fix(aliyun-oss): avoid duplicated bucket in canonicalized resource for path-style

[polyrabbit]

When using PrivateLink to access OSS, users must use the path-style access method. For more information, see
https://help.aliyun.com/zh/oss/user-guide/access-oss-via-privatelink-network

But reqsign currently does not support path-style signature, it always duplicates the bucket name in the path, which causes signature failure. A valid string to sign should be like:

GET


Wed, 25 Feb 2026 13:53:35 GMT
/test-bucket/

whereas the current code signs this:

GET


Wed, 25 Feb 2026 13:52:33 GMT
/test-bucket/test-bucket

[Xuanwo]

I don't understand how could this happen. Can you share your config about endpoint and bucket?

[polyrabbit]

In our environment, we can only access OSS via the VPC PrivateLink endpoint, and this PrivateLink endpoint only supports path-style addressing. When using path-style addressing, it triggers a signing bug in reqsign, resulting in the following error:

OssError { code: "SignatureDoesNotMatch", message: "The request signature we calculated does not match the signature you provided. Check your key and signing method."

I also extracted a minimal reproduction snippet:

const BUCKET: &str = "test-bucket";
const ENDPOINT_PRIVATELINK: &str = "http://ep-xxxxxxx-cn-shanghai-m.oss.cn-shanghai.privatelink.aliyuncs.com";
const ACCESS_KEY_ID: &str = "xxxxxxxxxxxxxxxxxxxx";
const ACCESS_KEY_SECRET: &str = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";

#[tokio::main]
async fn main() -> Result<()> {
    env_logger::init();

    let op = Operator::new(
        Oss::default()
            .endpoint(ENDPOINT_PRIVATELINK)
            .bucket(BUCKET)
            .access_key_id(ACCESS_KEY_ID)
            .access_key_secret(ACCESS_KEY_SECRET)
            .addressing_style("path"),
    )?
    .finish();

    let entries = op.list("/").await?;
    for entry in entries {
        println!("{}", entry.path());
    }

    Ok(())
}