[Cyberduck-trac] [Cyberduck] #10488: Ignores upload encryption policy when creating a Cryptomator Vault. User unable to create vault in bucket requiring `s3:x-amz-server-side-encryption": "AES256`
Cyberduck
trac at cyberduck.io
Wed Feb 13 19:48:51 UTC 2019
#10488: Ignores upload encryption policy when creating a Cryptomator Vault. User
unable to create vault in bucket requiring `s3:x-amz-server-side-
encryption": "AES256`
-----------------------------+-------------------------
Reporter: a.cyberduc.user | Owner: dkocher
Type: defect | Status: reopened
Priority: normal | Milestone: 6.8.1
Component: s3 | Version: 6.8.0
Severity: normal | Resolution:
Keywords: | Architecture:
Platform: macOS 10.14 |
-----------------------------+-------------------------
Changes (by a.cyberduc.user):
* status: closed => reopened
* resolution: fixed =>
Comment:
Hi. This is not solved, yet. When using Cyberduck to create a vault, the
encryption header is missing. The expected header is present in PUT
requests for ordinary files / folders, though.
I am using version `Version 6.9.0 (29768)`
Here is a log
{{{
## Create a new folder, test-folder - OK
PUT /test-folder/ HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:47 GMT
Expect: 100-continue
Content-Type: application/x-directory
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-server-side-encryption: AES256
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194347Z
Authorization: ********
Content-Length: 0
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
6iZZwctjRVLnk1+8LhS1M9UGFou2prhH1t5TVM8lwW13my31iETkB9RK6rvWsuVmSThdUPXzddg=
x-amz-request-id: 54FC4BD7AF01F90A
Date: Wed, 13 Feb 2019 19:43:48 GMT
x-amz-server-side-encryption: AES256
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Length: 0
Server: AmazonS3
GET /?max-keys=1000&prefix&delimiter=%2F HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:48 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194348Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
Cc2Ve72aMN7GJDwE/0ZPzrv2qTis2J8HmjBU86Cpw4d7rF50oyz/5HpgByJ/XnWI/XLgo+F5Wkc=
x-amz-request-id: 7C2914CCF580048D
Date: Wed, 13 Feb 2019 19:43:49 GMT
x-amz-bucket-region: us-west-1
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
GET /?uploads HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:48 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194348Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
Erk46ThMjSirJfpXjsUEUypOL7zYq8fuuuvI3/VnYIULhFEbGH4L8par0yywfJvP7npBekLt6M4=
x-amz-request-id: C975A0C117E61FFB
Date: Wed, 13 Feb 2019 19:43:49 GMT
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
GET /?max-keys=1000&prefix=test-folder%2F&delimiter=%2F HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:49 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194349Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
dtqfpSLacBiZGL0bKpduE9GCsCbhPXE3loKJ9Z0Qs04E8eRRoT/aJ6xLS2fgBFTrgvf1njaoGCM=
x-amz-request-id: 4E898610C9B07094
Date: Wed, 13 Feb 2019 19:43:50 GMT
x-amz-bucket-region: us-west-1
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
GET /?prefix=test-folder%2F&uploads HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:49 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194349Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
C+bZyDxdzrAYmFu3o9OHZQexvoG3Q6TyqBLBCZxsVoUk4AeqZQ10PIcx+bYFFOibEz0spQb+yvw=
x-amz-request-id: C2E06D84FDD32E26
Date: Wed, 13 Feb 2019 19:43:50 GMT
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
## Create a new file in test folder - OK
PUT /test-folder/test-file HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:56 GMT
Expect: 100-continue
Content-Type: application/octet-stream
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-server-side-encryption: AES256
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194356Z
Authorization: ********
Content-Length: 0
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
iDNn60IvqqagnMYEpaqkOGAHpxXLD5voXTfJhi5Y9yvY8hUfYcDZTOQmC3tQ4cXAMbRW4rIz31Q=
x-amz-request-id: AF426F1BD32A9446
Date: Wed, 13 Feb 2019 19:43:57 GMT
x-amz-server-side-encryption: AES256
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Length: 0
Server: AmazonS3
GET /?max-keys=1000&prefix=test-folder%2F&delimiter=%2F HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:56 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194356Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
hNNVi3rW3imRBdKV5C6WNUXVDYBPbWWAlezPxrkfHXDdUCE/OaTgzblh8FwXAeIkg82fN7WbJpE=
x-amz-request-id: 90C2B486AE8A5BD3
Date: Wed, 13 Feb 2019 19:43:57 GMT
x-amz-bucket-region: us-west-1
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
GET /?prefix=test-folder%2F&uploads HTTP/1.1
Date: Wed, 13 Feb 2019 19:43:56 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194356Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
B41MA4MoqiMTMCxAi4IvOYYssarfAHsKEQSevEnHw7oVOP0SSoXm1aO7GHEUO8C58skB1gt3EkI=
x-amz-request-id: BB8A031644C024A1
Date: Wed, 13 Feb 2019 19:43:57 GMT
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
## Create a new vault called test-vault in test folder - OK
PUT /test-folder/test-vault/ HTTP/1.1
Date: Wed, 13 Feb 2019 19:44:08 GMT
Expect: 100-continue
Content-Type: application/x-directory
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-server-side-encryption: AES256
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194408Z
Authorization: ********
Content-Length: 0
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
B6j8C357isrN0vlndXzWSlI6YIaeVsbztzkHhNWas+a2IuE5vseX4hNGYV2RXKLNA19VrFqubxo=
x-amz-request-id: 072913ADCA4A3A86
Date: Wed, 13 Feb 2019 19:44:09 GMT
x-amz-server-side-encryption: AES256
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Length: 0
Server: AmazonS3
## Attempt to PUT file - fails, as there is no x-amz-server-side-
encryption: AES256 header present
PUT /test-folder/test-vault/masterkey.cryptomator HTTP/1.1
Date: Wed, 13 Feb 2019 19:44:08 GMT
Expect: 100-continue
Content-Type: application/octet-stream
x-amz-content-sha256:
9708e5c71dc4e777e9122c96a8dc6b57128a42a79f4cea37db272104ff275488
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194408Z
Authorization: ********
Content-Length: 327
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
GET /?max-keys=1000&prefix=test-folder%2F&delimiter=%2F HTTP/1.1
Date: Wed, 13 Feb 2019 19:44:10 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194410Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
71Hw8puhYHWuT+EOxxPjGyNWcGM8mUtrxO+cdTgpElMub4H6iHupW9e62euvHZSS8tEEUbCzxAU=
x-amz-request-id: 92C2863BE11FCD6B
Date: Wed, 13 Feb 2019 19:44:11 GMT
x-amz-bucket-region: us-west-1
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
GET /?prefix=test-folder%2F&uploads HTTP/1.1
Date: Wed, 13 Feb 2019 19:44:10 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194410Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
5NFOClAvBd28YWdsOmPVFsi/q3eE6sVSBzjb/9EgTMAlvJYl7i8BdgVtgftO6G0VbcBG/EZgyU8=
x-amz-request-id: A8F8B340967412C1
Date: Wed, 13 Feb 2019 19:44:11 GMT
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
GET /?max-keys=1000&prefix=test-folder%2Ftest-vault%2F&delimiter=%2F
HTTP/1.1
Date: Wed, 13 Feb 2019 19:44:13 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194413Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
IsVqsdX1U+99Av/NBPcmCaCSGrHMR2bOPfPgboWdAyrdxKLjkp+KTdL982WDmIF26MLKarUiwiw=
x-amz-request-id: F0493B49F46F20B2
Date: Wed, 13 Feb 2019 19:44:14 GMT
x-amz-bucket-region: us-west-1
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
GET /?prefix=test-folder%2Ftest-vault%2F&uploads HTTP/1.1
Date: Wed, 13 Feb 2019 19:44:14 GMT
x-amz-request-payer: requester
x-amz-content-sha256:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Host: my-storage-bucket.s3.amazonaws.com
x-amz-date: 20190213T194414Z
Authorization: ********
Connection: Keep-Alive
User-Agent: Cyberduck/6.9.0.29768 (Mac OS X/10.14.3) (x86_64)
HTTP/1.1 200 OK
x-amz-id-2:
AVhhFYoS7TM4HHW5UpiFcSxuHwElf9GqMXxKlRxGWVtx6shU5+ITa8bnf/WI0sTos892yknVkXU=
x-amz-request-id: C1B7A6F1D5D0B6A2
Date: Wed, 13 Feb 2019 19:44:15 GMT
Content-Type: application/xml
Transfer-Encoding: chunked
Server: AmazonS3
}}}
--
Ticket URL: <https://trac.cyberduck.io/ticket/10488#comment:6>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list