Bug #61473
sse: rgw_crypt_default_encryption_key no longer applies default encryption
Status:
Pending Backport
Priority:
Normal
Assignee:
-
Target version:
-
% Done:
0%
Source:
Tags:
sse backport_processed
Backport:
quincy reef
Regression:
No
Severity:
3 - minor
Reviewed:
Description
it doesn't appear to be possible to trigger default encryption with rgw_crypt_default_encryption_key
any more
rgw_s3_prepare_encrypt()
only considers rgw_crypt_default_encryption_key
if
- the upload requests sse-s3 encryption with
x-amz-server-side-encryption: AES256
, and rgw_crypt_sse_s3_backend
is not set to "vault"
however, vault is the only valid value for the backend (enforced by enum_values), so the rgw_crypt_default_encryption_key
logic is unreachable
i believe this default encryption key is intended to apply to all requests that don't specify another encryption method
Related issues
History
#1 Updated by Casey Bodley 10 months ago
- Status changed from New to Fix Under Review
- Pull request ID set to 51786
#2 Updated by Casey Bodley 9 months ago
- Backport set to quincy reef
#3 Updated by Casey Bodley 8 months ago
- Status changed from Fix Under Review to Pending Backport
#4 Updated by Backport Bot 8 months ago
- Copied to Backport #62310: quincy: sse: rgw_crypt_default_encryption_key no longer applies default encryption added
#5 Updated by Backport Bot 8 months ago
- Copied to Backport #62311: reef: sse: rgw_crypt_default_encryption_key no longer applies default encryption added
#6 Updated by Backport Bot 8 months ago
- Tags changed from sse to sse backport_processed