New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
org.apache.httpcomponents:httpclient:4.5.7 breaks fetching S3 objects with consecutive slashes in the key #1919
Comments
@akhaku Thank you for the detailed report! Using Based on the resolution of [2] https://issues.apache.org/jira/browse/HTTPCLIENT-1968, we'll keep an eye on the next |
I am seeing this issue ("AmazonS3Exception: The request signature we calculated does not match the signature you provided.") on S3 key that contains "+" character (that seems the only thing out of ordinary) - like "2019/a+b/item". Could it be related? The regression is caused by upgrading to Spring Boot 2.1.3 which brings in (version manages) httpclient:jar:4.5.7 (from 4.5.6). |
@valters yes, it looks like keys containing special characters like |
The problem persists with |
Indeed - #1966 will fix it, just waiting for them to take a look. |
…v4.5.7 See aws/aws-sdk-java#1919 for more details.
This error also comes up while we we call getBootstrapBrokers on AWS MSK(managed streaming kafka). |
Status update: We opened a ticket with Apache asking to change the normalization default value to Then, while working on the solution, @varunnvs92 found a bug in This bug was fixed and merged, but now the solution on the SDK side is blocked by the next release of We are actively working to fix this. Thank you for your patience. |
…v4.5.7 See aws/aws-sdk-java#1919 for more details.
…v4.5.7 See aws/aws-sdk-java#1919 for more details.
What is the last version of AWS SDK that does not have this issue? I have a setup, where upgrading Apache httpclient is not possible, but downgrading AWS SDK is. |
@ursNiemi What version of And just to be clear, the issue was not in SDK but in the changed behavior in Apache |
Saw the following error in some logs: Sep 10, 2020 3:19:25 PM com.amazonaws.http.apache.utils.ApacheUtils noSuchMethodThrownByNormalizeUriInvoker WARNING: NoSuchMethodException was thrown when disabling normalizeUri. This indicates you are using an old version (< 4.5.8) of Apache http client. It is recommended to use http client version >= 4.5.9 to avoid the breaking change introduced in apache client 4.5.7 and the latency in exception handling. See aws/aws-sdk-java#1919 for more information
Saw the following error in some logs: Sep 10, 2020 3:19:25 PM com.amazonaws.http.apache.utils.ApacheUtils noSuchMethodThrownByNormalizeUriInvoker WARNING: NoSuchMethodException was thrown when disabling normalizeUri. This indicates you are using an old version (< 4.5.8) of Apache http client. It is recommended to use http client version >= 4.5.9 to avoid the breaking change introduced in apache client 4.5.7 and the latency in exception handling. See aws/aws-sdk-java#1919 for more information
…thodException was thrown when disabling normalizeUri. This indicates you are using an old version (< 4.5.8) of Apache http client. It is recommended to use http client version >= 4.5.9 to avoid the breaking change introduced in apache client 4.5.7 and the latency in exception handling. See aws/aws-sdk-java#1919 for more information
org.apache.httpcomponents:httpclient:4.5.7 made a change[1] to url rewriting (used when executing a request) where it normalizes the provided urls by removing empty path segments (effectively collapsing consecutive slashes into a single slash).
S3 supports objects with consecutive slashes, but because of this behaviour change in httpclient, you can no longer fetch those objects with the AWS SDK, since the url httpclient makes a request to is different. On a side note, the manifestation of this issue is a signature mismatch, since the signature calculated by the SDK uses double slashes but when httpclient hits the path without double slashes, the calculated signature is different.
It looks like there's some debate on it now and they're actually working on making normalization optional[2], so once that's released we can update the RequestConfig[3] to disable normalization and revert to the previous behaviour[3].
Example stack trace showing the code path to slash collapsing:
1: https://issues.apache.org/jira/browse/HTTPCLIENT-1960, apache/httpcomponents-client@8c04c6a
2: https://issues.apache.org/jira/browse/HTTPCLIENT-1968, apache/httpcomponents-client@4093a30
3: https://github.com/aws/aws-sdk-java/blob/1.11.502/aws-java-sdk-core/src/main/java/com/amazonaws/http/AmazonHttpClient.java#L1282
The text was updated successfully, but these errors were encountered: