search

soto-project / soto

Swift SDK for AWS that works on Linux, macOS and iOS
https://soto.codes
Apache License 2.0
880 stars 83 forks source link

Error on FileUpload to S3 #173

Closed pankajsoni19 closed 5 years ago

pankajsoni19 commented 5 years ago

I am following example on readme page of this repo.

Getting:

NIOOpenSSL.NIOOpenSSLError.unableToValidateCertificate

adam-fowler commented 5 years ago

Which example? How are you building your code? What version of the aws-sdk-swift are you using? What platform are you running on? What are you running this on (ec2, lambda, ...)? I've generally seen this when there is a discrepancy between the ssl lib used to build code and the one the code is run with.

adam-fowler commented 5 years ago

Are you running the same setup as in your previous issue?

pankajsoni19 commented 5 years ago

I am building code using XCode > Version 10.3 (10G8) [ Latest ] MacOS > 10.14.6 (18G95) [ Latest ]

Using master repo

.package(url: "https://github.com/swift-aws/aws-sdk-swift.git", .branch("master")),

Upload function

 public func upload(_ bodyData: Data, in dir: S3Dir, withKey name: String) throws -> Future<HTTPResponseStatus> {
        let fileKey = dir.s3Path(filename: name)
        let putObjectRequest =
            S3.PutObjectRequest(acl: .publicRead,
                                body: bodyData,
                                bucket: config.awsBucket,
                                contentDisposition: dir.contentDisposition(filename: name),
                                contentLength: Int64(bodyData.count),
                                contentType: dir.contentType,
                                key: fileKey,
                                tagging: "type=\(dir.rawValue)")

        return try client.putObject(putObjectRequest).map { (response: S3.PutObjectOutput) in
            return HTTPResponseStatus.ok
        }
    }
pankajsoni19 commented 5 years ago

SSL Lib

> which openssl
/usr/bin/openssl

> /usr/bin/openssl version
LibreSSL 2.6.5
adam-fowler commented 5 years ago

So you are building on Mac and running on the same Mac? Hmmm weird. I’ve been running pretty much similar code this morning fine.

If you could try v3.1 to see if that works that’d help. Also there is an nio2.0 branch which avoids a lot of these issues as swift nio2.0 has its own version of libssl

adam-fowler commented 5 years ago

One other question do you have a custom endpoint?

pankajsoni19 commented 5 years ago
  1. Nope do not have a custom endpoint.
  2. Changed to use 
    .package(url: "https://github.com/swift-aws/aws-sdk-swift.git", from: "3.1.0")

    same error

have you provided xcode header paths for openssl?

this is my package-swift. I do not reference nio package directly

dependencies: [
        .package(url: "https://github.com/vapor/vapor.git", from: "3.3.0"),
        .package(url: "https://github.com/pankajsoni19/swiftybeaver-provider.git", from: "3.1.2"),
        .package(url: "https://github.com/swift-aws/aws-sdk-swift.git", .branch("master")),
        .package(url: "https://github.com/BrettRToomey/Jobs.git", from: "1.1.2"),
        .package(url: "https://github.com/vapor/fluent-mysql.git", from: "3.0.0"),
        .package(url: "https://github.com/vapor/redis.git", from: "3.0.0"),
        .package(url: "https://github.com/vapor/auth.git", from: "2.0.0"),
        .package(url: "https://github.com/vapor/multipart.git", from: "3.0.0")
    ],
pankajsoni19 commented 5 years ago

I can't use the nio-2 branch. as the vapor deps are dependent highly on the 1.xx nio. Any other suggestion?

adam-fowler commented 5 years ago

I’m not near a Mac at the moment so can’t really say. Let me look into it.

pankajsoni19 commented 5 years ago

for now I have set this :TLSConfiguration.forClient() certificateVerification: CertificateVerification = .none, and it uploads

adam-fowler commented 5 years ago

I guess one thing you could do is create a simple app which only includes aws-sdk-swift and in main.swift uploads a file to S3. Whether that works or not will help us work out where the issue is.

pankajsoni19 commented 5 years ago

fyi. same error on ubuntu 18.04

[ ERROR ] error(NIOOpenSSL.NIOOpenSSLError.unableToValidateCertificate) (ErrorMiddleware.swift:26)
[ DEBUG ] Conform `HTTPClientError` to `Debuggable` for better debug info. (ErrorMiddleware.swift:26)

havn't yet run the code standalone.

pankajsoni19 commented 5 years ago

funny thing. my bucket name contained a . advise to others do not use . in bucket name

adam-fowler commented 5 years ago

I’m gonna re-open this. Would like to see why ‘.’ in bucket causes issue

adam-fowler commented 5 years ago

From the AWS documentation "When you use virtual hosted–style buckets with Secure Sockets Layer (SSL), the SSL wildcard certificate only matches buckets that don't contain periods. To work around this, use HTTP or write your own certificate verification logic. We recommend that you do not use periods (".") in bucket names when using virtual hosted–style buckets. "

I'll close this now