diff options
author | arzhna <arzhna@gmail.com> | 2020-07-22 09:49:17 +0900 |
---|---|---|
committer | Tim Burke <tburke@nvidia.com> | 2020-09-09 00:20:47 +0000 |
commit | a1e152e880804918d66caa71cd5e12e34e2c91f4 (patch) | |
tree | 839c807ab4f19e5deb72d1b9344049bf8636837c | |
parent | 8ed74c264605e12717c93e9b07f4ff50924e619f (diff) | |
download | swift-a1e152e880804918d66caa71cd5e12e34e2c91f4.tar.gz |
s3api: Allow lower-cased region name for AWS .NET SDK compatibility
When I call the S3 API using the AWS .NET SDK, I get the following error.
An error occurred (AuthorizationHeaderMalformed) when calling the
ListBuckets operation: The authorization header is malformed;
the region 'regionone' is wrong; expecting 'RegionOne'
The reason is that the AWS .NET SDK generates a signature by changing
the region name to lowercase. (AWS region names are all lowercase.)
The default region name of OpenStack is RegionOne, and custom region
names with capital letters can also be used.
If you set the location of the S3 API to a region name containing
uppercase letters, the AWS .NET SDK cannot be used.
There are two ways to solve this problem.
1. Force the location item of S3 API middleware setting to be set
to lower case.
2. If the request contains credentail parameters that contain the
lowercase region name, the region name of string_to_sign is
modified to lowercase to generate a valid signature.
I think the second way is to make it more compatible.
Closes-Bug: #1888444
Change-Id: Ifb58b854b93725ed2a1e3bbd87f447f2ab40ea91
(cherry picked from commit 3a6e85d9ec9a899c62400944832194b3c3a6a737)
-rw-r--r-- | swift/common/middleware/s3api/s3request.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/swift/common/middleware/s3api/s3request.py b/swift/common/middleware/s3api/s3request.py index 28e734f0b..3d7d461e0 100644 --- a/swift/common/middleware/s3api/s3request.py +++ b/swift/common/middleware/s3api/s3request.py @@ -283,6 +283,12 @@ class SigV4Mixin(object): if cred_param[key] != self.scope[key]: kwargs = {} if key == 'region': + # Allow lowercase region name + # for AWS .NET SDK compatibility + if not self.scope[key].islower() and \ + cred_param[key] == self.scope[key].lower(): + self.location = self.location.lower() + continue kwargs = {'region': self.scope['region']} raise AuthorizationQueryParametersError( invalid_messages[key] % (cred_param[key], self.scope[key]), @@ -325,6 +331,12 @@ class SigV4Mixin(object): if cred_param[key] != self.scope[key]: kwargs = {} if key == 'region': + # Allow lowercase region name + # for AWS .NET SDK compatibility + if not self.scope[key].islower() and \ + cred_param[key] == self.scope[key].lower(): + self.location = self.location.lower() + continue kwargs = {'region': self.scope['region']} raise AuthorizationHeaderMalformed( invalid_messages[key] % (cred_param[key], self.scope[key]), |