xiongxu / s3fs

Automatically exported from code.google.com/p/s3fs
GNU General Public License v2.0
0 stars 0 forks source link

Parse HTTP response codes better and provide a more accurate error message #133

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
As reported by user jvence:

I've installed s3fs on two servers running CentOS 5.5 - it works on one but NOT 
the other. Both servers are located on different networks. It seems to work on 
the one with the fresh install of CentOS 5.5 (while the other was upgraded from 
v5.0) - I keep getting on s3fs: "HTTP: 403 Forbidden - it is likely that your 
credentials are invalid" even though I've used the same setup as with the 
working server. It's mind boggling. Anyone has any ideas what I should look for?

...

Ok solved it. It had to do with the clock not matching the amazon server 
clocks. s3fs should be better at parsing the XML error message received from 
server.

Original issue reported on code.google.com by dmoore4...@gmail.com on 8 Dec 2010 at 1:27

GoogleCodeExporter commented 9 years ago
Indeed, this has come up before. s3fs fails without an accurate, meaningful 
error message.

Setting the curl option FAILONERROR to true allows for the trapping of vaious 
curl errors including a HTTP error. However, its annoying that with this option 
set, if there is an error, the response text (the XML) is not returned.

Useful messages are contained within the XML which can indicate the nature of 
the error. A HTTP response of 403 is representative of either a credentials 
failure or a "time too skewed" failure (or others).  The only way to 
differentiate between the these is to get the XML.

It appears that a second request can be sent after resetting the FAILONERROR 
option. With that, the XML can then be parsed.

This can be done in a couple of places, but doing this in the "check_service" 
function makes sense. However, this requires an active internet connection. 

Original comment by dmoore4...@gmail.com on 8 Dec 2010 at 1:43

GoogleCodeExporter commented 9 years ago
Here's the message due to time too skewed:

s3fs: CURLE_HTTP_RETURNED_ERROR
s3fs: HTTP Error Code: 403
s3fs: AWS Error Code: RequestTimeTooSkewed
s3fs: AWS Message: The difference between the request time and the current time 
is too large.

Original comment by dmoore4...@gmail.com on 8 Dec 2010 at 2:16

GoogleCodeExporter commented 9 years ago
...and if your SecretAccessKey is wrong

s3fs: CURLE_HTTP_RETURNED_ERROR
s3fs: HTTP Error Code: 403
s3fs: AWS Error Code: SignatureDoesNotMatch
s3fs: AWS Message: The request signature we calculated does not match the 
signature you provided. Check your key and signing method.

...or if your AccessKeyId is wrong:

s3fs: CURLE_HTTP_RETURNED_ERROR
s3fs: HTTP Error Code: 403
s3fs: AWS Error Code: InvalidAccessKeyId
s3fs: AWS Message: The AWS Access Key Id you provided does not exist in our 
records.

Original comment by dmoore4...@gmail.com on 8 Dec 2010 at 2:29

GoogleCodeExporter commented 9 years ago
This issue was closed by revision r275.

Original comment by dmoore4...@gmail.com on 8 Dec 2010 at 2:39