[HDDS-4006] Disallow MPU on encrypted buckets. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.0.0
Component/s: None
Labels:
- pull-request-available

Target Version/s:

1.0.0

Description

With ~~HDDS-3612~~ buckets created via ozone are also accessible via S3.
This has caused a problem when the bucket is encrypted, the keys are not encrypted on disk.

2 Issues:
1. On OM, for each part a new encryption info is generated. During complete Multipart upload, the encryption info is not stored in KeyInfo.
2. On the client, for part upload, the encryption info is silently ignored.

If we don't throw an error, on an encrypted bucket, key data is not encrypted on disks.
For 0.6.0 release, we can mark this as not supported, and this will be fixed in next release by ~~HDDS-4005~~

Attachments

Issue Links

is a clone of

HDDS-4005 Support S3 MPU on encrypted buckets

Resolved

links to

GitHub Pull Request #1241

Activity

People

Assignee:: Bharat Viswanadham

Reporter:: Bharat Viswanadham

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 22/Jul/20 18:22

Updated:: 23/Jul/20 16:51

Resolved:: 23/Jul/20 16:51