mirror of
https://github.com/s3fs-fuse/s3fs-fuse.git
synced 2024-12-23 09:18:55 +00:00
fix issue with aws session token provided inside ~/.aws/credentials file
This commit is contained in:
parent
8e86ef1634
commit
0d4847596e
@ -1205,6 +1205,7 @@ bool S3fsCurl::SetAccessKeyWithSessionToken(const char* AccessKeyId, const char*
|
|||||||
AWSAccessKeyId = AccessKeyId;
|
AWSAccessKeyId = AccessKeyId;
|
||||||
AWSSecretAccessKey = SecretAccessKey;
|
AWSSecretAccessKey = SecretAccessKey;
|
||||||
AWSAccessToken = SessionToken;
|
AWSAccessToken = SessionToken;
|
||||||
|
S3fsCurl::is_use_session_token = true;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1225,13 +1226,6 @@ bool S3fsCurl::SetIsIBMIAMAuth(bool flag)
|
|||||||
return old;
|
return old;
|
||||||
}
|
}
|
||||||
|
|
||||||
bool S3fsCurl::SetIsUseSessionToken(bool flag)
|
|
||||||
{
|
|
||||||
bool old = S3fsCurl::is_use_session_token;
|
|
||||||
S3fsCurl::is_use_session_token = flag;
|
|
||||||
return old;
|
|
||||||
}
|
|
||||||
|
|
||||||
bool S3fsCurl::SetIsECS(bool flag)
|
bool S3fsCurl::SetIsECS(bool flag)
|
||||||
{
|
{
|
||||||
bool old = S3fsCurl::is_ecs;
|
bool old = S3fsCurl::is_ecs;
|
||||||
|
@ -445,7 +445,6 @@ class S3fsCurl
|
|||||||
static int SetMaxMultiRequest(int max);
|
static int SetMaxMultiRequest(int max);
|
||||||
static int GetMaxMultiRequest(void) { return S3fsCurl::max_multireq; }
|
static int GetMaxMultiRequest(void) { return S3fsCurl::max_multireq; }
|
||||||
static bool SetIsECS(bool flag);
|
static bool SetIsECS(bool flag);
|
||||||
static bool SetIsUseSessionToken(bool flag);
|
|
||||||
static bool SetIsIBMIAMAuth(bool flag);
|
static bool SetIsIBMIAMAuth(bool flag);
|
||||||
static size_t SetIAMFieldCount(size_t field_count);
|
static size_t SetIAMFieldCount(size_t field_count);
|
||||||
static std::string SetIAMCredentialsURL(const char* url);
|
static std::string SetIAMCredentialsURL(const char* url);
|
||||||
|
@ -4132,6 +4132,10 @@ static int read_aws_credentials_file(const std::string &filename)
|
|||||||
return EXIT_FAILURE;
|
return EXIT_FAILURE;
|
||||||
}
|
}
|
||||||
if (session_token.empty()) {
|
if (session_token.empty()) {
|
||||||
|
if (is_use_session_token) {
|
||||||
|
S3FS_PRN_EXIT("AWS session token was expected but wasn't provided in aws/credentials file for profile: %s.", aws_profile.c_str());
|
||||||
|
return EXIT_FAILURE;
|
||||||
|
}
|
||||||
if(!S3fsCurl::SetAccessKey(accesskey.c_str(), secret.c_str())){
|
if(!S3fsCurl::SetAccessKey(accesskey.c_str(), secret.c_str())){
|
||||||
S3FS_PRN_EXIT("failed to set internal data for access key/secret key from aws credential file.");
|
S3FS_PRN_EXIT("failed to set internal data for access key/secret key from aws credential file.");
|
||||||
return EXIT_FAILURE;
|
return EXIT_FAILURE;
|
||||||
@ -4280,8 +4284,6 @@ static int get_access_keys()
|
|||||||
S3FS_PRN_INFO2("access key from env variables");
|
S3FS_PRN_INFO2("access key from env variables");
|
||||||
if (AWSSESSIONTOKEN != NULL) {
|
if (AWSSESSIONTOKEN != NULL) {
|
||||||
S3FS_PRN_INFO2("session token is available");
|
S3FS_PRN_INFO2("session token is available");
|
||||||
is_use_session_token = true;
|
|
||||||
S3fsCurl::SetIsUseSessionToken(true);
|
|
||||||
if (!S3fsCurl::SetAccessKeyWithSessionToken(AWSACCESSKEYID, AWSSECRETACCESSKEY, AWSSESSIONTOKEN)) {
|
if (!S3fsCurl::SetAccessKeyWithSessionToken(AWSACCESSKEYID, AWSSECRETACCESSKEY, AWSSESSIONTOKEN)) {
|
||||||
S3FS_PRN_EXIT("session token is invalid.");
|
S3FS_PRN_EXIT("session token is invalid.");
|
||||||
return EXIT_FAILURE;
|
return EXIT_FAILURE;
|
||||||
@ -4719,7 +4721,6 @@ static int my_fuse_opt_proc(void* data, const char* arg, int key, struct fuse_ar
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
if (0 == STR2NCMP(arg, "use_session_token")) {
|
if (0 == STR2NCMP(arg, "use_session_token")) {
|
||||||
S3fsCurl::SetIsUseSessionToken(true);
|
|
||||||
is_use_session_token = true;
|
is_use_session_token = true;
|
||||||
}
|
}
|
||||||
if(0 == STR2NCMP(arg, "ibm_iam_endpoint=")){
|
if(0 == STR2NCMP(arg, "ibm_iam_endpoint=")){
|
||||||
|
Loading…
Reference in New Issue
Block a user