yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1473042] Re: s3 token authentication doesn't support v4 protocol

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Tim Burke <tim@xxxxxxxxxxxxxx>
Date: Mon, 24 Sep 2018 19:04:44 -0000
Reply-to: Bug 1473042 <1473042@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I believe this only required changes in swift3 and keystone;
keystonemiddleware just passed everything on to the server. At any rate,
if there's more work to be done, it's Swift's problem now; see
https://github.com/openstack/swift3/commit/b626a3c and
https://github.com/openstack/swift/commit/636b922

** Changed in: keystonemiddleware
       Status: Triaged => Invalid

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Identity (keystone).
https://bugs.launchpad.net/bugs/1473042

Title:
  s3 token authentication doesn't support v4 protocol

Status in OpenStack Identity (keystone):
  Fix Released
Status in keystonemiddleware:
  Invalid

Bug description:
  Amazon has several versions of signature for requests.
  Now s3_token middleware supports only first s3 signature version.

  It will be good if s3_token middleware will support v4 version.
  http://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html
  http://docs.aws.amazon.com/AmazonS3/latest/API/bucket-policy-s3-sigv4-conditions.html
  openstack/nova and stackforge/ec2-api projects don't have authenticatoin, so these projects can use keystone middleware if it will has v4 auth.

  Also stackforge/swift3 now uses keystone middleware and has a bug
  https://bugs.launchpad.net/swift3/+bug/1411078

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1473042/+subscriptions