Commit Graph

1799 Commits

Author SHA1 Message Date
Andrew Gaul
d0363b118e
Add tests for curl_util (#1481) 2020-11-24 21:37:09 +09:00
Takeshi Nakatani
533322859d Added comment for nullPointerRedundantCheck/cppcheck2.2 2020-11-21 20:06:14 +09:00
Andrew Gaul
f8d5b76edb
Simplify handling of returned ETag (#1479)
This works around lifetime warnings uncovered by cppcheck.
References #1478.
2020-11-21 06:56:05 +09:00
Andrew Gaul
834862f8a4
Add S3_ENDPOINT test variable (#1476) 2020-11-15 22:10:26 +09:00
Takeshi Nakatani
d9f6469b7b Fixed flushing dirty data and compressed the cache size 2020-11-14 16:45:37 +09:00
Takeshi Nakatani
852e6ee4c6 Fixed .gitignore for src/test_string_util.cpp 2020-11-14 16:22:30 +09:00
Andrew Gaul
ecb24c9c26
Disable preprocessor warnings w/o optimizations (#1473)
This removes some fortify source warnings.  Also disable failing
memory sanitizer.
2020-11-09 21:48:07 +09:00
Andrew Gaul
543231c9f2
Address warnings from clang-tidy 11 (#1470) 2020-11-09 21:15:20 +09:00
Noah Meyerhans
d96a08d4ad fixup! Implement AWS IMDSv2 support 2020-11-07 14:48:52 +09:00
Noah Meyerhans
f2f930300a Implement AWS IMDSv2 support
AWS IMDSv2 is a session oriented method for retrieving instance metadata,
including IAM credentials, in Amazon EC2.  It is enabled by default in
non-enforcing mode in AWS (meaning it retains backwards compatibility with
existing IMDSv1 clients), but can be switched to enforcing mode, in which
clients are required to return API tokens with requests.

With this change, we implement support for IMDSv2 and enable it by default when
IAM roles are our source for authentication credentials.  In the event that
s3fs is running in cloud environment offering an IMDSv1-compatible API, we
support graceful fallback to that mode.  It can also be selected explicitly via
the imdsv1only mount option.

More details on IMDSv2 are available at
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instancedata-data-retrieval.html
and
https://aws.amazon.com/blogs/security/defense-in-depth-open-firewalls-reverse-proxies-ssrf-vulnerabilities-ec2-instance-metadata-service/

Signed-off-by: Noah Meyerhans <nmeyerha@amazon.com>
2020-11-07 14:48:52 +09:00
yoshihiko
81ad3ce0ae Fix directory authority 2020-11-07 14:47:53 +09:00
Takeshi Nakatani
38e1eaa8a3 Added logfile option for non-syslog logging 2020-10-19 20:10:19 +09:00
Andrew Gaul
6aa786b886
Flush dirty data after a writing a number of bytes (#1448)
This allows s3fs to write large files without consuming a large amount
of temporary local storage but can slow uploads due to server-side
copies.  References #617.  Fixed #1056.  Fixes #1257.
2020-10-13 22:30:42 +09:00
Takeshi Nakatani
58750cc441 Fixed a bug that symlink could not be read after restarting s3fs 2020-10-11 22:14:36 +09:00
Takeshi Nakatani
2188fb067e
Merge pull request #1446 from gaul/use-cache/relative-path
Allow relative path with use_path
2020-10-10 23:13:07 +09:00
Andrew Gaul
910255745e Allow relative path with use_path
Fixes #1161.
2020-10-10 18:13:23 +09:00
Takeshi Nakatani
cf86fa51b0
Merge pull request #1441 from gaul/coverity
Suppress false positive from Coverity
2020-10-04 23:44:51 +09:00
Takeshi Nakatani
a4e4ce8aea
Merge pull request #1440 from gaul/test/undefined-behavior-sanitizer
Add memory and undefined behavior sanitizer
2020-10-04 23:19:36 +09:00
Andrew Gaul
7f43b7fa53 Add memory and undefined behavior sanitizer
Remove Valgrind which duplicates the sanitizers and is much slower.
2020-10-04 22:55:27 +09:00
Takeshi Nakatani
0492f75197
Merge pull request #1439 from gaul/run-once
Protect curl_warnings_once with a mutex
2020-10-04 22:43:56 +09:00
Takeshi Nakatani
493cf20f95
Merge pull request #1435 from gaul/no-exceptions
Remove exceptions from s3fs_strtoofft
2020-10-04 22:19:25 +09:00
Andrew Gaul
3553fb65a0 Suppress false positive from Coverity 2020-10-04 14:58:13 +09:00
Takeshi Nakatani
059cc57ba6 Added atime and Corrected atime/mtime/ctime operations 2020-10-04 13:54:01 +09:00
Andrew Gaul
4df4ffe06f Protect curl_warnings_once with a mutex
This allows ThreadSanitizer to run without warnings.
2020-10-03 21:09:35 +09:00
Takeshi Nakatani
462347256d Changed the message level in the AutoFdEntity::GetFdEntity 2020-10-03 20:41:17 +09:00
Takeshi Nakatani
133feb67c3
Merge pull request #1434 from gaul/const-string
Use const std::string& where possible
2020-10-03 10:02:03 +09:00
Takeshi Nakatani
be308e9d11
Merge pull request #1436 from ggtakec/fix_code
Fixed signature error due to case of hex string
2020-10-03 03:44:49 +09:00
Takeshi Nakatani
2cf195741c Fixed signature error due to case of hex string 2020-10-02 18:09:13 +00:00
Takeshi Nakatani
f61baada46
Merge pull request #1433 from gaul/hex
Further simplify and centralize hex conversion
2020-10-03 00:34:02 +09:00
Takeshi Nakatani
6e1e0d1d31
Merge pull request #1432 from gaul/v2-or-v4
Add sigv4 flag and fix v4 regression
2020-10-03 00:09:55 +09:00
Takeshi Nakatani
66419e7292
Merge pull request #1431 from gaul/string/find_first_of
Prefer string::find_first_of(char) where possible
2020-10-02 23:42:17 +09:00
Takeshi Nakatani
9e998877e9
Merge pull request #1430 from gaul/ostringstream
Simplify use of ostringstream
2020-10-02 23:26:41 +09:00
Takeshi Nakatani
5ebd4039e6
Merge pull request #1426 from gaul/is_prefix
Call is_prefix instead of compare and substr
2020-10-02 23:03:10 +09:00
Andrew Gaul
3628b9d1e2 Remove exceptions from s3fs_strtoofft
Explicit return codes are simpler and safer.
2020-10-02 22:53:12 +09:00
Andrew Gaul
8d2bd874d7 Use const std::string& where possible
This hints to callers on usage.
2020-10-02 08:48:43 +09:00
Andrew Gaul
7e27c6cf7d Further simplify and centralize hex conversion 2020-10-01 23:31:06 +09:00
Andrew Gaul
b8ff4ede49 Sign GET requests with V4 signature correctly
This bug was previously masked by v2 fallback.  Fixes regression from
81805715bd.
2020-10-01 20:03:14 +09:00
Andrew Gaul
081d6c1245 Allow setting signature V4-only
Default to allowing V2 or V4.
2020-10-01 20:03:14 +09:00
Andrew Gaul
eb8004c355 Prefer string::find_first_of(char) where possible 2020-10-01 18:24:45 +09:00
Andrew Gaul
b3bf9f8f54 Simplify use of ostringstream
Resetting this does not re-use the underlying buffer so creating a new
ostringstream has similar efficiency.
2020-10-01 17:55:34 +09:00
Andrew Gaul
503c86bb8a Call is_prefix instead of compare and substr 2020-09-27 22:19:54 +09:00
Takeshi Nakatani
757f4caee8
Merge pull request #1425 from gaul/create-bucket/sse
Do not send SSE headers during bucket creation
2020-09-27 11:34:15 +09:00
Takeshi Nakatani
95fabd1f3a
Merge pull request #1423 from gaul/nettle
Fix MD5 when using gnutls with nettle
2020-09-27 11:17:55 +09:00
Takeshi Nakatani
0b42e08636
Merge pull request #1422 from gaul/c++/append-assign-at
Remove calls to append, assign, and at
2020-09-27 10:59:48 +09:00
Takeshi Nakatani
d5e4f99e72
Merge pull request #1413 from liuyongqing/master
not call put headers if not exist pending meta
2020-09-27 10:37:22 +09:00
Takeshi Nakatani
781d4dd857
Merge pull request #1424 from gaul/travis/ppc64
Disable builder for linux-ppc64le
2020-09-27 10:18:52 +09:00
Andrew Gaul
f35fe850c0 Do not send SSE headers during bucket creation
This allows integration tests to pass with use_sse.
2020-09-26 13:25:18 +09:00
Andrew Gaul
7102b9eb74 Disable builder for linux-ppc64le
This works around a travis-ci.com Java/S3Proxy incompatibility.  Also
fix vim formatting.  References #1415.
2020-09-25 23:25:36 +09:00
Andrew Gaul
9a55c9fd9f Fix MD5 when using gnutls with nettle
This matches the non-nettle definition of s3fs_md5_fd.
2020-09-25 23:07:50 +09:00
Neeraj Kumar Kashyap
041b4ec05c enforce exact key match in IBM IAM response 2020-09-25 22:41:19 +09:00