search

iterate-ch / cyberduck

Cyberduck is a libre FTP, SFTP, WebDAV, Amazon S3, Backblaze B2, Microsoft Azure & OneDrive and OpenStack Swift file transfer client for Mac and Windows.
https://cyberduck.io/
GNU General Public License v3.0
3.35k stars 292 forks source link

s3 .aws/credentials files don't accept .ini comments #12792

Closed bgdnlp closed 2 years ago

bgdnlp commented 2 years ago

Describe the bug CyberDuck refuses to connect to S3 if ~/.aws/config or ~/.aws/credentials contain files without =, like comments.

To Reproduce Steps to reproduce the behavior:

  1. Create an S3 connection based on profile, not key. Like STS
  2. In ~/.aws/config or ~/.aws/credentials add any comment, like 
    [preview]
; enable SimpleDB support on the CLI
sdb = true
  3. Connect

Expected behavior Comments should be accepted

Screenshots

image

Desktop (please complete the following information):

Log Files

2022-01-14 15:17:31,902 [Thread-944] WARN  ch.cyberduck.core.sts.STSCredentialsConfigurator - Failure reading Local{path='~/.aws/config'} and Local{path='~/.aws/credentials'}
java.lang.IllegalArgumentException: Invalid property format: no '=' character is found on line 2
    at com.amazonaws.auth.profile.internal.AbstractProfilesConfigFileScanner.parsePropertyLine(AbstractProfilesConfigFileScanner.java:162) ~[aws-java-sdk-core-1.12.135.jar:?]
    at com.amazonaws.auth.profile.internal.AbstractProfilesConfigFileScanner.run(AbstractProfilesConfigFileScanner.java:119) ~[aws-java-sdk-core-1.12.135.jar:?]
    at ch.cyberduck.core.sts.STSCredentialsConfigurator$ProfilesConfigFileLoaderHelper.parseProfileProperties(STSCredentialsConfigurator.java:400) ~[s3-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.sts.STSCredentialsConfigurator.configure(STSCredentialsConfigurator.java:108) [s3-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.s3.S3Session.login(S3Session.java:179) [s3-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.KeychainLoginService.authenticate(KeychainLoginService.java:175) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.LoginConnectionService.authenticate(LoginConnectionService.java:176) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.LoginConnectionService.connect(LoginConnectionService.java:167) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.LoginConnectionService.check(LoginConnectionService.java:110) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.pool.StatelessSessionPool.borrow(StatelessSessionPool.java:59) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.threading.SessionBackgroundAction.run(SessionBackgroundAction.java:123) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.threading.SessionBackgroundAction$1.call(SessionBackgroundAction.java:108) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.threading.DefaultRetryCallable.call(DefaultRetryCallable.java:52) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.threading.SessionBackgroundAction.call(SessionBackgroundAction.java:110) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.threading.BackgroundCallable.run(BackgroundCallable.java:95) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at ch.cyberduck.core.threading.BackgroundCallable.call(BackgroundCallable.java:59) [core-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at java.util.concurrent.FutureTask.run(Unknown Source) [?:?]
    at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) [?:?]
    at java.util.concurrent.FutureTask.run(Unknown Source) [?:?]
    at ch.cyberduck.core.threading.DispatchExecutorService$InvocationFutureTask.run(DispatchExecutorService.java:281) [libcore-8.2.1.jar:2f66ca66589c71e3ef52ffa41ff141d93fdc7ab6]
    at jdk.internal.reflect.GeneratedMethodAccessor70.invoke(Unknown Source) ~[?:?]
    at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
    at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
    at org.rococoa.internal.OCInvocationCallbacks.callMethod(OCInvocationCallbacks.java:170) [rococoa-core-0.9.1.jar:?]
    at org.rococoa.internal.OCInvocationCallbacks.access$200(OCInvocationCallbacks.java:52) [rococoa-core-0.9.1.jar:?]
    at org.rococoa.internal.OCInvocationCallbacks$2.callback(OCInvocationCallbacks.java:82) [rococoa-core-0.9.1.jar:?]
    at jdk.internal.reflect.GeneratedMethodAccessor10.invoke(Unknown Source) ~[?:?]
    at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) ~[?:?]
    at java.lang.reflect.Method.invoke(Unknown Source) ~[?:?]
    at com.sun.jna.CallbackReference$DefaultCallbackProxy.invokeCallback(CallbackReference.java:579) [jna-min-5.10.0.jar:5.10.0 (b0)]
    at com.sun.jna.CallbackReference$DefaultCallbackProxy.callback(CallbackReference.java:610) [jna-min-5.10.0.jar:5.10.0 (b0)]
2022-01-14 15:17:31,903 [Thread-944] DEBUG ch.cyberduck.core.shared.DefaultPathHomeFeature - No default path set for bookmark Host{protocol=Profile{parent=s3, vendor=s3-token, description=S3 (Credentials from AWS Security Token Service), image=null}, port=443, hostname='s3.amazonaws.com', credentials=Credentials{user='edited-out', oauth='OAuthTokens{accessToken='null', refreshToken='', expiryInMilliseconds=9223372036854775807}', token='', identity=null}, uuid='edited-out', nickname='null', defaultpath='null', workdir=null, labels=[]}
2022-01-14 15:17:31,903 [Thread-944] DEBUG ch.cyberduck.core.s3.S3LocationFeature - Query location for bucket
dkocher commented 2 years ago

The error is from the configuration reader implementation in AWS SDK and as such I presume comments are not supported by their configuration file format specification or it should be fixed upstream.

bgdnlp commented 2 years ago

It is fixed upstream. I see you recently updated the dependency, so it should also be fixed in 8.2.2. I can't test because it's not yet available for download. Thanks.

dkocher commented 2 years ago

It is fixed upstream. I see you recently updated the dependency, so it should also be fixed in 8.2.2. I can't test because it's not yet available for download. Thanks.

Do you have a reference to the upstream commit?

bgdnlp commented 2 years ago

Couldn't find it in reasonable time, sorry. I found a ticket saying it was ok in version 1.11.1XXX IIRC, and the piece of code returning that warning seems to be gone in latest version. I don't know Java, but it seemed to me that you were using 1.11.7XX until 8.2.2, so I'm guessing 8.2.2 is going to work with comments.

It's easy to test, just comment out a line, any line, using # and/or ; then try to access an "S3 (Credentials from AWS Security Token Service)" bookmark. It doesn't have to be in the same profile used by Cyberduck, anywhere in ~/.aws/config seems to return that error in 8.2.1.