Skip to content

Commit

Permalink
Revert "fix: check bucket owner permission"
Browse files Browse the repository at this point in the history 
This reverts commit 51d06a1.
  • Loading branch information
Saksham Bhalla committed Jan 14, 2025
1 parent 530a1f8 commit b53164d
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 22 deletions.
27 changes: 6 additions & 21 deletions api/src/gmsa_service.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2695,27 +2695,13 @@ std::string retrieve_credspec_from_s3( std::string s3_arn, std::string region,
std::cerr << objectName;
return dummy_credspec;
}

// regex for callerId
std::regex callerIdRegex( "^\\d{12}$" );
std::string callerId = get_caller_id( region, creds );
if ( callerId.empty() && !std::regex_match( callerId, callerIdRegex ) )
{
std::cerr << Util::getCurrentTime() << '\t'
<< "ERROR: Unable to get caller information" << std::endl;
return std::string( "" );
}

Aws::S3::S3Client s3Client(
credentials,
Aws::MakeShared<Aws::S3::S3EndpointProvider>( Aws::S3::S3Client::ALLOCATION_TAG ),
clientConfig );
Aws::S3::S3Client s3Client (credentials,Aws::MakeShared<Aws::S3::S3EndpointProvider>
(Aws::S3::S3Client::ALLOCATION_TAG), clientConfig);
Aws::S3::Model::GetObjectRequest request;
request.SetExpectedBucketOwner( callerId );
request.SetBucket( s3Bucket );
request.SetKey( objectName );
Aws::S3::Model::GetObjectOutcome outcome = s3Client.GetObject( request );

request.SetBucket(s3Bucket);
request.SetKey(objectName);
Aws::S3::Model::GetObjectOutcome outcome =
s3Client.GetObject(request);
if ( !outcome.IsSuccess() )
{
const Aws::S3::S3Error& err = outcome.GetError();
Expand Down Expand Up @@ -2824,5 +2810,4 @@ retrieve_credspec_from_secrets_manager( std::string sm_arn, std::string region,
}
return { "", "", "", "" };
}

#endif
2 changes: 1 addition & 1 deletion auth/kerberos/src/krb.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -631,4 +631,4 @@ std::vector<std::string> delete_krb_tickets( std::string krb_files_dir, std::str
return delete_krb_ticket_paths;
}
return delete_krb_ticket_paths;
}
}
1 change: 1 addition & 0 deletions common/daemon.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257,6 +257,7 @@ std::string generate_lease_id();

void clearString( std::string& str );


#if AMAZON_LINUX_DISTRO

std::string retrieve_credspec_from_s3( std::string s3_arn, std::string region,
Expand Down

0 comments on commit b53164d

Please sign in to comment.