search

minio / minio

MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license.
https://min.io/download?license=agpl&platform=linux
GNU Affero General Public License v3.0
48.03k stars 5.5k forks source link

Multipart upload fails #20134

Closed albertjannap closed 3 months ago

albertjannap commented 3 months ago

Description

I am trying to stream a 111MB xlsx file, using putObject, to MinIO and I am using SSE-C encryption

Expected Behavior

I expect that the file will upload without any memory issues or in this case errors about wrong configuration about encryption.

Current Behavior

I receive an error: S3Error: The multipart upload initiate requested encryption. Subsequent part requests must include the appropriate encryption parameters.. For not multipart requests the upload is successful

Possible Solution

In uploadStream a request is made to upload a part, I think the configuration for this request is wrong, the headers you configure when you call putObject are not being passed for this request. Maybe it could be a possible solution.

await this.minioClient.putObject(id, name, file.buffer, file.size, {
  'X-Amz-Server-Side-Encryption-Customer-Algorithm': encryptionConfig.SSECustomerAlgorithm,
  'X-Amz-Server-Side-Encryption-Customer-Key': encryptionConfig.SSECustomerKey,
  'X-Amz-Server-Side-Encryption-Customer-Key-MD5': encryptionConfig.SSECustomerKeyMD5,
  'X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm': encryptionConfig.SSECustomerAlgorithm,
  'X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key': encryptionConfig.SSECustomerKey,
  'X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5': encryptionConfig.SSECustomerKeyMD5,
});
const options: RequestOption = {
  method: 'PUT',
  query: qs.stringify({ partNumber, uploadId }),
  headers: {
    'Content-Length': chunk.length,
    'Content-MD5': md5.toString('base64'),
  },
  bucketName,
  objectName,
}

const response = await this.makeRequestAsyncOmit(options, chunk)

Steps to Reproduce (for bugs)

  1. Use putObject to upload a file(buffer) larger then 100 MB
  2. Add SSE-C encryption headers to encrypt a file

Context

I am trying to upload this file to temporary store it in a bucket, in a later moment in time I want to process the xlsx file to import the data to Salesforce. This has impact on my work because I need to store the file with the encryption headers.

Regression

Is this issue a regression? No

Your Environment

harshavardhana commented 3 months ago

The error message indicates that this is a client side bug.

The client sdk must provide sse-c headers in all the requests that it wants to send for the object it wants to encrypt via client provided keys.

You should open a bug report on the relevant client implementation not the server.