From 5e601e2863011ec38e6d03d376992d74dcced969 Mon Sep 17 00:00:00 2001 From: Aravindan Vijayan Date: Wed, 8 Jul 2020 15:14:13 -0700 Subject: [PATCH 1/2] HDDS-3765. Fluentd writing to secure Ozone S3 API fails with 500 Error. --- .../main/smoketest/security/ozone-secure-s3.robot | 12 ++++++++++++ .../hadoop/ozone/s3/AWSV4SignatureProcessor.java | 8 +------- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot b/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot index 5103e80279c2..d5935c01ec27 100644 --- a/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot +++ b/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot @@ -24,6 +24,8 @@ Test Timeout 5 minutes *** Variables *** ${ENDPOINT_URL} http://s3g:9878 +${TEMPDIR} /tmp +${TEST_FILE} NOTICE.txt *** Keywords *** Setup volume names @@ -38,6 +40,16 @@ Secure S3 test Success ${output} = Execute aws s3api --endpoint-url ${ENDPOINT_URL} list-buckets Should contain ${output} bucket-test123 +Secure S3 put-object test + ${testFilePath} = Set Variable ${TEMPDIR}/${TEST_FILE} + Copy File ${TEST_FILE} ${testFilePath} + ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} put-object --bucket=bucket-test123 --key=tmp1/tmp2/NOTICE.txt --body=${testFilePath} + ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} list-objects --bucket=bucket-test123 + Should contain ${output} tmp1/tmp2/NOTICE.txt + ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} put-object --bucket=bucket-test123 --key=tmp3//tmp4/NOTICE.txt --body=${testFilePath} + ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} list-objects --bucket=bucket-test123 + Should contain ${output} tmp3//tmp4/NOTICE.txt + Secure S3 test Failure Run Keyword Setup dummy credentials for S3 ${rc} ${result} = Run And Return Rc And Output aws s3api --endpoint-url ${ENDPOINT_URL} create-bucket --bucket bucket-test123 diff --git a/hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/AWSV4SignatureProcessor.java b/hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/AWSV4SignatureProcessor.java index 099221daa380..1ff1a72575b7 100644 --- a/hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/AWSV4SignatureProcessor.java +++ b/hadoop-ozone/s3gateway/src/main/java/org/apache/hadoop/ozone/s3/AWSV4SignatureProcessor.java @@ -104,13 +104,7 @@ public void init() this.queryMap = context.getUriInfo().getQueryParameters(); - try { - this.uri = new URI(context.getUriInfo().getRequestUri() - .getPath().replaceAll("\\/+", - "/")).normalize().getPath(); - } catch (URISyntaxException e) { - throw S3_AUTHINFO_CREATION_ERROR; - } + this.uri = context.getUriInfo().getRequestUri().getPath(); this.method = context.getMethod(); if (v4Header == null) { From 3a28b07468b3fc369008efdd44baa62a18a7af7a Mon Sep 17 00:00:00 2001 From: Aravindan Vijayan Date: Thu, 9 Jul 2020 07:45:07 -0700 Subject: [PATCH 2/2] Add test case for leading '/'. --- .../dist/src/main/smoketest/security/ozone-secure-s3.robot | 3 +++ 1 file changed, 3 insertions(+) diff --git a/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot b/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot index d5935c01ec27..70bade5f1e85 100644 --- a/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot +++ b/hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-s3.robot @@ -49,6 +49,9 @@ Secure S3 put-object test ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} put-object --bucket=bucket-test123 --key=tmp3//tmp4/NOTICE.txt --body=${testFilePath} ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} list-objects --bucket=bucket-test123 Should contain ${output} tmp3//tmp4/NOTICE.txt + ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} put-object --bucket=bucket-test123 --key=//tmp5/tmp6/NOTICE.txt --body=${testFilePath} + ${output} = Execute aws s3api --endpoint ${ENDPOINT_URL} list-objects --bucket=bucket-test123 + Should contain ${output} //tmp5/tmp6/NOTICE.txt Secure S3 test Failure Run Keyword Setup dummy credentials for S3