Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] - REST PutBucketPolicy MalformedPolicy wording with no brackets provided #965

Open
lrm25 opened this issue Nov 22, 2024 · 0 comments
Open

[Bug] - REST PutBucketPolicy MalformedPolicy wording with no brackets provided #965

lrm25 opened this issue Nov 22, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@lrm25
Copy link
Contributor

lrm25 commented Nov 22, 2024
edited
Loading

Describe the bug
If a REST PutBucketPolicy command with a policy missing enclosing brackets is sent, an error similar to the following is returned:

<?xml version="1.0" encoding="UTF-8"?>
   <Error><Code>MalformedPolicy</Code><Message>invalid character &#39;d&#39; looking for beginning of value</Message><Resource></Resource><RequestId></RequestId><HostId></HostId></Error>

Or if sending something that can be parsed into a valid go type, such as false:

<?xml version="1.0" encoding="UTF-8"?>
   <Error><Code>MalformedPolicy</Code><Message>json: cannot unmarshal bool into Go value of type auth.BucketPolicy</Message><Resource></Resource><RequestId></RequestId><HostId></HostId></Error>

Though this shouldn't be too hard to figure out for someone who understands how policies should look, it's a bit confusing. Direct-to-s3 returns a more descriptive error:

<?xml version="1.0" encoding="UTF-8"?>
   <Error><Code>MalformedPolicy</Code><Message>Policies must be valid JSON and the first byte must be '{'</Message><RequestId>4382A7S00G3WWJZQ</RequestId><HostId>foAWoxHONj6IxWw1I8h3+LfRuSRGfSIQo6cCuikazzy/MzNzygo9oP8xRpDOjrYNnacABlsArlU=</HostId></Error>

The error message can be changed to this to avoid confusion.

To Reproduce

  1. Start versitygw, e.g.: ./versitygw --access=AKIA**** --secret=******** --region=us-east-1 --cert /Users/lukemccrone/devel/versitygw/cert.pem --key /Users/lukemccrone/devel/versitygw/versitygw.pem posix --versioning-dir /tmp/versioning /tmp/gw
  2. Create bucket, e.g.: aws --no-verify-ssl s3api create-bucket --bucket versity-gwtest-bucket-one-1
  3. Attempt to run the script at https://github.com/versity/versitygw/blob/test/rest_put_bucket_policy/tests/rest_scripts/put_bucket_policy.sh with invalid policy data. The output should look like: curl -ks -w %{http_code} -X PUT https://localhost:7070/versity-gwtest-bucket-one-1?policy= -H Authorization: AWS4-HMAC-SHA256 Credential=********/20241122/us-east-1/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date,Signature=80f3ef779959b27958511885e19634a0cdd9c555d0656313145becf07d6aa5ef -H x-amz-content-sha256: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa -H x-amz-date: 20241122T165320Z -d false -o /Users/lukemccrone/devel/versitygw/versity-gwtest-files/result.txt

Expected behavior
The policy error should be clearer.

Server Version
Version : v1.0.8
Build : bacd85c
BuildTime: 2024-11-21_05:29:52PM
Darwin Lukes-MacBook-Pro.local 23.4.0 Darwin Kernel Version 23.4.0: Fri Mar 15 00:12:25 PDT 2024; root:xnu-10063.101.17~1/RELEASE_ARM64_T6030 arm64
@lrm25 lrm25 added the bug Something isn't working label Nov 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
VersityGW Project
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lrm25