Add basic validation of bucket name #207
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jamesbornholt
had a problem deploying
to
PR integration tests
GitHub Actions
Failure
jamesbornholt
had a problem deploying
to
PR integration tests
GitHub Actions
Failure
jamesbornholt
had a problem deploying
to
PR integration tests
GitHub Actions
Failure
jamesbornholt
force-pushed
the
parse-bucket-name
branch
from
92a2174 to
c66f885
Compare
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
force-pushed
the
parse-bucket-name
branch
from
c66f885 to
0daf4e0
Compare
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
had a problem deploying
to
PR integration tests
GitHub Actions
Failure
jamesbornholt
had a problem deploying
to
PR integration tests
GitHub Actions
Error
This will help catch common CLI errors like awslabs#203. Customers coming from the AWS CLI might expect to be able to pass an s3:// URI as a bucket name, which we don't support. It's also possible to accidentally swap the bucket name and mount point arguments -- mount points will often be invalid bucket names, so some validation helps us catch some of these cases more quickly. Arguably we could support parsing s3:// URIs, including using the key as a prefix for the mount. But that would be a bigger feature and I'm not totally sure it's the right thing, so for now some validation is better than nothing. Signed-off-by: James Bornholt <bornholt@amazon.com>
jamesbornholt
force-pushed
the
parse-bucket-name
branch
from
0daf4e0 to
9e7abf8
Compare
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
dannycjones
reviewed
Apr 13, 2023
dannycjones
changed the title
Signed-off-by: James Bornholt <bornholt@amazon.com>
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
jamesbornholt
temporarily deployed
to
PR integration tests
GitHub Actions
Inactive
unexge
pushed a commit
to unexge/mountpoint-s3
that referenced
this pull request
Nov 4, 2024
* Implement `Sync` and `Unpin` for `ReplySender` * Update test to compile * Use SyncChannel instead of flume
github-merge-queue bot
pushed a commit
that referenced
this pull request
Mar 11, 2025
## Description of change Notably, includes awslabs/aws-c-auth#263 for #1203. Size: ```bash $ cargo package -p mountpoint-s3-crt-sys --no-verify --allow-dirty Packaging mountpoint-s3-crt-sys v0.12.1 (~/Code/mountpoint-s3/mountpoint-s3-crt-sys) Updating crates.io index Packaged 2171 files, 39.4MiB (7.0MiB compressed) ``` <details> <summary>CRT changelog:</summary> ``` Submodule mountpoint-s3-crt-sys/crt/aws-c-auth b513db4b..01dd06ac: > Support Endpoint Override for CredentialsProviders (#263) > aws_hex_encode() no longer adds null-terminator (#264) > Account ID support for Crendentials Providers (#262) Submodule mountpoint-s3-crt-sys/crt/aws-c-cal 7299c6ab..298122a0: > do not include crypto when doing byo_crypto (#207) > Ed25519 support. (#206) Submodule mountpoint-s3-crt-sys/crt/aws-c-common 0e7637fa..568f46b1: > New Get_ENV Functions (#1141) > aws_base64_compute_encoded_len() is now exact, doesn't add 1 extra for null-terminator (#1188) > Make aws_byte_cursor_from_string NULL tolerant (#1187) > Integration test for CPU feature detection (#1186) Submodule mountpoint-s3-crt-sys/crt/aws-c-io 3041dabf..318f7e57: > Revert win TLS 1.3 (#712) > Fix Windows server-side for TLS 1.3 (#710) > Tls1.3 win update (#676) > Add PQ_DEFAULT enum to aws_tls_cipher_pref (#707) Submodule mountpoint-s3-crt-sys/crt/aws-c-s3 6eb8be53..1d0091c7: > Adapt to aws_base64_compute_encoded_len() no longer adding 1 extra for null terminator (#497) > Make public bucket optional (#495) > add life cycle to s3 express to test helper (#494) > Auto - Update S3 Ruleset & Partition (#493) Submodule mountpoint-s3-crt-sys/crt/aws-lc 138a6ad3..7bca7e96: > Add IbmTpm to our CI (#2231) > Revert BIO_get_mem_data back to macro (#2261) > Update patch for Postgres (#2232) > Add missing algorithms to benchmark (#2056) > Update internal IANA values of PQ SupportedGroups (#2235) > Add CMAC benchmark for AWS-LC (#2218) > Added ML-DSA to break-kat framework (#2253) > Update EVP_PKEY ED keygen to use an internal function that can return the result of the PWCT (#2256) > Remove unused CMake options for break tests (#2249) > Adding no-op X509_TRUST_cleanup for select application compatibility (#2257) > Add LibRdKafka to our CI (#2225) > Add public wrapper to internal bn_minimal_width function (#2245) > Prepare v1.48.1 (#2252) > Make BIO_get_mem_data a function again (#2246) > Move OCSP ASN1 type functions to public header (#2239) > Prepare for release v.1.48.0 (#2248) > Migrate last batch of jobs (#2214) > Enforce FIPS callback is only enabled for static builds (#2241) > Update to using Clang 18 on Windows (#2240) > Don't 'dllexport' Windows symbols on static build (#2238) > Check pagesize is non-negative in AES-XTS test (#2237) > Coverity Fix (#2236) > Increase required CMake version to 3.5 (#2219) > Remove BORINGSSL_FIPS_BREAK_FFC_DH (#2216) > Bump version, preparing for release v1.47.0 (#2229) > Add support to export ML-DSA key-pairs in seed format (#2194) > Integration test for libgit2 (#2215) > Fix out-of-bound (OOB) input read in AES-XTS Decrypt in AVX-512 implementation (#2227) > Integration test for libssh2 (#2222) > Reset DTLS1_BITMAP without resorting to memset (#2223) > Use AWSLC_SOURCE_DIR and AWSLC_BINARY_DIR (#2208) > Update ABI Diff Action to work correctly on push events (#2188) > Add SSL_CTX_use_cert_and_key (#2163) > Add support to define a callback for FIPS test failures instead of aborting the process (#2162) > Move Ed25519ph into module boundary (#2186) > Add utility for querying and comparing the BORINGSSL_bcm_text_hash (#2217) > Add guidance around certificate auto-chaining in TLS (#2205) > SHAKE Incremental Byte Squeezes && EVP_ Tests (#2155) > Migrate 3rd batch of CI jobs (#2183) > Avoid duplicated definition of standalone test executable variables (#2212) > Modify SSL to inherit ciphersuites from SSL_CTX at initialization (#2198) > Prepare release v1.46.1 (#2210) > Remove access() call from Snapsafe detection (#2197) > Simplify IsFlag check logic (#2209) > Update pairwise consistency test failures to support gracefully continiung (#2201) > Enable RSA keygen becnhmarks by default (#2206) > Fix C++98 compatibility in our header files (#2193) > Add pq-tls interop test with BoringSSL (#2199) > Refactor AWS_LC_FIPS_failure to always exist (#2200) > Improve tool-openssl compatability for x509 and verify subcommands (#2196) > Prepare release v1.46.0 (#2204) > Add SPARCV9 target (#2202) > Simplify OpenSSH mainline build (#2158) > ML-KEM: Move FIPS-abort upon PCT failure to top-level ML-KEM API (#2195) > Add runtime options to break the pairwise consistency test for Ed, ML-KEM, and ML-DSA (#2192) > Update pkcs8_corpus files to include ML-DSA (#2191) > Refactor TLS 1.3 cipher selection and fix SSL_get_ciphers (#2092) > Add suport for asl and rol to match existing support for asr and ror (#2185) > SCRUTINICE fixes (#2180) > Make install_shared_and_static test more robust (#2179) > MacOS-12 GH runner no longer supported (#2190) > Add integration patches/CI for Ruby main and 3.3 (#2071) > Move ML-DSA to fipsmodule (#2175) > Expand spki fuzz corpus (#2187) > Update PQREADME.md (#2151) > Setup X509 CodeBuild Project for Limbo Report Generation (#2171) > Add msl to ARMConstantTweak and recognise ldrsw to prevent delocator errors (#2177) > Remove DEPENDS from add_custom_command as CMake made the behavior clear (#2178) > Update BORINGSSL_FIPS_abort to AWS_LC_FIPS_failure which takes a message (#2182) > Fix Nginx build (#2181) > Add EVP API Support for ED25519ph (#2144) > Update benchmark to skip chunk sizes that doesn't work with the algorithm (#2146) > Add new CAST tests to break-kat.go (#2173) > Migrate 2nd batch of CI jobs (#2091) > Ensure enabling local symbols doesn't change the module hash (#2169) > Move PQDSA to FIPSMODULE (#2166) > Ensure service indicator is incremented only once, update RSA and ED25519 to ensure the state is locked (#2112) > CAST and PCT for ML-DSA (#2148) > Validate or define ARM HWCAP2_XXX macros (#2164) > Prepare AWS-LC v1.45.0 (#2172) > Wrap pointers to s2n-bignum functions - delocator fix (#2165) > ML-DSA private keys from seeds (#2157) > SHA3 and SHAKE - New API Design (#2098) > Add support for PKCS12_set_mac (#2128) > Fix policy grant on ECR resource policy (#2159) > Cross library PQ interop test with s2n-tls (#2138) Submodule mountpoint-s3-crt-sys/crt/s2n-tls 6cc9f53d..4ed4f1a6: > tests: try to make s2n_mem_usage_test more useful (#5139) > chore: git-blame-ignore ruff formatting (#5151) > chore(bindings): change in rustup behavior (#5160) > refactor: remove unused prf hmac impls (#5148) > chore(ci): make the awslc fips install script version aware (#5100) > fix: memory leak during STEK rotation (#5146) > refactor: add alternative EVP signing method (#5141) > refactor: cleanup prf header (#5144) > feat(bindings): expose context on cert chain (#5132) > Ruff Formatting and add to CI (#5138) > chore(nix): Add aws-lc-fips 2022/4 (#5109) > test(integv2): fixes to allow test_record_padding to partially run (#5099) > build(deps): update rtshark requirement from 2.9.0 to 3.1.0 in /tests/pcap in the all-cargo-updates group across 1 directory (#5087) > tests: use sig schemes as source of truth for valid hash+sig algs (#5129) > ci: always set values for command line defines (#5126) > fix: update callback return value (#5136) > refactor: always use EVP hashing (#5121) > ci: add check for third-party-src in disable rand override buildspec (#5137) > feat: add async cert validation support (#5110) > chore: remove unused well-known-endpoints.py (#5127) > fix(bindings): remove mutation behind Arc (#5124) > chore: binding release 0.3.12 (#5128) > refactor: use EVP_MD_fetch() if available (#5116) > feat: Option to disable RAND engine override (#5108) > fix(bindings): make Context borrow immutable (#5071) > build(deps): update rand requirement (#5125) > chore: fix a typo in API comments (#5123) > bindings: unpin openssl crate from a specific patch version (#5120) > refactor: move "s2n_libcrypto_is" methods into s2n_libcrypto.h (#5117) > Add new security policy (20250211) (#5111) > Revert "refactor: remove unused evp support for md5+sha1 (#5106)" (#5118) > ci: add default provider to openssl-3.0-fips (#5114) > fix: don't enable custom random for openssl fips (#5093) > fix: allow b64 decoding using libcrypto for sidechannel resistance (#5103) > refactor: remove unused evp support for md5+sha1 (#5106) > refactor: remove s2n_hmac_is_available (#5104) > build(deps): bump aws-actions/configure-aws-credentials from 4.0.2 to 4.1.0 in /.github/workflows in the all-gha-updates group across 1 directory (#5107) > fix(integrationv2): Skip unsupported client auth tests (#5096) > chore: bindings release 0.3.11 (#5098) > chore: ktls buildspec (#5083) > Fixed formatting for debugging statements (#5094) > feat(bindings): add external psk apis (#5061) > test: add minimal openssl-3.0-fips test (#5081) > fix(ci): Allow validate_start_codebuild to run on pushes to main (#5080) > fix: don't use DEPENDS with add_custom_command(TARGET) (#5074) > fix: error for uninit psk, check for all-zero psk (#5084) > fix: calculation of session ticket age (#5001) > fix: add support for `S2N_INTERN_LIBCRYPTO` with FetchContent (#5076) > fix(integration): Update PQ integration test expectations (#5082) > ci: fix dependabot, commit & check Cargo.toml (#5065) > docs(s2n-tls-hyper): Add hyper client/server example (#5069) > docs(integv2): add architecture diagram (#5072) > fix(bindings): prevent temp connection free after panic (#5067) > ci: Emit benchmark metrics from scheduled runs (#5064) > ci: change rust-toolchain format to toml (#5070) > Revert "ci: remove openssl-1.0.2-fips builds (#4995)" (#5060) > feat(bench): impl into for base config type (#5056) > refactor: cleanup CBMC proofs after #5048 (#5058) > ci: Adding integ tests back to integv2 (#5054) > refactor: remove openssl-1.0.2-fips 'allow md5' logic (#5048) > ci: pin duvet version (#5057) > build(deps): bump cross-platform-actions/action from 0.26.0 to 0.27.0 in /.github/workflows in the all-gha-updates group (#5053) > chore: fix typos (#5052) > chore: bump osx Openssl to latest (#5041) > chore: bindings release for 0.3.10 (#5046) > fix: initial config should not influence sslv2 (#4987) > ci: add openssl-3.0-fips builds (#5037) > Add Security Policy Deprecation API (#5034) > docs: add C / s2n-tls-sys doc references to s2n-tls docs (#5012) > test: add sslv2 client hello test w/ jvm (#5019) > ci: add timeout for cbmc proof (#5038) > fix(bindings): Specify correct minimum versions (#5028) ``` </details> ## Does this change impact existing behavior? Nothing expected. ## Does this change need a changelog entry in any of the crates? Updated --- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). Signed-off-by: Burak Varlı <burakvar@amazon.co.uk>
mansi153
pushed a commit
to mansi153/mountpoint-s3
that referenced
this pull request
Jul 24, 2025
## Description of change Notably, includes awslabs/aws-c-auth#263 for awslabs#1203. Size: ```bash $ cargo package -p mountpoint-s3-crt-sys --no-verify --allow-dirty Packaging mountpoint-s3-crt-sys v0.12.1 (~/Code/mountpoint-s3/mountpoint-s3-crt-sys) Updating crates.io index Packaged 2171 files, 39.4MiB (7.0MiB compressed) ``` <details> <summary>CRT changelog:</summary> ``` Submodule mountpoint-s3-crt-sys/crt/aws-c-auth b513db4b..01dd06ac: > Support Endpoint Override for CredentialsProviders (awslabs#263) > aws_hex_encode() no longer adds null-terminator (awslabs#264) > Account ID support for Crendentials Providers (awslabs#262) Submodule mountpoint-s3-crt-sys/crt/aws-c-cal 7299c6ab..298122a0: > do not include crypto when doing byo_crypto (awslabs#207) > Ed25519 support. (awslabs#206) Submodule mountpoint-s3-crt-sys/crt/aws-c-common 0e7637fa..568f46b1: > New Get_ENV Functions (awslabs#1141) > aws_base64_compute_encoded_len() is now exact, doesn't add 1 extra for null-terminator (awslabs#1188) > Make aws_byte_cursor_from_string NULL tolerant (awslabs#1187) > Integration test for CPU feature detection (awslabs#1186) Submodule mountpoint-s3-crt-sys/crt/aws-c-io 3041dabf..318f7e57: > Revert win TLS 1.3 (awslabs#712) > Fix Windows server-side for TLS 1.3 (awslabs#710) > Tls1.3 win update (awslabs#676) > Add PQ_DEFAULT enum to aws_tls_cipher_pref (awslabs#707) Submodule mountpoint-s3-crt-sys/crt/aws-c-s3 6eb8be53..1d0091c7: > Adapt to aws_base64_compute_encoded_len() no longer adding 1 extra for null terminator (awslabs#497) > Make public bucket optional (awslabs#495) > add life cycle to s3 express to test helper (awslabs#494) > Auto - Update S3 Ruleset & Partition (awslabs#493) Submodule mountpoint-s3-crt-sys/crt/aws-lc 138a6ad3..7bca7e96: > Add IbmTpm to our CI (#2231) > Revert BIO_get_mem_data back to macro (#2261) > Update patch for Postgres (#2232) > Add missing algorithms to benchmark (#2056) > Update internal IANA values of PQ SupportedGroups (#2235) > Add CMAC benchmark for AWS-LC (#2218) > Added ML-DSA to break-kat framework (#2253) > Update EVP_PKEY ED keygen to use an internal function that can return the result of the PWCT (#2256) > Remove unused CMake options for break tests (#2249) > Adding no-op X509_TRUST_cleanup for select application compatibility (#2257) > Add LibRdKafka to our CI (#2225) > Add public wrapper to internal bn_minimal_width function (#2245) > Prepare v1.48.1 (#2252) > Make BIO_get_mem_data a function again (#2246) > Move OCSP ASN1 type functions to public header (#2239) > Prepare for release v.1.48.0 (#2248) > Migrate last batch of jobs (#2214) > Enforce FIPS callback is only enabled for static builds (#2241) > Update to using Clang 18 on Windows (#2240) > Don't 'dllexport' Windows symbols on static build (#2238) > Check pagesize is non-negative in AES-XTS test (#2237) > Coverity Fix (#2236) > Increase required CMake version to 3.5 (#2219) > Remove BORINGSSL_FIPS_BREAK_FFC_DH (#2216) > Bump version, preparing for release v1.47.0 (#2229) > Add support to export ML-DSA key-pairs in seed format (#2194) > Integration test for libgit2 (#2215) > Fix out-of-bound (OOB) input read in AES-XTS Decrypt in AVX-512 implementation (#2227) > Integration test for libssh2 (#2222) > Reset DTLS1_BITMAP without resorting to memset (#2223) > Use AWSLC_SOURCE_DIR and AWSLC_BINARY_DIR (#2208) > Update ABI Diff Action to work correctly on push events (#2188) > Add SSL_CTX_use_cert_and_key (#2163) > Add support to define a callback for FIPS test failures instead of aborting the process (#2162) > Move Ed25519ph into module boundary (#2186) > Add utility for querying and comparing the BORINGSSL_bcm_text_hash (#2217) > Add guidance around certificate auto-chaining in TLS (#2205) > SHAKE Incremental Byte Squeezes && EVP_ Tests (#2155) > Migrate 3rd batch of CI jobs (#2183) > Avoid duplicated definition of standalone test executable variables (#2212) > Modify SSL to inherit ciphersuites from SSL_CTX at initialization (#2198) > Prepare release v1.46.1 (#2210) > Remove access() call from Snapsafe detection (#2197) > Simplify IsFlag check logic (#2209) > Update pairwise consistency test failures to support gracefully continiung (#2201) > Enable RSA keygen becnhmarks by default (#2206) > Fix C++98 compatibility in our header files (#2193) > Add pq-tls interop test with BoringSSL (#2199) > Refactor AWS_LC_FIPS_failure to always exist (#2200) > Improve tool-openssl compatability for x509 and verify subcommands (#2196) > Prepare release v1.46.0 (#2204) > Add SPARCV9 target (#2202) > Simplify OpenSSH mainline build (#2158) > ML-KEM: Move FIPS-abort upon PCT failure to top-level ML-KEM API (#2195) > Add runtime options to break the pairwise consistency test for Ed, ML-KEM, and ML-DSA (#2192) > Update pkcs8_corpus files to include ML-DSA (#2191) > Refactor TLS 1.3 cipher selection and fix SSL_get_ciphers (#2092) > Add suport for asl and rol to match existing support for asr and ror (#2185) > SCRUTINICE fixes (#2180) > Make install_shared_and_static test more robust (#2179) > MacOS-12 GH runner no longer supported (#2190) > Add integration patches/CI for Ruby main and 3.3 (#2071) > Move ML-DSA to fipsmodule (#2175) > Expand spki fuzz corpus (#2187) > Update PQREADME.md (#2151) > Setup X509 CodeBuild Project for Limbo Report Generation (#2171) > Add msl to ARMConstantTweak and recognise ldrsw to prevent delocator errors (#2177) > Remove DEPENDS from add_custom_command as CMake made the behavior clear (#2178) > Update BORINGSSL_FIPS_abort to AWS_LC_FIPS_failure which takes a message (#2182) > Fix Nginx build (#2181) > Add EVP API Support for ED25519ph (#2144) > Update benchmark to skip chunk sizes that doesn't work with the algorithm (#2146) > Add new CAST tests to break-kat.go (#2173) > Migrate 2nd batch of CI jobs (#2091) > Ensure enabling local symbols doesn't change the module hash (#2169) > Move PQDSA to FIPSMODULE (#2166) > Ensure service indicator is incremented only once, update RSA and ED25519 to ensure the state is locked (#2112) > CAST and PCT for ML-DSA (#2148) > Validate or define ARM HWCAP2_XXX macros (#2164) > Prepare AWS-LC v1.45.0 (#2172) > Wrap pointers to s2n-bignum functions - delocator fix (#2165) > ML-DSA private keys from seeds (#2157) > SHA3 and SHAKE - New API Design (#2098) > Add support for PKCS12_set_mac (#2128) > Fix policy grant on ECR resource policy (#2159) > Cross library PQ interop test with s2n-tls (#2138) Submodule mountpoint-s3-crt-sys/crt/s2n-tls 6cc9f53d..4ed4f1a6: > tests: try to make s2n_mem_usage_test more useful (#5139) > chore: git-blame-ignore ruff formatting (#5151) > chore(bindings): change in rustup behavior (#5160) > refactor: remove unused prf hmac impls (#5148) > chore(ci): make the awslc fips install script version aware (#5100) > fix: memory leak during STEK rotation (#5146) > refactor: add alternative EVP signing method (#5141) > refactor: cleanup prf header (#5144) > feat(bindings): expose context on cert chain (#5132) > Ruff Formatting and add to CI (#5138) > chore(nix): Add aws-lc-fips 2022/4 (#5109) > test(integv2): fixes to allow test_record_padding to partially run (#5099) > build(deps): update rtshark requirement from 2.9.0 to 3.1.0 in /tests/pcap in the all-cargo-updates group across 1 directory (#5087) > tests: use sig schemes as source of truth for valid hash+sig algs (#5129) > ci: always set values for command line defines (#5126) > fix: update callback return value (#5136) > refactor: always use EVP hashing (#5121) > ci: add check for third-party-src in disable rand override buildspec (#5137) > feat: add async cert validation support (#5110) > chore: remove unused well-known-endpoints.py (#5127) > fix(bindings): remove mutation behind Arc (#5124) > chore: binding release 0.3.12 (#5128) > refactor: use EVP_MD_fetch() if available (#5116) > feat: Option to disable RAND engine override (#5108) > fix(bindings): make Context borrow immutable (#5071) > build(deps): update rand requirement (#5125) > chore: fix a typo in API comments (#5123) > bindings: unpin openssl crate from a specific patch version (#5120) > refactor: move "s2n_libcrypto_is" methods into s2n_libcrypto.h (#5117) > Add new security policy (20250211) (#5111) > Revert "refactor: remove unused evp support for md5+sha1 (#5106)" (#5118) > ci: add default provider to openssl-3.0-fips (#5114) > fix: don't enable custom random for openssl fips (#5093) > fix: allow b64 decoding using libcrypto for sidechannel resistance (#5103) > refactor: remove unused evp support for md5+sha1 (#5106) > refactor: remove s2n_hmac_is_available (#5104) > build(deps): bump aws-actions/configure-aws-credentials from 4.0.2 to 4.1.0 in /.github/workflows in the all-gha-updates group across 1 directory (#5107) > fix(integrationv2): Skip unsupported client auth tests (#5096) > chore: bindings release 0.3.11 (#5098) > chore: ktls buildspec (#5083) > Fixed formatting for debugging statements (#5094) > feat(bindings): add external psk apis (#5061) > test: add minimal openssl-3.0-fips test (#5081) > fix(ci): Allow validate_start_codebuild to run on pushes to main (#5080) > fix: don't use DEPENDS with add_custom_command(TARGET) (#5074) > fix: error for uninit psk, check for all-zero psk (#5084) > fix: calculation of session ticket age (#5001) > fix: add support for `S2N_INTERN_LIBCRYPTO` with FetchContent (#5076) > fix(integration): Update PQ integration test expectations (#5082) > ci: fix dependabot, commit & check Cargo.toml (#5065) > docs(s2n-tls-hyper): Add hyper client/server example (#5069) > docs(integv2): add architecture diagram (#5072) > fix(bindings): prevent temp connection free after panic (#5067) > ci: Emit benchmark metrics from scheduled runs (#5064) > ci: change rust-toolchain format to toml (#5070) > Revert "ci: remove openssl-1.0.2-fips builds (#4995)" (#5060) > feat(bench): impl into for base config type (#5056) > refactor: cleanup CBMC proofs after #5048 (#5058) > ci: Adding integ tests back to integv2 (#5054) > refactor: remove openssl-1.0.2-fips 'allow md5' logic (#5048) > ci: pin duvet version (#5057) > build(deps): bump cross-platform-actions/action from 0.26.0 to 0.27.0 in /.github/workflows in the all-gha-updates group (#5053) > chore: fix typos (#5052) > chore: bump osx Openssl to latest (#5041) > chore: bindings release for 0.3.10 (#5046) > fix: initial config should not influence sslv2 (#4987) > ci: add openssl-3.0-fips builds (#5037) > Add Security Policy Deprecation API (#5034) > docs: add C / s2n-tls-sys doc references to s2n-tls docs (#5012) > test: add sslv2 client hello test w/ jvm (#5019) > ci: add timeout for cbmc proof (#5038) > fix(bindings): Specify correct minimum versions (#5028) ``` </details> ## Does this change impact existing behavior? Nothing expected. ## Does this change need a changelog entry in any of the crates? Updated --- By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). Signed-off-by: Burak Varlı <burakvar@amazon.co.uk>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This will help catch common CLI errors like #203. Customers coming from
the AWS CLI might expect to be able to pass an s3:// URI as a bucket
name, which we don't support. It's also possible to accidentally swap
the bucket name and mount point arguments -- mount points will often be
invalid bucket names, so some validation helps us catch some of these
cases more quickly.
Arguably we could support parsing s3:// URIs, including using the key as
a prefix for the mount. But that would be a bigger feature and I'm not
totally sure it's the right thing, so for now some validation is better
than nothing.
Signed-off-by: James Bornholt bornholt@amazon.com
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and I agree to the terms of the Developer Certificate of Origin (DCO).