MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
minio/cmd/generic-handlers_test.go

187 lines
5.5 KiB
Go
Raw Normal View History

update license change for MinIO Signed-off-by: Harshavardhana <harsha@minio.io>
2021-04-18 15:41:13 -04:00
// Copyright (c) 2015-2021 MinIO, Inc.
//
// This file is part of MinIO Object Storage stack
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 03:42:22 -05:00
package cmd
import (
"net/http"
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
"net/http/httptest"
Return error response header only for HEAD method (#6709)
2018-10-26 21:03:17 -04:00
"net/url"
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-22 19:53:35 -04:00
"strconv"
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 03:42:22 -05:00
"testing"
Add support for SSE-S3 server side encryption with vault (#6192) Add support for sse-s3 encryption with vault as KMS. Also refactoring code to make use of headers and functions defined in crypto package and clean up duplicated code.
2018-08-17 15:52:14 -04:00
rename all remaining packages to internal/ (#12418) This is to ensure that there are no projects that try to import `minio/minio/pkg` into their own repo. Any such common packages should go to `https://github.com/minio/pkg`
2021-06-01 17:59:40 -04:00
"github.com/minio/minio/internal/crypto"
perf: websocket grid connectivity for all internode communication (#18461) This PR adds a WebSocket grid feature that allows servers to communicate via a single two-way connection. There are two request types: * Single requests, which are `[]byte => ([]byte, error)`. This is for efficient small roundtrips with small payloads. * Streaming requests which are `[]byte, chan []byte => chan []byte (and error)`, which allows for different combinations of full two-way streams with an initial payload. Only a single stream is created between two machines - and there is, as such, no server/client relation since both sides can initiate and handle requests. Which server initiates the request is decided deterministically on the server names. Requests are made through a mux client and server, which handles message passing, congestion, cancelation, timeouts, etc. If a connection is lost, all requests are canceled, and the calling server will try to reconnect. Registered handlers can operate directly on byte slices or use a higher-level generics abstraction. There is no versioning of handlers/clients, and incompatible changes should be handled by adding new handlers. The request path can be changed to a new one for any protocol changes. First, all servers create a "Manager." The manager must know its address as well as all remote addresses. This will manage all connections. To get a connection to any remote, ask the manager to provide it given the remote address using. ``` func (m *Manager) Connection(host string) *Connection ``` All serverside handlers must also be registered on the manager. This will make sure that all incoming requests are served. The number of in-flight requests and responses must also be given for streaming requests. The "Connection" returned manages the mux-clients. Requests issued to the connection will be sent to the remote. * `func (c *Connection) Request(ctx context.Context, h HandlerID, req []byte) ([]byte, error)` performs a single request and returns the result. Any deadline provided on the request is forwarded to the server, and canceling the context will make the function return at once. * `func (c *Connection) NewStream(ctx context.Context, h HandlerID, payload []byte) (st *Stream, err error)` will initiate a remote call and send the initial payload. ```Go // A Stream is a two-way stream. // All responses *must* be read by the caller. // If the call is canceled through the context, //The appropriate error will be returned. type Stream struct { // Responses from the remote server. // Channel will be closed after an error or when the remote closes. // All responses *must* be read by the caller until either an error is returned or the channel is closed. // Canceling the context will cause the context cancellation error to be returned. Responses <-chan Response // Requests sent to the server. // If the handler is defined with 0 incoming capacity this will be nil. // Channel *must* be closed to signal the end of the stream. // If the request context is canceled, the stream will no longer process requests. Requests chan<- []byte } type Response struct { Msg []byte Err error } ``` There are generic versions of the server/client handlers that allow the use of type safe implementations for data types that support msgpack marshal/unmarshal.
2023-11-20 20:09:35 -05:00
"github.com/minio/minio/internal/grid"
rename all remaining packages to internal/ (#12418) This is to ensure that there are no projects that try to import `minio/minio/pkg` into their own repo. Any such common packages should go to `https://github.com/minio/pkg`
2021-06-01 17:59:40 -04:00
xhttp "github.com/minio/minio/internal/http"
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 03:42:22 -05:00
)
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-01 15:16:54 -04:00
// Tests request guess function for net/rpc requests.
func TestGuessIsRPC(t *testing.T) {
if guessIsRPCReq(nil) {
t.Fatal("Unexpected return for nil request")
}
fix: Better check of RPC type requests (#6927) guessIsRPCReq() considers all POST requests as RPC but doesn't check if this is an object operation API or not, which is actually confusing bucket forwarder handler when it receives a new multipart upload API which is a POST http request. Due to this bug, users having a federated setup are not able to upload a multipart object using an endpoint which doesn't actually contain the specified bucket that will store the object. Hence this commit will fix the described issue.
2018-12-05 17:28:48 -05:00
u, err := url.Parse("http://localhost:9000/minio/lock")
if err != nil {
t.Fatal(err)
}
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-01 15:16:54 -04:00
r := &http.Request{
Proto: "HTTP/1.0",
Implement HTTP POST based RPC (#5840) Added support for new RPC support using HTTP POST. RPC's arguments and reply are Gob encoded and sent as HTTP request/response body. This patch also removes Go RPC based implementation.
2018-06-06 04:51:56 -04:00
Method: http.MethodPost,
fix: Better check of RPC type requests (#6927) guessIsRPCReq() considers all POST requests as RPC but doesn't check if this is an object operation API or not, which is actually confusing bucket forwarder handler when it receives a new multipart upload API which is a POST http request. Due to this bug, users having a federated setup are not able to upload a multipart object using an endpoint which doesn't actually contain the specified bucket that will store the object. Hence this commit will fix the described issue.
2018-12-05 17:28:48 -05:00
URL: u,
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-01 15:16:54 -04:00
}
if !guessIsRPCReq(r) {
t.Fatal("Test shouldn't fail for a possible net/rpc request.")
}
r = &http.Request{
Proto: "HTTP/1.1",
Method: http.MethodGet,
move to GET for internal stream READs instead of POST (#20160) the main reason is to let Go net/http perform necessary book keeping properly, and in essential from consistency point of view its GETs all the way. Deprecate sendFile() as its buggy inside Go runtime.
2024-07-26 08:55:01 -04:00
URL: u,
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-01 15:16:54 -04:00
}
move to GET for internal stream READs instead of POST (#20160) the main reason is to let Go net/http perform necessary book keeping properly, and in essential from consistency point of view its GETs all the way. Deprecate sendFile() as its buggy inside Go runtime.
2024-07-26 08:55:01 -04:00
if !guessIsRPCReq(r) {
t.Fatal("Test shouldn't fail for a possible net/rpc request.")
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-01 15:16:54 -04:00
}
perf: websocket grid connectivity for all internode communication (#18461) This PR adds a WebSocket grid feature that allows servers to communicate via a single two-way connection. There are two request types: * Single requests, which are `[]byte => ([]byte, error)`. This is for efficient small roundtrips with small payloads. * Streaming requests which are `[]byte, chan []byte => chan []byte (and error)`, which allows for different combinations of full two-way streams with an initial payload. Only a single stream is created between two machines - and there is, as such, no server/client relation since both sides can initiate and handle requests. Which server initiates the request is decided deterministically on the server names. Requests are made through a mux client and server, which handles message passing, congestion, cancelation, timeouts, etc. If a connection is lost, all requests are canceled, and the calling server will try to reconnect. Registered handlers can operate directly on byte slices or use a higher-level generics abstraction. There is no versioning of handlers/clients, and incompatible changes should be handled by adding new handlers. The request path can be changed to a new one for any protocol changes. First, all servers create a "Manager." The manager must know its address as well as all remote addresses. This will manage all connections. To get a connection to any remote, ask the manager to provide it given the remote address using. ``` func (m *Manager) Connection(host string) *Connection ``` All serverside handlers must also be registered on the manager. This will make sure that all incoming requests are served. The number of in-flight requests and responses must also be given for streaming requests. The "Connection" returned manages the mux-clients. Requests issued to the connection will be sent to the remote. * `func (c *Connection) Request(ctx context.Context, h HandlerID, req []byte) ([]byte, error)` performs a single request and returns the result. Any deadline provided on the request is forwarded to the server, and canceling the context will make the function return at once. * `func (c *Connection) NewStream(ctx context.Context, h HandlerID, payload []byte) (st *Stream, err error)` will initiate a remote call and send the initial payload. ```Go // A Stream is a two-way stream. // All responses *must* be read by the caller. // If the call is canceled through the context, //The appropriate error will be returned. type Stream struct { // Responses from the remote server. // Channel will be closed after an error or when the remote closes. // All responses *must* be read by the caller until either an error is returned or the channel is closed. // Canceling the context will cause the context cancellation error to be returned. Responses <-chan Response // Requests sent to the server. // If the handler is defined with 0 incoming capacity this will be nil. // Channel *must* be closed to signal the end of the stream. // If the request context is canceled, the stream will no longer process requests. Requests chan<- []byte } type Response struct { Msg []byte Err error } ``` There are generic versions of the server/client handlers that allow the use of type safe implementations for data types that support msgpack marshal/unmarshal.
2023-11-20 20:09:35 -05:00
r = &http.Request{
Proto: "HTTP/1.1",
Method: http.MethodGet,
URL: &url.URL{Path: grid.RoutePath},
}
if !guessIsRPCReq(r) {
t.Fatal("Grid RPC path not detected")
}
separate lock from common grid to avoid epoll contention (#20180) epoll contention on TCP causes latency build-up when we have high volume ingress. This PR is an attempt to relieve this pressure. upstream issue https://github.com/golang/go/issues/65064 It seems to be a deeper problem; haven't yet tried the fix provide in this issue, but however this change without changing the compiler helps. Of course, this is a workaround for now, hoping for a more comprehensive fix from Go runtime.
2024-07-29 14:10:04 -04:00
r = &http.Request{
Proto: "HTTP/1.1",
Method: http.MethodGet,
URL: &url.URL{Path: grid.RouteLockPath},
}
if !guessIsRPCReq(r) {
t.Fatal("Grid RPC path not detected")
}
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-01 15:16:54 -04:00
}
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-22 19:53:35 -04:00
var isHTTPHeaderSizeTooLargeTests = []struct {
header http.Header
shouldFail bool
}{
{header: generateHeader(0, 0), shouldFail: false},
{header: generateHeader(1024, 0), shouldFail: false},
{header: generateHeader(2048, 0), shouldFail: false},
{header: generateHeader(8*1024+1, 0), shouldFail: true},
{header: generateHeader(0, 1024), shouldFail: false},
{header: generateHeader(0, 2048), shouldFail: true},
{header: generateHeader(0, 2048+1), shouldFail: true},
}
func generateHeader(size, usersize int) http.Header {
header := http.Header{}
for i := 0; i < size; i++ {
update rulesguard with new rules (#10392) Co-authored-by: Nitish Tiwari <nitish@minio.io> Co-authored-by: Praveen raj Mani <praveen@minio.io>
2020-09-01 19:58:13 -04:00
header.Set(strconv.Itoa(i), "")
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-22 19:53:35 -04:00
}
userlength := 0
for i := 0; userlength < usersize; i++ {
userlength += len(userMetadataKeyPrefixes[0] + strconv.Itoa(i))
update rulesguard with new rules (#10392) Co-authored-by: Nitish Tiwari <nitish@minio.io> Co-authored-by: Praveen raj Mani <praveen@minio.io>
2020-09-01 19:58:13 -04:00
header.Set(userMetadataKeyPrefixes[0]+strconv.Itoa(i), "")
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-22 19:53:35 -04:00
}
return header
}
func TestIsHTTPHeaderSizeTooLarge(t *testing.T) {
for i, test := range isHTTPHeaderSizeTooLargeTests {
if res := isHTTPHeaderSizeTooLarge(test.header); res != test.shouldFail {
t.Errorf("Test %d: Expected %v got %v", i, res, test.shouldFail)
}
}
}
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-07 18:18:59 -05:00
var containsReservedMetadataTests = []struct {
header http.Header
shouldFail bool
}{
{
header: http.Header{"X-Minio-Key": []string{"value"}},
},
{
refactor cmd/crypto code for SSE handling and parsing (#11045) This commit refactors the code in `cmd/crypto` and separates SSE-S3, SSE-C and SSE-KMS. This commit should not cause any behavior change except for: - `IsRequested(http.Header)` which now returns the requested type {SSE-C, SSE-S3, SSE-KMS} and does not consider SSE-C copy headers. However, SSE-C copy headers alone are anyway not valid.
2020-12-22 12:19:32 -05:00
header: http.Header{crypto.MetaIV: []string{"iv"}},
Enable replication of SSE-C objects (#19107) If site replication enabled across sites, replicate the SSE-C objects as well. These objects could be read from target sites using the same client encryption keys. Signed-off-by: Shubhendu Ram Tripathi <shubhendu@minio.io>
2024-03-28 13:44:56 -04:00
shouldFail: false,
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-07 18:18:59 -05:00
},
{
refactor cmd/crypto code for SSE handling and parsing (#11045) This commit refactors the code in `cmd/crypto` and separates SSE-S3, SSE-C and SSE-KMS. This commit should not cause any behavior change except for: - `IsRequested(http.Header)` which now returns the requested type {SSE-C, SSE-S3, SSE-KMS} and does not consider SSE-C copy headers. However, SSE-C copy headers alone are anyway not valid.
2020-12-22 12:19:32 -05:00
header: http.Header{crypto.MetaAlgorithm: []string{crypto.InsecureSealAlgorithm}},
Enable replication of SSE-C objects (#19107) If site replication enabled across sites, replicate the SSE-C objects as well. These objects could be read from target sites using the same client encryption keys. Signed-off-by: Shubhendu Ram Tripathi <shubhendu@minio.io>
2024-03-28 13:44:56 -04:00
shouldFail: false,
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-07 18:18:59 -05:00
},
{
refactor cmd/crypto code for SSE handling and parsing (#11045) This commit refactors the code in `cmd/crypto` and separates SSE-S3, SSE-C and SSE-KMS. This commit should not cause any behavior change except for: - `IsRequested(http.Header)` which now returns the requested type {SSE-C, SSE-S3, SSE-KMS} and does not consider SSE-C copy headers. However, SSE-C copy headers alone are anyway not valid.
2020-12-22 12:19:32 -05:00
header: http.Header{crypto.MetaSealedKeySSEC: []string{"mac"}},
Enable replication of SSE-C objects (#19107) If site replication enabled across sites, replicate the SSE-C objects as well. These objects could be read from target sites using the same client encryption keys. Signed-off-by: Shubhendu Ram Tripathi <shubhendu@minio.io>
2024-03-28 13:44:56 -04:00
shouldFail: false,
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-07 18:18:59 -05:00
},
{
header: http.Header{ReservedMetadataPrefix + "Key": []string{"value"}},
shouldFail: true,
},
}
func TestContainsReservedMetadata(t *testing.T) {
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-12 23:04:01 -04:00
for _, test := range containsReservedMetadataTests {
test := test
t.Run("", func(t *testing.T) {
contains := containsReservedMetadata(test.header)
if contains && !test.shouldFail {
t.Errorf("contains reserved header but should not fail")
} else if !contains && test.shouldFail {
t.Errorf("does not contain reserved header but failed")
}
})
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-07 18:18:59 -05:00
}
}
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
var sseTLSHandlerTests = []struct {
Return error response header only for HEAD method (#6709)
2018-10-26 21:03:17 -04:00
URL *url.URL
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
Header http.Header
IsTLS, ShouldFail bool
}{
refactor cmd/crypto code for SSE handling and parsing (#11045) This commit refactors the code in `cmd/crypto` and separates SSE-S3, SSE-C and SSE-KMS. This commit should not cause any behavior change except for: - `IsRequested(http.Header)` which now returns the requested type {SSE-C, SSE-S3, SSE-KMS} and does not consider SSE-C copy headers. However, SSE-C copy headers alone are anyway not valid.
2020-12-22 12:19:32 -05:00
{URL: &url.URL{}, Header: http.Header{}, IsTLS: false, ShouldFail: false}, // 0
{URL: &url.URL{}, Header: http.Header{xhttp.AmzServerSideEncryptionCustomerAlgorithm: []string{"AES256"}}, IsTLS: false, ShouldFail: true}, // 1
{URL: &url.URL{}, Header: http.Header{xhttp.AmzServerSideEncryptionCustomerAlgorithm: []string{"AES256"}}, IsTLS: true, ShouldFail: false}, // 2
{URL: &url.URL{}, Header: http.Header{xhttp.AmzServerSideEncryptionCustomerKey: []string{""}}, IsTLS: true, ShouldFail: false}, // 3
{URL: &url.URL{}, Header: http.Header{xhttp.AmzServerSideEncryptionCopyCustomerAlgorithm: []string{""}}, IsTLS: false, ShouldFail: true}, // 4
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
}
func TestSSETLSHandler(t *testing.T) {
update x/net/http2 to address few bugs (#11144) additionally also configure http2 healthcheck values to quickly detect unstable connections and let them timeout. also use single transport for proxying requests
2020-12-22 00:42:38 -05:00
defer func(isSSL bool) { globalIsTLS = isSSL }(globalIsTLS) // reset globalIsTLS after test
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
var okHandler http.HandlerFunc = func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}
for i, test := range sseTLSHandlerTests {
update x/net/http2 to address few bugs (#11144) additionally also configure http2 healthcheck values to quickly detect unstable connections and let them timeout. also use single transport for proxying requests
2020-12-22 00:42:38 -05:00
globalIsTLS = test.IsTLS
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
w := httptest.NewRecorder()
r := new(http.Request)
r.Header = test.Header
Return error response header only for HEAD method (#6709)
2018-10-26 21:03:17 -04:00
r.URL = test.URL
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
fix: set request ID in tracing context key (#17602) Since `addCustomerHeaders` middleware was after the `httpTracer` middleware, the request ID was not set in the http tracing context. By reordering these middleware functions, the request ID header becomes available. We also avoid setting the tracing context key again in `newContext`. Bonus: All middleware functions are renamed with a "Middleware" suffix to avoid confusion with http Handler functions.
2023-07-08 10:31:42 -04:00
h := setRequestValidityMiddleware(okHandler)
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-16 22:22:09 -04:00
h.ServeHTTP(w, r)
switch {
case test.ShouldFail && w.Code == http.StatusOK:
t.Errorf("Test %d: should fail but status code is HTTP %d", i, w.Code)
case !test.ShouldFail && w.Code != http.StatusOK:
t.Errorf("Test %d: should not fail but status code is HTTP %d and not 200 OK", i, w.Code)
}
}
}