Merge pull request #1021 from michallula/master

fix issue with aws session token provided inside ~/.aws/credentials file
This commit is contained in:
Takeshi Nakatani 2019-04-28 11:03:48 +09:00 committed by GitHub
commit f2fe1738cd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 11 deletions

View File

@ -1205,6 +1205,7 @@ bool S3fsCurl::SetAccessKeyWithSessionToken(const char* AccessKeyId, const char*
AWSAccessKeyId = AccessKeyId;
AWSSecretAccessKey = SecretAccessKey;
AWSAccessToken = SessionToken;
S3fsCurl::is_use_session_token = true;
return true;
}
@ -1225,13 +1226,6 @@ bool S3fsCurl::SetIsIBMIAMAuth(bool flag)
return old;
}
bool S3fsCurl::SetIsUseSessionToken(bool flag)
{
bool old = S3fsCurl::is_use_session_token;
S3fsCurl::is_use_session_token = flag;
return old;
}
bool S3fsCurl::SetIsECS(bool flag)
{
bool old = S3fsCurl::is_ecs;

View File

@ -445,7 +445,6 @@ class S3fsCurl
static int SetMaxMultiRequest(int max);
static int GetMaxMultiRequest(void) { return S3fsCurl::max_multireq; }
static bool SetIsECS(bool flag);
static bool SetIsUseSessionToken(bool flag);
static bool SetIsIBMIAMAuth(bool flag);
static size_t SetIAMFieldCount(size_t field_count);
static std::string SetIAMCredentialsURL(const char* url);

View File

@ -4132,6 +4132,10 @@ static int read_aws_credentials_file(const std::string &filename)
return EXIT_FAILURE;
}
if (session_token.empty()) {
if (is_use_session_token) {
S3FS_PRN_EXIT("AWS session token was expected but wasn't provided in aws/credentials file for profile: %s.", aws_profile.c_str());
return EXIT_FAILURE;
}
if(!S3fsCurl::SetAccessKey(accesskey.c_str(), secret.c_str())){
S3FS_PRN_EXIT("failed to set internal data for access key/secret key from aws credential file.");
return EXIT_FAILURE;
@ -4280,8 +4284,6 @@ static int get_access_keys()
S3FS_PRN_INFO2("access key from env variables");
if (AWSSESSIONTOKEN != NULL) {
S3FS_PRN_INFO2("session token is available");
is_use_session_token = true;
S3fsCurl::SetIsUseSessionToken(true);
if (!S3fsCurl::SetAccessKeyWithSessionToken(AWSACCESSKEYID, AWSSECRETACCESSKEY, AWSSESSIONTOKEN)) {
S3FS_PRN_EXIT("session token is invalid.");
return EXIT_FAILURE;
@ -4719,7 +4721,6 @@ static int my_fuse_opt_proc(void* data, const char* arg, int key, struct fuse_ar
return 0;
}
if (0 == STR2NCMP(arg, "use_session_token")) {
S3fsCurl::SetIsUseSessionToken(true);
is_use_session_token = true;
}
if(0 == STR2NCMP(arg, "ibm_iam_endpoint=")){