:21:58.988805 7fd50ed9b700 20 rgw::auth::swift::DefaultStrategy: trying rgw::auth::swift::TempURLEngine
2019-08-18 19:21:58.988807 7fd50ed9b700 20 rgw::auth::swift::TempURLEngine denied with reason=-13
2019-08-18 19:21:58.988808 7fd50ed9b700 20 rgw::auth::swift::DefaultStrategy: trying rgw::auth::swift::SignedTokenEngine
2019-08-18 19:21:58.988811 7fd50ed9b700 20 rgw::auth::swift::SignedTokenEngine denied with reason=-1
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2019-08-18 19:21:58.988813 7fd50ed9b700 20 rgw::auth::swift::DefaultStrategy: trying rgw::auth::swift::SwiftAnonymousEngine
2019-08-18 19:21:58.988814 7fd50ed9b700 20 rgw::auth::swift::SwiftAnonymousEngine denied with reason=-1
2019-08-18 19:21:58.988815 7fd50ed9b700 5 Failed the auth strategy, reason=-1
2019-08-18 19:21:58.988816 7fd50ed9b700 10 failed to authorize request
2019-08-18 19:24:19.045334 7fd50dd99700 1 ====== req done req=0x7fd50dd92f70 op status=0 http_status=401 ======
Updated by Mark Kogan about 4 years ago
- Status changed from In Progress to Rejected
- Backport deleted (
nautilus)
Per internal discussion, this fix was rejected as not relevant upstream.
Actions