Re: Signature V2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I have been able to reproduce the error and create a debug log from the
failure.
I can't post the debug log here because there is sensitive information
in the debug log like access keys etc.
Where can I send this log for analysis? And who is able to have a look
at this?
A small part of the debug log without stripped of sensitive information:

2016-08-18 17:26:33.864658 7ff155ffb700 10 -----------------------------
Verifying signatures
2016-08-18 17:26:33.864659 7ff155ffb700 10 Signature     =
abbeb6af798b2aad58cd398491698f863253f3859d22b4c9558cc808159d256d
2016-08-18 17:26:33.864660 7ff155ffb700 10 New Signature =
e13d83bcd1f52103e9056add844e0037accb71436faee1a3e0048dd6c25cd4b6
2016-08-18 17:26:33.864661 7ff155ffb700 10 -----------------------------
2016-08-18 17:26:33.864664 7ff155ffb700 20 delayed aws4 auth failed
2016-08-18 17:26:33.864674 7ff155ffb700  2 req 624:0.000642:s3:PUT
/Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg:put_obj:completing
2016-08-18 17:26:33.864749 7ff155ffb700  2 req 624:0.000717:s3:PUT
/Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg:put_obj:op status=-2027
2016-08-18 17:26:33.864757 7ff155ffb700  2 req 624:0.000726:s3:PUT
/Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg:put_obj:http status=403
2016-08-18 17:26:33.864762 7ff155ffb700  1 ====== req done
req=0x7ff155ff5710 op status=-2027 http_status=403 ======
2016-08-18 17:26:33.864776 7ff155ffb700 20 process_request() returned -2027
2016-08-18 17:26:33.864801 7ff155ffb700  1 civetweb: 0x7ff1f8003e80:
192.168.2.59 - - [18/Aug/2016:17:26:33 +0200] "PUT
/Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg HTTP/1.1" 403 0 - -


Jan Hugo Prins


On 08/18/2016 01:32 PM, jan hugo prins wrote:
> did some more searching and according to some info I found RGW should
> support V4 signatures.
>
> http://tracker.ceph.com/issues/10333
> http://tracker.ceph.com/issues/11858
>
> The fact that everyone still modifies s3cmd to use Version 2 Signatures
> suggests to me that we have a bug in this code.
>
> If I use V4 signatures most of my requests work fine, but some requests
> fail on a signature error.
>
> Thanks,
> Jan Hugo Prins
>
>
> On 08/18/2016 12:46 PM, jan hugo prins wrote:
>> Hi everyone.
>>
>> To connect to my S3 gateways using s3cmd I had to set the option
>> signature_v2 in my s3cfg to true.
>> If I didn't do that I would get Signature mismatch errors and this seems
>> to be because Amazon uses Signature version 4 while the S3 gateway of
>> Ceph only supports Signature Version 2.
>>
>> Now I see the following error in a Jave project we are building that
>> should talk to S3.
>>
>> Aug 18, 2016 12:12:38 PM org.apache.catalina.core.StandardWrapperValve
>> invoke
>> SEVERE: Servlet.service() for servlet [Default] in context with path
>> [/VehicleData] threw exception
>> com.betterbe.vd.web.servlet.LsExceptionWrapper: xxxxxxxxxxxxxxxxxxxxxxx
>> caused: com.amazonaws.services.s3.model.AmazonS3Exception: null
>> (Service: Amazon S3; Status Code: 400; Error Code:
>> XAmzContentSHA256Mismatch; Request ID:
>> tx000000000000000002cc6-0057b58a15-25bba-default), S3 Extended Request
>> ID: 25bba-default-default
>>         at
>> com.betterbe.vd.web.dataset.requesthandler.DatasetRequestHandler.handle(DatasetRequestHandler.java:262)
>>         at com.betterbe.vd.web.servlet.Servlet.handler(Servlet.java:141)
>>         at com.betterbe.vd.web.servlet.Servlet.doPost(Servlet.java:110)
>>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>>
>> To me this looks a bit the same, though I'm not a Java developer.
>> Am I correct, and if so, can I tell the Java S3 client to use Version 2
>> signatures?
>>
>>

-- 
Met vriendelijke groet / Best regards,

Jan Hugo Prins
Infra and Isilon storage consultant

Better.be B.V.
Auke Vleerstraat 140 E | 7547 AN Enschede | KvK 08097527
T +31 (0) 53 48 00 694 | M +31 (0)6 26 358 951
jprins@xxxxxxxxxxxx | www.betterbe.com

This e-mail is intended exclusively for the addressee(s), and may not
be passed on to, or made available for use by any person other than 
the addressee(s). Better.be B.V. rules out any and every liability 
resulting from any electronic transmission.


Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux