MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-02-02 17:35:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1037 from harshavardhana/add-config

Browse Source 
serverConfig: Add a new region config entry.
This commit is contained in:
Harshavardhana 2016-01-17 01:50:30 -08:00
commit 092ed972d0
5 changed files with 76 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
api-signature.go
View File

@ -90,9 +90,12 @@ func getSignedHeadersFromAuth(authHeaderValue string) ([]string, *probe.Error) {
return signedHeaders, nil return signedHeaders, nil
} }
// verify if region value is valid. // verify if region value is valid with configured minioRegion.
func isValidRegion(region string) *probe.Error { func isValidRegion(region string, minioRegion string) *probe.Error {
if region != "us-east-1" && region != "US" { if minioRegion == "" {
minioRegion = "us-east-1"
}
if region != minioRegion && region != "US" {
return probe.NewError(errInvalidRegion) return probe.NewError(errInvalidRegion)
} }
return nil return nil
@ -105,9 +108,6 @@ func stripRegion(authHeaderValue string) (string, *probe.Error) {
return "", err.Trace(authHeaderValue) return "", err.Trace(authHeaderValue)
} }
region := credentialElements[2] region := credentialElements[2]
if err = isValidRegion(region); err != nil {
return "", err.Trace(authHeaderValue)
}
return region, nil return region, nil
} }
@ -129,10 +129,20 @@ func initSignatureV4(req *http.Request) (*fs.Signature, *probe.Error) {
// strip auth from authorization header. // strip auth from authorization header.
authHeaderValue := req.Header.Get("Authorization") authHeaderValue := req.Header.Get("Authorization")
config, err := loadConfigV2()
if err != nil {
return nil, err.Trace()
}
region, err := stripRegion(authHeaderValue) region, err := stripRegion(authHeaderValue)
if err != nil { if err != nil {
return nil, err.Trace(authHeaderValue) return nil, err.Trace(authHeaderValue)
} }
if err = isValidRegion(region, config.Credentials.Region); err != nil {
return nil, err.Trace(authHeaderValue)
}
accessKeyID, err := stripAccessKeyID(authHeaderValue) accessKeyID, err := stripAccessKeyID(authHeaderValue)
if err != nil { if err != nil {
return nil, err.Trace(authHeaderValue) return nil, err.Trace(authHeaderValue)
@ -145,10 +155,6 @@ func initSignatureV4(req *http.Request) (*fs.Signature, *probe.Error) {
if err != nil { if err != nil {
return nil, err.Trace(authHeaderValue) return nil, err.Trace(authHeaderValue)
} }
config, err := loadConfigV2()
if err != nil {
return nil, err.Trace()
}
if config.Credentials.AccessKeyID == accessKeyID { if config.Credentials.AccessKeyID == accessKeyID {
signature := &fs.Signature{ signature := &fs.Signature{
AccessKeyID: config.Credentials.AccessKeyID, AccessKeyID: config.Credentials.AccessKeyID,

17
bucket-handlers.go
View File

@ -217,9 +217,20 @@ func (api CloudStorageAPI) PutBucketHandler(w http.ResponseWriter, req *http.Req
var err *probe.Error var err *probe.Error
signature, err = initSignatureV4(req) signature, err = initSignatureV4(req)
if err != nil { if err != nil {
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) switch err.ToGoError() {
writeErrorResponse(w, req, InternalError, req.URL.Path) case errInvalidRegion:
return errorIf(err.Trace(), "Unknown region in authorization header.", nil)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
return
case errAccessKeyIDInvalid:
errorIf(err.Trace(), "Invalid access key id.", nil)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
return
default:
errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
writeErrorResponse(w, req, InternalError, req.URL.Path)
return
}
} }
} }
} }

51
object-handlers.go
View File

@ -159,9 +159,20 @@ func (api CloudStorageAPI) PutObjectHandler(w http.ResponseWriter, req *http.Req
var err *probe.Error var err *probe.Error
signature, err = initSignatureV4(req) signature, err = initSignatureV4(req)
if err != nil { if err != nil {
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) switch err.ToGoError() {
writeErrorResponse(w, req, InternalError, req.URL.Path) case errInvalidRegion:
return errorIf(err.Trace(), "Unknown region in authorization header.", nil)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
return
case errAccessKeyIDInvalid:
errorIf(err.Trace(), "Invalid access key id.", nil)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
return
default:
errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
writeErrorResponse(w, req, InternalError, req.URL.Path)
return
}
} }
} }
} }
@ -295,9 +306,20 @@ func (api CloudStorageAPI) PutObjectPartHandler(w http.ResponseWriter, req *http
var err *probe.Error var err *probe.Error
signature, err = initSignatureV4(req) signature, err = initSignatureV4(req)
if err != nil { if err != nil {
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) switch err.ToGoError() {
writeErrorResponse(w, req, InternalError, req.URL.Path) case errInvalidRegion:
return errorIf(err.Trace(), "Unknown region in authorization header.", nil)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
return
case errAccessKeyIDInvalid:
errorIf(err.Trace(), "Invalid access key id.", nil)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
return
default:
errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
writeErrorResponse(w, req, InternalError, req.URL.Path)
return
}
} }
} }
} }
@ -439,9 +461,20 @@ func (api CloudStorageAPI) CompleteMultipartUploadHandler(w http.ResponseWriter,
var err *probe.Error var err *probe.Error
signature, err = initSignatureV4(req) signature, err = initSignatureV4(req)
if err != nil { if err != nil {
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) switch err.ToGoError() {
writeErrorResponse(w, req, InternalError, req.URL.Path) case errInvalidRegion:
return errorIf(err.Trace(), "Unknown region in authorization header.", nil)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
return
case errAccessKeyIDInvalid:
errorIf(err.Trace(), "Invalid access key id.", nil)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
return
default:
errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
writeErrorResponse(w, req, InternalError, req.URL.Path)
return
}
} }
} }
} }

2
server-config.go
View File

@ -42,6 +42,7 @@ type configV2 struct {
Credentials struct { Credentials struct {
AccessKeyID string `json:"accessKeyId"` AccessKeyID string `json:"accessKeyId"`
SecretAccessKey string `json:"secretAccessKey"` SecretAccessKey string `json:"secretAccessKey"`
Region string `json:"region"`
} `json:"credentials"` } `json:"credentials"`
MongoLogger struct { MongoLogger struct {
Addr string `json:"addr"` Addr string `json:"addr"`
@ -249,6 +250,7 @@ func newConfigV2() *configV2 {
config.Version = "2" config.Version = "2"
config.Credentials.AccessKeyID = "" config.Credentials.AccessKeyID = ""
config.Credentials.SecretAccessKey = "" config.Credentials.SecretAccessKey = ""
config.Credentials.Region = "us-east-1"
config.MongoLogger.Addr = "" config.MongoLogger.Addr = ""
config.MongoLogger.DB = "" config.MongoLogger.DB = ""
config.MongoLogger.Collection = "" config.MongoLogger.Collection = ""

3
server-main.go
View File

@ -78,7 +78,7 @@ type cloudServerConfig struct {
MinFreeDisk int64 // Minimum free disk space for filesystem MinFreeDisk int64 // Minimum free disk space for filesystem
Expiry time.Duration // Set auto expiry for filesystem Expiry time.Duration // Set auto expiry for filesystem
// TLS service /// TLS service
TLS bool // TLS on when certs are specified TLS bool // TLS on when certs are specified
CertFile string // Domain certificate CertFile string // Domain certificate
KeyFile string // Domain key KeyFile string // Domain key
@ -206,6 +206,7 @@ func getConfig() (*configV2, *probe.Error) {
config.Version = "2" config.Version = "2"
config.Credentials.AccessKeyID = string(mustGenerateAccessKeyID()) config.Credentials.AccessKeyID = string(mustGenerateAccessKeyID())
config.Credentials.SecretAccessKey = string(mustGenerateSecretAccessKey()) config.Credentials.SecretAccessKey = string(mustGenerateSecretAccessKey())
config.Credentials.Region = "us-east-1"
if err := saveConfig(config); err != nil { if err := saveConfig(config); err != nil {
return nil, err.Trace() return nil, err.Trace()
} }