Re: Signature V2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I already created a ticket for this issue.
http://tracker.ceph.com/issues/17076

The complete logfile should be in this ticket.

Jan Hugo


Jan Hugo Prins


On 08/22/2016 10:36 PM, Gregory Farnum wrote:
> On Thu, Aug 18, 2016 at 11:42 AM, jan hugo prins <jprins@xxxxxxxxxxxx> wrote:
>> I have been able to reproduce the error and create a debug log from the
>> failure.
>> I can't post the debug log here because there is sensitive information
>> in the debug log like access keys etc.
>> Where can I send this log for analysis? And who is able to have a look
>> at this?
> I can't do anything useful with this, but you can upload the log with
> ceph-post-file and it will only be accessible to upstream Ceph devs.
> Then create a ticket under the RGW project at tracker.ceph.com
> pointing to the files (ceph-post-file will give you a UUID).
> -Greg
>
>> A small part of the debug log without stripped of sensitive information:
>>
>> 2016-08-18 17:26:33.864658 7ff155ffb700 10 -----------------------------
>> Verifying signatures
>> 2016-08-18 17:26:33.864659 7ff155ffb700 10 Signature     =
>> abbeb6af798b2aad58cd398491698f863253f3859d22b4c9558cc808159d256d
>> 2016-08-18 17:26:33.864660 7ff155ffb700 10 New Signature =
>> e13d83bcd1f52103e9056add844e0037accb71436faee1a3e0048dd6c25cd4b6
>> 2016-08-18 17:26:33.864661 7ff155ffb700 10 -----------------------------
>> 2016-08-18 17:26:33.864664 7ff155ffb700 20 delayed aws4 auth failed
>> 2016-08-18 17:26:33.864674 7ff155ffb700  2 req 624:0.000642:s3:PUT
>> /Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg:put_obj:completing
>> 2016-08-18 17:26:33.864749 7ff155ffb700  2 req 624:0.000717:s3:PUT
>> /Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg:put_obj:op status=-2027
>> 2016-08-18 17:26:33.864757 7ff155ffb700  2 req 624:0.000726:s3:PUT
>> /Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg:put_obj:http status=403
>> 2016-08-18 17:26:33.864762 7ff155ffb700  1 ====== req done
>> req=0x7ff155ff5710 op status=-2027 http_status=403 ======
>> 2016-08-18 17:26:33.864776 7ff155ffb700 20 process_request() returned -2027
>> 2016-08-18 17:26:33.864801 7ff155ffb700  1 civetweb: 0x7ff1f8003e80:
>> 192.168.2.59 - - [18/Aug/2016:17:26:33 +0200] "PUT
>> /Photos/Options/xxxxxxxxxxxxxxxxx/180x102.jpg HTTP/1.1" 403 0 - -
>>
>>
>> Jan Hugo Prins
>>
>>
>> On 08/18/2016 01:32 PM, jan hugo prins wrote:
>>> did some more searching and according to some info I found RGW should
>>> support V4 signatures.
>>>
>>> http://tracker.ceph.com/issues/10333
>>> http://tracker.ceph.com/issues/11858
>>>
>>> The fact that everyone still modifies s3cmd to use Version 2 Signatures
>>> suggests to me that we have a bug in this code.
>>>
>>> If I use V4 signatures most of my requests work fine, but some requests
>>> fail on a signature error.
>>>
>>> Thanks,
>>> Jan Hugo Prins
>>>
>>>
>>> On 08/18/2016 12:46 PM, jan hugo prins wrote:
>>>> Hi everyone.
>>>>
>>>> To connect to my S3 gateways using s3cmd I had to set the option
>>>> signature_v2 in my s3cfg to true.
>>>> If I didn't do that I would get Signature mismatch errors and this seems
>>>> to be because Amazon uses Signature version 4 while the S3 gateway of
>>>> Ceph only supports Signature Version 2.
>>>>
>>>> Now I see the following error in a Jave project we are building that
>>>> should talk to S3.
>>>>
>>>> Aug 18, 2016 12:12:38 PM org.apache.catalina.core.StandardWrapperValve
>>>> invoke
>>>> SEVERE: Servlet.service() for servlet [Default] in context with path
>>>> [/VehicleData] threw exception
>>>> com.betterbe.vd.web.servlet.LsExceptionWrapper: xxxxxxxxxxxxxxxxxxxxxxx
>>>> caused: com.amazonaws.services.s3.model.AmazonS3Exception: null
>>>> (Service: Amazon S3; Status Code: 400; Error Code:
>>>> XAmzContentSHA256Mismatch; Request ID:
>>>> tx000000000000000002cc6-0057b58a15-25bba-default), S3 Extended Request
>>>> ID: 25bba-default-default
>>>>         at
>>>> com.betterbe.vd.web.dataset.requesthandler.DatasetRequestHandler.handle(DatasetRequestHandler.java:262)
>>>>         at com.betterbe.vd.web.servlet.Servlet.handler(Servlet.java:141)
>>>>         at com.betterbe.vd.web.servlet.Servlet.doPost(Servlet.java:110)
>>>>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>>>>
>>>> To me this looks a bit the same, though I'm not a Java developer.
>>>> Am I correct, and if so, can I tell the Java S3 client to use Version 2
>>>> signatures?
>>>>
>>>>
>> --
>> Met vriendelijke groet / Best regards,
>>
>> Jan Hugo Prins
>> Infra and Isilon storage consultant
>>
>> Better.be B.V.
>> Auke Vleerstraat 140 E | 7547 AN Enschede | KvK 08097527
>> T +31 (0) 53 48 00 694 | M +31 (0)6 26 358 951
>> jprins@xxxxxxxxxxxx | www.betterbe.com
>>
>> This e-mail is intended exclusively for the addressee(s), and may not
>> be passed on to, or made available for use by any person other than
>> the addressee(s). Better.be B.V. rules out any and every liability
>> resulting from any electronic transmission.
>>
>>
>>
>> _______________________________________________
>> ceph-users mailing list
>> ceph-users@xxxxxxxxxxxxxx
>> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
>>

-- 
Met vriendelijke groet / Best regards,

Jan Hugo Prins
Infra and Isilon storage consultant

Better.be B.V.
Auke Vleerstraat 140 E | 7547 AN Enschede | KvK 08097527
T +31 (0) 53 48 00 694 | M +31 (0)6 26 358 951
jprins@xxxxxxxxxxxx | www.betterbe.com

This e-mail is intended exclusively for the addressee(s), and may not
be passed on to, or made available for use by any person other than 
the addressee(s). Better.be B.V. rules out any and every liability 
resulting from any electronic transmission.

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com



[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux