henrysher
SignatureDoesNotMatch after udpate to boto3-1.36.2
My Gentoo box has pulled boto3-1.36.2 and ever since, duplicity throws:
Giving up after 3 attempts. S3UploadFailedError: Failed to upload /tmp/duplicity-xxxxxx_2-tempdir/mktemp-xxxxxxxx-3 to mybox-config-xxxxxxxx/duplicity-inc.20250203T044213Z.to.20250205T181016Z.vol1.difftar.gpg: An error occurred (SignatureDoesNotMatch) when calling the PutObject operation: Invalid argument.
I'm using Google cloud storage (nearline) EU region over S3 with --s3-endpoint-url="https://storage.googleapis.com".
There's a corresponding issue over at boto3, but I don't know how the fixes/workarounds proposed there can be applied in the context of duplicity.
Any hint is very much appreciated!
Setting the following fixes the problem:
export AWS_REQUEST_CHECKSUM_CALCULATION="WHEN_REQUIRED"
export AWS_RESPONSE_CHECKSUM_VALIDATION="WHEN_REQUIRED"
However, I don't fully understand whether this comes with downsides. The way I read it, this skips the calculation and validation of checksums when not required (and apparently, that's the case with Duplicity) but should not have any impact encryption or security wise.
Setting the following fixes the problem:
export AWS_REQUEST_CHECKSUM_CALCULATION="WHEN_REQUIRED" export AWS_RESPONSE_CHECKSUM_VALIDATION="WHEN_REQUIRED"However, I don't fully understand whether this comes with downsides. The way I read it, this skips the calculation and validation of checksums when not required (and apparently, that's the case with Duplicity) but should not have any impact encryption or security wise.
3 days brake my head around signature mismatching error:) Thank you.
