diff --git a/cmd/common-main.go b/cmd/common-main.go index 952f31165..55a8aa8cf 100644 --- a/cmd/common-main.go +++ b/cmd/common-main.go @@ -215,11 +215,6 @@ func initConsoleServer() (*restapi.Server, error) { } func verifyObjectLayerFeatures(name string, objAPI ObjectLayer) { - if (GlobalKMS != nil) && !objAPI.IsEncryptionSupported() { - logger.Fatal(errInvalidArgument, - "Encryption support is requested but '%s' does not support encryption", name) - } - if strings.HasPrefix(name, "gateway") { if GlobalGatewaySSE.IsSet() && GlobalKMS == nil { uiErr := config.ErrInvalidGWSSEEnvValue(nil).Msg("MINIO_GATEWAY_SSE set but KMS is not configured") diff --git a/cmd/object-handlers.go b/cmd/object-handlers.go index b64e64c95..d349c3df8 100644 --- a/cmd/object-handlers.go +++ b/cmd/object-handlers.go @@ -900,18 +900,9 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re return } - if _, ok := crypto.IsRequested(r.Header); ok { - if globalIsGateway { - if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } else { - if !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } + if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { + writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) + return } vars := mux.Vars(r) @@ -1455,18 +1446,9 @@ func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Req return } - if _, ok := crypto.IsRequested(r.Header); ok { - if globalIsGateway { - if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } else { - if !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } + if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { + writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) + return } vars := mux.Vars(r) @@ -1791,18 +1773,9 @@ func (api objectAPIHandlers) PutObjectExtractHandler(w http.ResponseWriter, r *h return } - if _, ok := crypto.IsRequested(r.Header); ok { - if globalIsGateway { - if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } else { - if !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } + if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { + writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) + return } vars := mux.Vars(r) @@ -2077,18 +2050,9 @@ func (api objectAPIHandlers) NewMultipartUploadHandler(w http.ResponseWriter, r return } - if _, ok := crypto.IsRequested(r.Header); ok { - if globalIsGateway { - if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } else { - if !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } + if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { + writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) + return } vars := mux.Vars(r) @@ -2528,18 +2492,8 @@ func (api objectAPIHandlers) PutObjectPartHandler(w http.ResponseWriter, r *http return } - if _, ok := crypto.IsRequested(r.Header); ok { - if globalIsGateway { - if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } else { - if !objectAPI.IsEncryptionSupported() { - writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) - return - } - } + if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { + writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) } vars := mux.Vars(r)