Skip to content

Commit c9bd161

Browse files
harshavardhanaharshavardhana
authored
fix: aws cli SSE-C test to work properly with custom certs (#385)
1 parent 80294d3 commit c9bd161

File tree

3 files changed

+6
-11
lines changed

3 files changed

+6
-11
lines changed

mint.sh

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -109,16 +109,14 @@ function trust_s3_endpoint_tls_cert() {
109109
openssl s_client -showcerts -verify 5 -connect "$SERVER_ENDPOINT" </dev/null |
110110
awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/{ if(/BEGIN CERTIFICATE/){a++}; out="cert"a".pem"; print >out}'
111111
for cert in *.pem; do
112-
mv -vf "${cert}" /usr/local/share/ca-certificates/
112+
cat "${cert}" >>/etc/ssl/certs/ca-certificates.crt
113113
done
114114

115-
# Load the certificate in the system
116-
update-ca-certificates --fresh >/dev/null
117-
118115
# Ask different SDKs/tools to load system certificates
119116
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
120117
export NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
121118
export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
119+
export AWS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
122120
}
123121

124122
function main() {

postinstall.sh

Lines changed: 0 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,5 @@ export APT="apt --quiet --yes"
2121
xargs --arg-file="${MINT_ROOT_DIR}/remove-packages.list" apt --quiet --yes purge
2222
${APT} autoremove
2323

24-
# remove unwanted files
25-
rm -fr "$GOROOT" "$GOPATH/src" /var/lib/apt/lists/*
26-
2724
# flush to disk
2825
sync

run/core/awscli/test.sh

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1445,13 +1445,13 @@ function test_serverside_encryption_multipart_copy() {
14451445
# copy object server side
14461446
if [ $rv -eq 0 ]; then
14471447
function="${AWS} s3api copy-object --bucket ${bucket_name} --key ${object_name}-copy --copy-source ${bucket_name}/${object_name} --copy-source-sse-customer-algorithm AES256 --copy-source-sse-customer-key MzJieXRlc2xvbmdzZWNyZXRrZXltdXN0cHJvdmlkZWQ= --copy-source-sse-customer-key-md5 7PpPLAK26ONlVUGOWlusfg== --sse-customer-algorithm AES256 --sse-customer-key MzJieXRlc2xvbmdzZWNyZXRrZXltdXN0cHJvdmlkZWQ= --sse-customer-key-md5 7PpPLAK26ONlVUGOWlusfg=="
1448-
test_function=${function}
14491448
out=$($function)
14501449
rv=$?
1451-
if [ $rv -ne 255 ]; then
1450+
echo $rv
1451+
copyETag=$(echo "$out" | jq -r .CopyObjectResult.ETag | sed -e 's/^"//' -e 's/"$//')
1452+
if [ "${copyETag}" == "" ]; then
14521453
rv=1
1453-
else
1454-
rv=0
1454+
out="copy-object with SSE-C failed"
14551455
fi
14561456
fi
14571457

0 commit comments

Comments
 (0)