On Fri, Aug 6, 2021 at 6:20 AM WeiGuo Ren <rwg1335252904@xxxxxxxxx> wrote:
>
> I want to test test_object_create_bad_md5_unreadable. but rgw send
> 400(e.status),rather than 403.I dont understand it. The code is.
> @tag('auth_common')
> @attr(resource='object')
> @attr(method='put')
> @attr(operation='create w/non-graphics in MD5')
> @attr(assertion='fails 403')
> @attr('fails_strict_rfc2616')
> @nose.with_setup(teardown=_clear_custom_headers)
> def test_object_create_bad_md5_unreadable():
> key = _setup_bad_object({'Content-MD5': '\x07'})
>
> e = assert_raises(boto.exception.S3ResponseError,
> key.set_contents_from_string, 'bar')
> eq(e.status, 403)
> eq(e.reason, 'Forbidden')
> assert e.error_code in ('AccessDenied', 'SignatureDoesNotMatch')
>
yes, that's expected. that test generates an invalid http request. as
of the nautilus release, both the civetweb and beast frontends of
radosgw reject that header during parsing, so return a 400 Bad Request
error instead of failing later in auth
that test_object_create_bad_md5_unreadable test case no longer exists
as of the ceph-octopus branch, where we switched to boto3 which
doesn't even let you send such a request. the remaining
'fails_strict_rfc2616' tests accept both 400 and 403 responses
