From 508a28fdc0c41cc63a64fbfd43fc56719b6e716d Mon Sep 17 00:00:00 2001 From: Alex Vanin Date: Mon, 25 Oct 2021 15:13:36 +0300 Subject: [PATCH] [#943] service/object: Do not sign put service message with session token This is invalid operation for storage nodes that receive part of split object. While object is signed by session token, the message itself should be signed by the node key. Signed-off-by: Alex Vanin --- pkg/services/object/put/v2/streamer.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkg/services/object/put/v2/streamer.go b/pkg/services/object/put/v2/streamer.go index a41c9826f5..116ebbf957 100644 --- a/pkg/services/object/put/v2/streamer.go +++ b/pkg/services/object/put/v2/streamer.go @@ -4,7 +4,6 @@ import ( "errors" "fmt" - "github.com/nspcc-dev/neofs-api-go/pkg/session" "github.com/nspcc-dev/neofs-api-go/v2/object" "github.com/nspcc-dev/neofs-api-go/v2/rpc" sessionV2 "github.com/nspcc-dev/neofs-api-go/v2/session" @@ -97,13 +96,15 @@ func (s *streamer) Send(req *object.PutRequest) (err error) { metaHdr := new(sessionV2.RequestMetaHeader) meta := req.GetMetaHeader() - st := session.NewTokenFromV2(meta.GetSessionToken()) metaHdr.SetTTL(meta.GetTTL() - 1) metaHdr.SetOrigin(meta) req.SetMetaHeader(metaHdr) - key, err := s.keyStorage.GetKey(st) + // session token should not be used there + // otherwise remote nodes won't be able to + // process received part of split object + key, err := s.keyStorage.GetKey(nil) if err != nil { return err }