This simplifies the code and fixes an issue with unlocked access.
Also use a recursive lock for StatCache to avoid races between
lock..unlock..lock sequences.
Both S3fsCurl::PutRequest and S3fsCurl::UploadMultipartPostSetup can
calculate and send Content-MD5 to the server. Remove spurious comment
about large files and make man page and help consistent.
References #929.
Previously s3fs experienced data loss when writing to the middle of a
file. Corrupt files would have the expected data from 0..offset+size
but unexpected NUL bytes from offset+size..EOF. References #808.
Previously s3fs would issue a batch of HEAD requests and wait for all
to succeed before issuing the next batch. Now it issues the first
batch and only waits for a single call to succeed before issuing the
next call. This can improve performance when one call lags due to
network errors. I measured 25% improvement with the same level of
parallelism. This commit also reparents parallelism knobs for
consistency. Follows on to 88cd8feb05.
Fixes#223.
Previously this appended to an empty list, zeroed the list, then
appended to the list. Instead zero the list first and then append.
This also enables sending Content-MD5 which can eagerly detect
transmission errors. Found via Valgrind.
Previously s3fs considered 3xx codes as successful. When writing an
object to a misconfigured region, s3fs did not propagate the 301 as a
write error to the client. References #693.
Sorry for answering late, have been busy lately.
The comment is: "Nextcloud stores Directory objects with this mime type when mounting a Bucket as external Storage"
Previously s3fs would issue a batch of uploads and wait for all to
succeed before issuing the next batch. Now it issues the first batch
and only waits for a single part to succeed before uploading the next
part. This can improve performance when one part lags due to network
errors. Fixes#183.
This matches the configuration from popular tools like AWS CLI and
allows multiple profile names via -o profile=name. The existing
credential mechanisms continue to work. Fixes#822.
Addresses GCC 8 warning:
common_auth.cpp: In function ‘std::__cxx11::string s3fs_sha256sum(int, off_t, ssize_t)’:
common_auth.cpp:84:12: warning: ‘char* strncat(char*, const char*, size_t)’ output may be truncated copying 2 bytes from a string of length 2 [-Wstringop-truncation]
strncat(sha256, hexbuf, 2);
Amazon SSE-C https://tinyurl.com/ychug4cg writes:
> Use this header to provide the 256-bit, base64-encoded encryption key
> for Amazon S3 to use to encrypt or decrypt your data.
It seems likely that future keys would be as long, or longer, so
this change assumes that text longer than 32 characters are keys
that are base64 encoded.
Signed-off-by: Earl Chew <earl_chew@yahoo.com>
Without this change, the following warning appears in the syslog/journal
during startup:
Libgcrypt warning: missing initialization - please fix the application
From the [documentation][0]:
> The function `gcry_check_version` initializes some subsystems used by
> Libgcrypt and must be invoked before any other function in the
> library.
Fixes#524, which says:
> gnutls is initialized by gnutls_global_init() function and
> gcry_check_version() function for initializing libgcry is called from
> this gnutls_global_init().
I checked the gnutls source and it hasn't contained a call to
gcry_check_version() since the libgcrypt backend was removed in 2011
(commit 8116cdc8f131edd586dad3128ae35dd744cfc32f). In any case, the
gcry_check_version() documentation continues:
> It is important that these initialization steps are not done by a
> library but by the actual application.
so it would be incorrect for a library used by s3fs to initialize
libgcrypt.
[0]: https://www.gnupg.org/documentation/manuals/gcrypt/Initializing-the-library.html
the original implementation in get_base_exp() depends on the order of xml return from the server.
patriotically, when listing a directory with sub directory(s), the xml document response contains more than 2 <Prefix> nodes(some of them are in <CommonPrefixes> node).
the source code arbitrarily select the first one in the documents (nodes->nodeTab[0]->xmlChildrenNode).
some s3 compatible service return the list-bucket result in different result, leading the s3fs to a wrong behavior
There were multiple problems with the FdManager::GetFreeDiskSpace() function
on macOS:
1) When calling statvfs(), f_frsize should be used instead of f_bsize when
converting available blocks to bytes. This was causing the free space
calculation to be incorrect.
2) On macOS, fsblkcnt_t is a 32-bit integer. Thus, when calculating available
disk space, there were frequently overflows. This caused s3fs to incorrectly
determine that the cache location was out of space in the middle of a transfer
which caused uploads to fail. Changing this to a uint64_t resolves the
problem.
This protects private data when used over the public Internet. Users
can opt-in to unencrypted HTTP if they need additional performance on
a local network. Fixes#282.
Using "mount -a" fails for already-mounted s3fs directories,
because s3fs mount arguments don't match the form in /etc/mtab.
Calling "mount -a" should quietly succeed when a directory is
already mounted.
To fix this, accept mount commands of the form:
s3fs s3fs /srv/object-store -o bucket=mybucket
or in /etc/fstab form:
s3fs /srv/object-store fuse.s3fs bucket=mybucket 0 0
This matches the form in /etc/mtab and allows "mount -a" to
work properly.
When using an instance with an IAM Role, transient credentials can be
found in http://169.254.169.254/latest/meta-data/ at
iam/security-credentials/role-name and s3fs tries to do this. However,
it is using the profile-name where role-name is needed. In many cases
the role and profile name are the same, but they are not always.
The simplest way to find the role name appears to be to GET
http://169.254.169.254/latest/meta-data/iam/security-credentials/
itself, which returns a listing of the role names for which temporary
credentials exist. (I think there will probably only be one, but we
probably want to split on newlines and take the first one here in case
that assumption is not valid). This is the approach the AWS SDK appears
to use (based on WireShark analysis).
Bug: https://github.com/s3fs-fuse/s3fs-fuse/issues/421
Signed-off-by: Nathaniel W. Turner <nate@houseofnate.net>
If user specifies iam_role=auto (or just iam_role), credentials will not
be loaded during early phase, so skip credential checks there.
Signed-off-by: Nathaniel W. Turner <nate@houseofnate.net>
For ListBucketResult on an empty directory, AWS S3 and S3Proxy 1.4
differ. AWS will match the directory name, S3Proxy does not.
Changing max-keys=1 to max-keys-2 works for both implementations.
append_objects_from_xml() will swallow the directory key. The log
level of this message is changed from ERROR to DBG.
Fixes#345
When the prefetch size is limited to the multipart size, the entire parallel logic of the read flow does not have an opportunity to use parallel get.
This fix increases the read performance significantly over our own s3 on-premise solution.
This allows retries of multi-part uploads instead of discovering a
fatal error during complete multipart upload. Also enable Content-MD5
for integration tests and refactor hexadecimal code.
Previously AutoLock::Lock allowed subsequent callers to proceed
without the lock. Further is_locked was not always protected by
auto_mutex. Finally AutoLock eagerly released auto_mutex when
recursively unlocking. s3fs does not need recursive locks so we
rewrite and simplify AutoLock. Partially surfaced by Coverity.
These system calls take an extra 'position' parameter on OS X. A
non-zero position value is only valid for resource forks (the Darwin
VFS layer will reject anything else with EINVAL); this patch simply
adds and ignores the parameter on Apple platforms.
Allows building against OSXFUSE.
This also encodes asterisk and tilde correctly when listing a file
with a V4 auth endpoint. Also add tests for special characters
although s3proxy does not yet support V4 auth.
Fixes#188. Fixes#194.
change the minimum version of fuse required. Change the
checkers to use a variable for the minimum fuse version
instead of it being hardcoded in four different places.
src/s3fs.cpp: Use __APPLE__ define around fuse code that
is offensive to osxfuse. Not including the code doesn't
seem to matter.
Buckets with mixed-case names can't be accessed with the virtual-hosted
style API due to DNS limitations. S3FS has an option for
pathrequeststyle which is used for the URL, but it was not applied when
building the endpoint passed through the Host header. Fix this, and
relax the validation on bucket names when using this style.
See: http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Query parameters need a trailing = for V4 signatures. Send correct
content-sha256 although Amazon does not seem to enforce this for
zero-length bodies. Finally remove a stale comment. Fixes#133.
nautilus does this when you drag and drop to overwrite a file:
1) create .goutputstream-XXXXXX to write to
2) fsync the fd for .goutputstream-XXXXXX
3) rename .goutputstream-XXXXXX to target file
4) close the fd for .goutputstream-XXXXXX
previously, doing this on s3fs would result in an empty target file
because after the rename, s3fs would not flush the content of
.goutputstream-XXXXXX to target file.
this change moves the FdEntity from the old path to the new path
whenever rename happens. On flush s3fs would now flush the correct
content to the rename target.
Subsequent commits will use this infrastructure. Also reparent
prepare_url which relies on unrelated bucket, foreground2, and
pathrequeststyle symbols.
The space causes signature mismatch when using "ahbe_conf" file to add additional headers.When s3 use the" x-amaz" header to calculates the signature, the format is as follow:
PUT
application/octet-stream
Wed, 05 Nov 2014 03:05:08 GMT
x-amz-acl:private
x-amz-meta-gid:0
x-amz-meta-mode:33188
x-amz-meta-mtime:1415156708
x-amz-meta-uid:0
There is no space after colon.
When the scheme is omitted in URL overriding (for example `example.com`
instead of `https://example.com`), s3fs is modifying the URL by
inserting `s3.` in the middle of the name (`examples3..com`).
This can be a bit difficult to troubleshoot and curl seems to handle
schema-less requests just fine. So, just handle this case correctly.
Previously S3fsMultiCurl::MultiRead did not report read errors since
it did not treat failed callback setup as a fatal operation error.
Failed callback setups usually result from exceeding the number of
allowed retries. Previously cp did not report an error during a
network outage but now does:
$ cp ~/s3-path/s3-file .
cp: error reading ‘/home/gaul/s3-path/s3-file’: Input/output error
cp: failed to extend ‘./s3-file’: Input/output error
Rather than using virtual host style requests, path style requests can be used
instead.
i.e. rather than bucketname.s3.amazon.com/... the s3fs will be able to request
from s3.amazon.com/bucketname/...
This is useful for S3 compatible APIs which don't support the virtual host style
request.
It is enabled with the new option, `use_path_style_request`.
Example:
/usr/bin/s3fs data ~/netcdf -o url="https://swift.rc.nectar.org.au:8888/" -o use_path_request_style -o allow_other -o uid=500 -o gid=500
1) Changed condition for retrying multipart error
Changes condition that 404 is not retrying, other case is retrying,
when multipart request failed.
2) file type wrong
fdcache.h file type is wrong, so that fixed it.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@498 df820570-a93a-0410-bd06-b72b767a4274
* Fixed a bug
Fixes a bug that is dead loop when s3fs listed in a directory with
directory objects which was not object(no information).
This bug made by r493, and reported by issue 389.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@497 df820570-a93a-0410-bd06-b72b767a4274
1) Changed buffer size for file size
Changes a internal buffer size from size_t to offt_t.
It is a bug for 32 bit OS enviroment.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@496 df820570-a93a-0410-bd06-b72b767a4274
1) Overflow
About over 4GB file, when st_size which is member stat structure,
the value is overflow.
Fixed this bug and fixed like this bug in all sources.
2) Changed retrying request
If s3fs gets 500 HTTP status for multipart request, s3fs retry
to send same request.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@495 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed bugs
* Rename objects
Fixes s3fs specifies wrong part number of multipart rename.
And s3fs adds x-amz-acl and x-amz-server-side-encryption
header when rename objects.
2) Changed retry logic for multipart uploading(and renaming)
Sometimes, s3fs gets 400 HTTP response for one of part from
S3 when s3fs uploads a large object by multipart.
New logic retries uploading failed part until "retries"
option count.
3) Added action on utility mode.
s3fs have had utility mode for displaying the result of REST
listing multipart uploading.
Changed this row result(xml) to list, after that, s3fs starts
conversation for removing it.
Then you can remove the object which is failed uploading by
multipart, and do not need to pay for that ever.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@493 df820570-a93a-0410-bd06-b72b767a4274
* Fixed a bug
Fixes a bug that the retrying multipart post request is not
complete, then it is fixed.
This is reported by Issue 371#32.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@492 df820570-a93a-0410-bd06-b72b767a4274
* Fixed a bug
Fixes a bug that is mis-coding about retrying Multipart Post.
This is reported by Issue 371#28.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@491 df820570-a93a-0410-bd06-b72b767a4274
1) Supported IAM role
Supports IAM role by option, that is instead of AccessKeyID/
SecretAccessKey.
Adds new option "iam_role" which is specified as IAM role
name.(like s3fs-c)
git-svn-id: http://s3fs.googlecode.com/svn/trunk@490 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed a bug(about public_bucket)
Fixes a bug that public_bucket option does not work.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@489 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed a bug(about curl_off_t)
Fixes a bug which is not use cast to curl_off_t from off_t(ssize_t)
at calling curl_easy_setopt with CURLOPT_POSTFIELDSIZE and
CURLOPT_INFILESIZE_LARGE.
Maybe this forgot cast occurred issue 471(failed multipart uploading).
git-svn-id: http://s3fs.googlecode.com/svn/trunk@488 df820570-a93a-0410-bd06-b72b767a4274
1) Changed debug message level
Changes a level and format for a debugging message about
parallel multipart upload in curl.cpp
git-svn-id: http://s3fs.googlecode.com/svn/trunk@487 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed Issue 371
Fixes a bug which is wrong return value in s3fs_truncate function(mis-coding).
Issue 371: ftruncate failed
git-svn-id: http://s3fs.googlecode.com/svn/trunk@486 df820570-a93a-0410-bd06-b72b767a4274
1) Re-Fixed Issue 368
Changes that s3fs checks always object stat information before opening it.
Then the object updates other s3fs process or other client, s3fs can know
it.
(Issue 368)1.73: Updating existing file on server 'a' does not change length
of file on server 'b'
git-svn-id: http://s3fs.googlecode.com/svn/trunk@485 df820570-a93a-0410-bd06-b72b767a4274
1) fixed a bug
fixes a code in s3fs.cpp.
It freed memory twice because of careless.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@484 df820570-a93a-0410-bd06-b72b767a4274
1) Changed codes about memory leak
For memory leak, below codes are changed.
* calls malloc_trim function
* calls initializing NSS function, and adds configure
option "--enable-nss-init".
If libcurl is with NSS, s3fs initializes NSS manually.
This initializing NSS is enabled by "--enable-nss-init"
option at configure. if this option is specified, you
need "nss-devel" package.
* calls initializing libxml2(xmlInitParser).
* BIO functions have memory leak, calls CRYPTO_free_ex_data.
* changes cache structure.
* changes cache out logic to LRU.
* sets alignment for allcated memory in body data structure.
* adds ssl session into share handle. and adds nosscache option.
* deletes unused allocated memory.(bug)
* changes defaule parallel count of head request in readdir
(500->20)
* fixes some bugs.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@482 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed Issue 368
Fixed a bug that s3fs could not update local cache.
(Issue 368)1.73: Updating existing file on server 'a' does not change length of file on server 'b'
git-svn-id: http://s3fs.googlecode.com/svn/trunk@481 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed Issue 321
Fixed a bug that a value of umask option is not reflected
definitely.
(Issue 321) no write permission for non-root user
2) Fixed a bug about utimens
Fixed a bug that utimens function cloud not set value to the
other user's object which does not allowed writable.
3) Strictly option check.
Fixed checking s3fs options strictly.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@480 df820570-a93a-0410-bd06-b72b767a4274
1) Changed codes about initializing curl and openSSL
s3fs before this change called curl_global_init() two times
with curl_global_cleanup(). After reviewing this processing,
s3fs calls curl_global_init() one time.
Then s3fs_check_service function which checks user bucket
existing is called after calling fuse.
So this new processing does not have a problem, the codes
updated.
And about initializing openSSL(CRYPTO), old s3fs called only
static locking callback function(ex. CRYPTO_set_locking_callback()).
Added calling dynamic locking callback function for CRYPTO
(ex. CRYPTO_set_dynlock_lock_callback()).
git-svn-id: http://s3fs.googlecode.com/svn/trunk@479 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed codes
Fixed compiling error on 32bit, which specified wrong dev_t format
on 32bit.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@478 df820570-a93a-0410-bd06-b72b767a4274
1) Added debugging message in s3fs_getattr
If s3fs runs with "f2" option for deep debugging message, s3fs_getattr
puts debugging message as file's uid/gid/mode.
2) Added curldbg option
Added new option "curldbg" which is for debugging curl http/https
information.
It implements by CURLOPT_VERBOSE on curl_easy_setopt function.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@474 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed Issue 363
Fixed a bug which has below reason.
Fuse does not wait finishing "release file descriptor" function
called by fuse, and fuse runs(calls) next processing(commands).
Then s3fs could not clear stats cache information for that file
before calling next processing, and s3fs uses old stats cache
information.
So that, s3fs clears stats cache in release function at first.
And found two bad codes(but these codes do not influence normal
movement) in fdcache.cpp and fixed these.
Issue 363: make check failing inconsistently
git-svn-id: http://s3fs.googlecode.com/svn/trunk@471 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed Issue 321(#30)
Fixed a bug(mis-coding).
Issue 321(#30): no write permission for non-root user
2) Fixed Issue 365
Fixed a bug(mis-coding).
Issue 365: there is a logical error in s3fs-1.72 s3fs.cpp:2865
git-svn-id: http://s3fs.googlecode.com/svn/trunk@470 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed a bug
Fixed bugs(mis-coding) which is wrong prototype for md5hexsum, md5sum functions.
Issue 361: complie time error after running #make
Issue 360: 1.72 Will not compile on Ubuntu 12.04.2 (precise) i686
And fixed a code for initializing enum member in S3fsCurl class.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@469 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed a bug
s3fs was wrong for request retry processing so far.
It was fixed.
Probably, Issue 343(1.7 having curl 35 + other disconnect issue) is
occurred by this bug.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@468 df820570-a93a-0410-bd06-b72b767a4274
1) "virtual hosted-style request" for checking bucket
Old version calls "path-style request" for checking bucket at
initializing, then after this revision s3fs requests "virtual
hosted-style request".
This change is related to
"Operation not permitted - on any operation(Issue 362)".
2) Changed debugging message level
Changed debugging message level in prepare_url() from DPRNNN
to FPRNINFO.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@467 df820570-a93a-0410-bd06-b72b767a4274
1) Fixed bugs
Fixes below bugs( format error and undefined fund ).
* 1.72 Will not compile on Ubuntu 12.04.2 (precise) i686(Issue 360)
* complie time error after running #make(Issue 361)
I'll close these Issue if I can confirm that these problem was solved.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@466 df820570-a93a-0410-bd06-b72b767a4274
1) Set metadata "Content-Encoding" automatically(Issue 292)
For this issue, s3fs is added new option "ahbe_conf".
New option means the configuration file path, and this file specifies
additional HTTP header by file(object) extension.
Thus you can specify any HTTP header for each object by extension.
* ahbe_conf file format:
-----------
line = [file suffix] HTTP-header [HTTP-header-values]
file suffix = file(object) suffix, if this field is empty,
it means "*"(all object).
HTTP-header = additional HTTP header name
HTTP-header-values = additional HTTP header value
-----------
* Example:
-----------
.gz Content-Encoding gzip
.Z Content-Encoding compress
X-S3FS-MYHTTPHEAD myvalue
-----------
A sample configuration file is uploaded in "test" directory.
If ahbe_conf parameter is specified, s3fs loads it's configuration
and compares extension(suffix) of object(file) when uploading
(PUT/POST) it. If the extension is same, s3fs adds/sends specified
HTTP header and value.
A case of sample configuration file, if a object(it's extension is
".gz") which already has Content-Encoding HTTP header is renamed
to ".txt" extension, s3fs does not set Content-Encoding. Because
".txt" is not match any line in configuration file.
So, s3fs matches the extension by each PUT/POST action.
* Please take care about "Content-Encoding".
This new option allows setting ANY HTTP header by object extension.
For example, you can specify "Content-Encoding" for ".gz"/etc
extension in configuration. But this means that S3 always returns
"Content-Encoding: gzip" when a client requests with other
"Accept-Encoding:" header. It SHOULD NOT be good.
Please see RFC 2616.
2) Changes about allow_other/uid/gid option for mount point
I reviewed about mount point permission and allow_other/uid/gid
options, and found bugs about these.
s3fs is fixed bugs and changed to the following specifications.
* s3fs only allows uid(gid) options as 0(root), when the effective
user is zero(root).
* A mount point(directory) must have a permission to allow
accessing by effective user/group.
* If allow_other option is specified, the mount point permission
is set 0777(all users allow all access).
In another case, the mount point is set 0700(only allows
effective user).
* When uid/gid option is specified, the mount point owner/group
is set uid/gid option value.
If uid/gid is not set, it is set effective user/group id.
This changes maybe fixes some issue(321, 338).
3) Changes a logic about (Issue 229)
The chmod command returns -EIO when changing the mount point.
It is correct, s3fs can not changed owner/group/mtime for the
mount point, but s3fs sends a request for changing the bucket.
This revision does not send the request, and returns EIO as
soon as possible.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@465 df820570-a93a-0410-bd06-b72b767a4274
1) Patch in support for special file and block device types( Issue 355 )
Patched codes, and s3fs can make special files on S3.
git-svn-id: http://s3fs.googlecode.com/svn/trunk@460 df820570-a93a-0410-bd06-b72b767a4274
