mirror of
https://github.com/minio/minio.git
synced 2025-01-11 23:13:23 -05:00
upgrade golang-lint to the latest (#15600)
This commit is contained in:
parent
d7cd857c7c
commit
433b6fa8fe
2
.github/workflows/go-cross.yml
vendored
2
.github/workflows/go-cross.yml
vendored
@ -20,7 +20,7 @@ jobs:
|
|||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
go-version: [1.18.x]
|
go-version: [1.18.x, 1.19.x]
|
||||||
os: [ubuntu-latest]
|
os: [ubuntu-latest]
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2
|
- uses: actions/checkout@629c2de402a417ea7690ca6ce3f33229e27606a5 # v2
|
||||||
|
2
.github/workflows/go-healing.yml
vendored
2
.github/workflows/go-healing.yml
vendored
@ -20,7 +20,7 @@ jobs:
|
|||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
go-version: [1.18.x]
|
go-version: [1.18.x, 1.19.x]
|
||||||
os: [ubuntu-latest]
|
os: [ubuntu-latest]
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v2
|
||||||
|
2
.github/workflows/go-lint.yml
vendored
2
.github/workflows/go-lint.yml
vendored
@ -20,7 +20,7 @@ jobs:
|
|||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
go-version: [1.18.x]
|
go-version: [1.18.x, 1.19.x]
|
||||||
os: [ubuntu-latest, windows-latest]
|
os: [ubuntu-latest, windows-latest]
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v2
|
||||||
|
2
.github/workflows/go.yml
vendored
2
.github/workflows/go.yml
vendored
@ -20,7 +20,7 @@ jobs:
|
|||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
go-version: [1.18.x]
|
go-version: [1.18.x, 1.19.x]
|
||||||
os: [ubuntu-latest]
|
os: [ubuntu-latest]
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v2
|
||||||
|
2
.github/workflows/replication.yaml
vendored
2
.github/workflows/replication.yaml
vendored
@ -21,7 +21,7 @@ jobs:
|
|||||||
|
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
go-version: [1.18.x]
|
go-version: [1.18.x, 1.19.x]
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v2
|
- uses: actions/checkout@v2
|
||||||
|
2
.github/workflows/upgrade-ci-cd.yaml
vendored
2
.github/workflows/upgrade-ci-cd.yaml
vendored
@ -20,7 +20,7 @@ jobs:
|
|||||||
runs-on: ${{ matrix.os }}
|
runs-on: ${{ matrix.os }}
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
go-version: [1.18.x]
|
go-version: [1.18.x, 1.19.x]
|
||||||
os: [ubuntu-latest]
|
os: [ubuntu-latest]
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
|
@ -1,8 +1,9 @@
|
|||||||
linters-settings:
|
linters-settings:
|
||||||
golint:
|
golint:
|
||||||
min-confidence: 0
|
min-confidence: 0
|
||||||
|
|
||||||
gofumpt:
|
gofumpt:
|
||||||
lang-version: "1.17"
|
lang-version: "1.18"
|
||||||
|
|
||||||
# Choose whether or not to use the extra rules that are disabled
|
# Choose whether or not to use the extra rules that are disabled
|
||||||
# by default
|
# by default
|
||||||
@ -20,11 +21,10 @@ linters:
|
|||||||
- govet
|
- govet
|
||||||
- revive
|
- revive
|
||||||
- ineffassign
|
- ineffassign
|
||||||
- deadcode
|
|
||||||
- gomodguard
|
- gomodguard
|
||||||
- gofmt
|
- gofmt
|
||||||
- unconvert
|
- unconvert
|
||||||
- varcheck
|
- unused
|
||||||
- gocritic
|
- gocritic
|
||||||
- gofumpt
|
- gofumpt
|
||||||
- tenv
|
- tenv
|
||||||
|
2
Makefile
2
Makefile
@ -19,7 +19,7 @@ help: ## print this help
|
|||||||
|
|
||||||
getdeps: ## fetch necessary dependencies
|
getdeps: ## fetch necessary dependencies
|
||||||
@mkdir -p ${GOPATH}/bin
|
@mkdir -p ${GOPATH}/bin
|
||||||
@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin v1.45.2
|
@echo "Installing golangci-lint" && curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(GOPATH)/bin
|
||||||
@echo "Installing msgp" && go install -v github.com/tinylib/msgp@v1.1.7-0.20211026165309-e818a1881b0e
|
@echo "Installing msgp" && go install -v github.com/tinylib/msgp@v1.1.7-0.20211026165309-e818a1881b0e
|
||||||
@echo "Installing stringer" && go install -v golang.org/x/tools/cmd/stringer@latest
|
@echo "Installing stringer" && go install -v golang.org/x/tools/cmd/stringer@latest
|
||||||
|
|
||||||
|
@ -291,6 +291,7 @@ func checkClaimsFromToken(r *http.Request, cred auth.Credentials) (map[string]in
|
|||||||
// - validates the request signature
|
// - validates the request signature
|
||||||
// - validates the policy action if anonymous tests bucket policies if any,
|
// - validates the policy action if anonymous tests bucket policies if any,
|
||||||
// for authenticated requests validates IAM policies.
|
// for authenticated requests validates IAM policies.
|
||||||
|
//
|
||||||
// returns APIErrorCode if any to be replied to the client.
|
// returns APIErrorCode if any to be replied to the client.
|
||||||
func checkRequestAuthType(ctx context.Context, r *http.Request, action policy.Action, bucketName, objectName string) (s3Err APIErrorCode) {
|
func checkRequestAuthType(ctx context.Context, r *http.Request, action policy.Action, bucketName, objectName string) (s3Err APIErrorCode) {
|
||||||
_, _, s3Err = checkRequestAuthTypeCredential(ctx, r, action, bucketName, objectName)
|
_, _, s3Err = checkRequestAuthTypeCredential(ctx, r, action, bucketName, objectName)
|
||||||
@ -301,6 +302,7 @@ func checkRequestAuthType(ctx context.Context, r *http.Request, action policy.Ac
|
|||||||
// - validates the request signature
|
// - validates the request signature
|
||||||
// - validates the policy action if anonymous tests bucket policies if any,
|
// - validates the policy action if anonymous tests bucket policies if any,
|
||||||
// for authenticated requests validates IAM policies.
|
// for authenticated requests validates IAM policies.
|
||||||
|
//
|
||||||
// returns APIErrorCode if any to be replied to the client.
|
// returns APIErrorCode if any to be replied to the client.
|
||||||
// Additionally returns the accessKey used in the request, and if this request is by an admin.
|
// Additionally returns the accessKey used in the request, and if this request is by an admin.
|
||||||
func checkRequestAuthTypeCredential(ctx context.Context, r *http.Request, action policy.Action, bucketName, objectName string) (cred auth.Credentials, owner bool, s3Err APIErrorCode) {
|
func checkRequestAuthTypeCredential(ctx context.Context, r *http.Request, action policy.Action, bucketName, objectName string) (cred auth.Credentials, owner bool, s3Err APIErrorCode) {
|
||||||
|
@ -26,6 +26,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// healTask represents what to heal along with options
|
// healTask represents what to heal along with options
|
||||||
|
//
|
||||||
// path: '/' => Heal disk formats along with metadata
|
// path: '/' => Heal disk formats along with metadata
|
||||||
// path: 'bucket/' or '/bucket/' => Heal bucket
|
// path: 'bucket/' or '/bucket/' => Heal bucket
|
||||||
// path: 'bucket/object' => Heal object
|
// path: 'bucket/object' => Heal object
|
||||||
|
@ -67,10 +67,15 @@ const (
|
|||||||
// - Check if a bucket has an entry in etcd backend
|
// - Check if a bucket has an entry in etcd backend
|
||||||
// -- If no, make an entry
|
// -- If no, make an entry
|
||||||
// -- If yes, check if the entry matches local IP check if we
|
// -- If yes, check if the entry matches local IP check if we
|
||||||
|
//
|
||||||
// need to update the entry then proceed to update
|
// need to update the entry then proceed to update
|
||||||
|
//
|
||||||
// -- If yes, check if the IP of entry matches local IP.
|
// -- If yes, check if the IP of entry matches local IP.
|
||||||
|
//
|
||||||
// This means entry is for this instance.
|
// This means entry is for this instance.
|
||||||
|
//
|
||||||
// -- If IP of the entry doesn't match, this means entry is
|
// -- If IP of the entry doesn't match, this means entry is
|
||||||
|
//
|
||||||
// for another instance. Log an error to console.
|
// for another instance. Log an error to console.
|
||||||
func initFederatorBackend(buckets []BucketInfo, objLayer ObjectLayer) {
|
func initFederatorBackend(buckets []BucketInfo, objLayer ObjectLayer) {
|
||||||
if len(buckets) == 0 {
|
if len(buckets) == 0 {
|
||||||
@ -227,7 +232,6 @@ func (api objectAPIHandlers) GetBucketLocationHandler(w http.ResponseWriter, r *
|
|||||||
// using the Initiate Multipart Upload request, but has not yet been
|
// using the Initiate Multipart Upload request, but has not yet been
|
||||||
// completed or aborted. This operation returns at most 1,000 multipart
|
// completed or aborted. This operation returns at most 1,000 multipart
|
||||||
// uploads in the response.
|
// uploads in the response.
|
||||||
//
|
|
||||||
func (api objectAPIHandlers) ListMultipartUploadsHandler(w http.ResponseWriter, r *http.Request) {
|
func (api objectAPIHandlers) ListMultipartUploadsHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
ctx := newContext(r, w, "ListMultipartUploads")
|
ctx := newContext(r, w, "ListMultipartUploads")
|
||||||
|
|
||||||
|
@ -298,7 +298,6 @@ func proxyRequestByNodeIndex(ctx context.Context, w http.ResponseWriter, r *http
|
|||||||
// This implementation of the GET operation returns some or all (up to 1000)
|
// This implementation of the GET operation returns some or all (up to 1000)
|
||||||
// of the objects in a bucket. You can use the request parameters as selection
|
// of the objects in a bucket. You can use the request parameters as selection
|
||||||
// criteria to return a subset of the objects in a bucket.
|
// criteria to return a subset of the objects in a bucket.
|
||||||
//
|
|
||||||
func (api objectAPIHandlers) ListObjectsV1Handler(w http.ResponseWriter, r *http.Request) {
|
func (api objectAPIHandlers) ListObjectsV1Handler(w http.ResponseWriter, r *http.Request) {
|
||||||
ctx := newContext(r, w, "ListObjectsV1")
|
ctx := newContext(r, w, "ListObjectsV1")
|
||||||
|
|
||||||
|
@ -1377,7 +1377,6 @@ type ReplicationPool struct {
|
|||||||
mrfWorkerWg sync.WaitGroup
|
mrfWorkerWg sync.WaitGroup
|
||||||
once sync.Once
|
once sync.Once
|
||||||
mu sync.Mutex
|
mu sync.Mutex
|
||||||
mrfMutex sync.Mutex
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewReplicationPool creates a pool of replication workers of specified size
|
// NewReplicationPool creates a pool of replication workers of specified size
|
||||||
|
@ -56,6 +56,7 @@ func storeDataUsageInBackend(ctx context.Context, objAPI ObjectLayer, dui <-chan
|
|||||||
}
|
}
|
||||||
|
|
||||||
// loadPrefixUsageFromBackend returns prefix usages found in passed buckets
|
// loadPrefixUsageFromBackend returns prefix usages found in passed buckets
|
||||||
|
//
|
||||||
// e.g.: /testbucket/prefix => 355601334
|
// e.g.: /testbucket/prefix => 355601334
|
||||||
func loadPrefixUsageFromBackend(ctx context.Context, objAPI ObjectLayer, bucket string) (map[string]uint64, error) {
|
func loadPrefixUsageFromBackend(ctx context.Context, objAPI ObjectLayer, bucket string) (map[string]uint64, error) {
|
||||||
z, ok := objAPI.(*erasureServerPools)
|
z, ok := objAPI.(*erasureServerPools)
|
||||||
|
@ -652,6 +652,7 @@ func (z *erasureServerPools) decommissionObject(ctx context.Context, bucket stri
|
|||||||
}
|
}
|
||||||
|
|
||||||
// versionsSorter sorts FileInfo slices by version.
|
// versionsSorter sorts FileInfo slices by version.
|
||||||
|
//
|
||||||
//msgp:ignore versionsSorter
|
//msgp:ignore versionsSorter
|
||||||
type versionsSorter []FileInfo
|
type versionsSorter []FileInfo
|
||||||
|
|
||||||
|
@ -371,6 +371,7 @@ func migrateCacheData(ctx context.Context, c *diskCache, bucket, object, oldfile
|
|||||||
|
|
||||||
// migrate cache contents from old cacheFS format to new backend format
|
// migrate cache contents from old cacheFS format to new backend format
|
||||||
// new format is flat
|
// new format is flat
|
||||||
|
//
|
||||||
// sha(bucket,object)/ <== dir name
|
// sha(bucket,object)/ <== dir name
|
||||||
// - part.1 <== data
|
// - part.1 <== data
|
||||||
// - cache.json <== metadata
|
// - cache.json <== metadata
|
||||||
|
@ -100,10 +100,10 @@ func (t *TreeWalkPool) Release(params listParams) (resultCh chan TreeWalkResult,
|
|||||||
|
|
||||||
// Set - adds a treeWalk to the treeWalkPool.
|
// Set - adds a treeWalk to the treeWalkPool.
|
||||||
// Also starts a timer go-routine that ends when:
|
// Also starts a timer go-routine that ends when:
|
||||||
// 1) time.After() expires after t.timeOut seconds.
|
// 1. time.After() expires after t.timeOut seconds.
|
||||||
// The expiration is needed so that the treeWalk go-routine resources are freed after a timeout
|
// The expiration is needed so that the treeWalk go-routine resources are freed after a timeout
|
||||||
// if the S3 client does only partial listing of objects.
|
// if the S3 client does only partial listing of objects.
|
||||||
// 2) Release() signals the timer go-routine to end on endTimerCh.
|
// 2. Release() signals the timer go-routine to end on endTimerCh.
|
||||||
// During listing the timer should not timeout and end the treeWalk go-routine, hence the
|
// During listing the timer should not timeout and end the treeWalk go-routine, hence the
|
||||||
// timer go-routine should be ended.
|
// timer go-routine should be ended.
|
||||||
func (t *TreeWalkPool) Set(params listParams, resultCh chan TreeWalkResult, endWalkCh chan struct{}) {
|
func (t *TreeWalkPool) Set(params listParams, resultCh chan TreeWalkResult, endWalkCh chan struct{}) {
|
||||||
|
@ -48,7 +48,6 @@ import (
|
|||||||
// if err != nil {
|
// if err != nil {
|
||||||
// log.Fatalln(err)
|
// log.Fatalln(err)
|
||||||
// }
|
// }
|
||||||
//
|
|
||||||
type Chain struct {
|
type Chain struct {
|
||||||
Providers []credentials.Provider
|
Providers []credentials.Provider
|
||||||
curr credentials.Provider
|
curr credentials.Provider
|
||||||
|
@ -48,6 +48,7 @@ func etcdKvsToSet(prefix string, kvs []*mvccpb.KeyValue) set.StringSet {
|
|||||||
|
|
||||||
// Extract path string by stripping off the `prefix` value and the suffix,
|
// Extract path string by stripping off the `prefix` value and the suffix,
|
||||||
// value, usually in the following form.
|
// value, usually in the following form.
|
||||||
|
//
|
||||||
// s := "config/iam/users/foo/config.json"
|
// s := "config/iam/users/foo/config.json"
|
||||||
// prefix := "config/iam/users/"
|
// prefix := "config/iam/users/"
|
||||||
// suffix := "config.json"
|
// suffix := "config.json"
|
||||||
|
@ -322,6 +322,7 @@ func isLocalHost(host string, port string, localPort string) (bool, error) {
|
|||||||
|
|
||||||
// sameLocalAddrs - returns true if two addresses, even with different
|
// sameLocalAddrs - returns true if two addresses, even with different
|
||||||
// formats, point to the same machine, e.g:
|
// formats, point to the same machine, e.g:
|
||||||
|
//
|
||||||
// ':9000' and 'http://localhost:9000/' will return true
|
// ':9000' and 'http://localhost:9000/' will return true
|
||||||
func sameLocalAddrs(addr1, addr2 string) (bool, error) {
|
func sameLocalAddrs(addr1, addr2 string) (bool, error) {
|
||||||
// Extract host & port from given parameters
|
// Extract host & port from given parameters
|
||||||
|
@ -33,6 +33,7 @@ var etagRegex = regexp.MustCompile("\"*?([^\"]*?)\"*?$")
|
|||||||
|
|
||||||
// Validates the preconditions for CopyObjectPart, returns true if CopyObjectPart
|
// Validates the preconditions for CopyObjectPart, returns true if CopyObjectPart
|
||||||
// operation should not proceed. Preconditions supported are:
|
// operation should not proceed. Preconditions supported are:
|
||||||
|
//
|
||||||
// x-amz-copy-source-if-modified-since
|
// x-amz-copy-source-if-modified-since
|
||||||
// x-amz-copy-source-if-unmodified-since
|
// x-amz-copy-source-if-unmodified-since
|
||||||
// x-amz-copy-source-if-match
|
// x-amz-copy-source-if-match
|
||||||
@ -43,6 +44,7 @@ func checkCopyObjectPartPreconditions(ctx context.Context, w http.ResponseWriter
|
|||||||
|
|
||||||
// Validates the preconditions for CopyObject, returns true if CopyObject operation should not proceed.
|
// Validates the preconditions for CopyObject, returns true if CopyObject operation should not proceed.
|
||||||
// Preconditions supported are:
|
// Preconditions supported are:
|
||||||
|
//
|
||||||
// x-amz-copy-source-if-modified-since
|
// x-amz-copy-source-if-modified-since
|
||||||
// x-amz-copy-source-if-unmodified-since
|
// x-amz-copy-source-if-unmodified-since
|
||||||
// x-amz-copy-source-if-match
|
// x-amz-copy-source-if-match
|
||||||
@ -128,6 +130,7 @@ func checkCopyObjectPreconditions(ctx context.Context, w http.ResponseWriter, r
|
|||||||
|
|
||||||
// Validates the preconditions. Returns true if GET/HEAD operation should not proceed.
|
// Validates the preconditions. Returns true if GET/HEAD operation should not proceed.
|
||||||
// Preconditions supported are:
|
// Preconditions supported are:
|
||||||
|
//
|
||||||
// If-Modified-Since
|
// If-Modified-Since
|
||||||
// If-Unmodified-Since
|
// If-Unmodified-Since
|
||||||
// If-Match
|
// If-Match
|
||||||
|
@ -3429,6 +3429,7 @@ func testAPIPutObjectPartHandlerStreaming(obj ObjectLayer, instanceType, bucketN
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TestAPIPutObjectPartHandler - Tests validate the response of PutObjectPart HTTP handler
|
// TestAPIPutObjectPartHandler - Tests validate the response of PutObjectPart HTTP handler
|
||||||
|
//
|
||||||
// for variety of inputs.
|
// for variety of inputs.
|
||||||
func TestAPIPutObjectPartHandler(t *testing.T) {
|
func TestAPIPutObjectPartHandler(t *testing.T) {
|
||||||
defer DetectTestLeak(t)()
|
defer DetectTestLeak(t)()
|
||||||
@ -3743,6 +3744,7 @@ func testAPIPutObjectPartHandler(obj ObjectLayer, instanceType, bucketName strin
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TestAPIListObjectPartsHandlerPreSign - Tests validate the response of ListObjectParts HTTP handler
|
// TestAPIListObjectPartsHandlerPreSign - Tests validate the response of ListObjectParts HTTP handler
|
||||||
|
//
|
||||||
// when signature type of the HTTP request is `Presigned`.
|
// when signature type of the HTTP request is `Presigned`.
|
||||||
func TestAPIListObjectPartsHandlerPreSign(t *testing.T) {
|
func TestAPIListObjectPartsHandlerPreSign(t *testing.T) {
|
||||||
defer DetectTestLeak(t)()
|
defer DetectTestLeak(t)()
|
||||||
@ -3832,6 +3834,7 @@ func testAPIListObjectPartsHandlerPreSign(obj ObjectLayer, instanceType, bucketN
|
|||||||
}
|
}
|
||||||
|
|
||||||
// TestAPIListObjectPartsHandler - Tests validate the response of ListObjectParts HTTP handler
|
// TestAPIListObjectPartsHandler - Tests validate the response of ListObjectParts HTTP handler
|
||||||
|
//
|
||||||
// for variety of success/failure cases.
|
// for variety of success/failure cases.
|
||||||
func TestAPIListObjectPartsHandler(t *testing.T) {
|
func TestAPIListObjectPartsHandler(t *testing.T) {
|
||||||
defer DetectTestLeak(t)()
|
defer DetectTestLeak(t)()
|
||||||
|
@ -50,6 +50,7 @@ const (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// splitZipExtensionPath splits the S3 path to the zip file and the path inside the zip:
|
// splitZipExtensionPath splits the S3 path to the zip file and the path inside the zip:
|
||||||
|
//
|
||||||
// e.g /path/to/archive.zip/backup-2021/myimage.png => /path/to/archive.zip, backup/myimage.png
|
// e.g /path/to/archive.zip/backup-2021/myimage.png => /path/to/archive.zip, backup/myimage.png
|
||||||
func splitZipExtensionPath(input string) (zipPath, object string, err error) {
|
func splitZipExtensionPath(input string) (zipPath, object string, err error) {
|
||||||
idx := strings.Index(input, archivePattern)
|
idx := strings.Index(input, archivePattern)
|
||||||
|
@ -108,6 +108,7 @@ func unescapeQueries(encodedQuery string) (unescapedQueries []string, err error)
|
|||||||
|
|
||||||
// doesPresignV2SignatureMatch - Verify query headers with presigned signature
|
// doesPresignV2SignatureMatch - Verify query headers with presigned signature
|
||||||
// - http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#RESTAuthenticationQueryStringAuth
|
// - http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#RESTAuthenticationQueryStringAuth
|
||||||
|
//
|
||||||
// returns ErrNone if matches. S3 errors otherwise.
|
// returns ErrNone if matches. S3 errors otherwise.
|
||||||
func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
|
func doesPresignV2SignatureMatch(r *http.Request) APIErrorCode {
|
||||||
// r.RequestURI will have raw encoded URI as sent by the client.
|
// r.RequestURI will have raw encoded URI as sent by the client.
|
||||||
|
@ -253,7 +253,6 @@ func parsePreSignV4(query url.Values, region string, stype serviceType) (psv pre
|
|||||||
//
|
//
|
||||||
// Authorization: algorithm Credential=accessKeyID/credScope, \
|
// Authorization: algorithm Credential=accessKeyID/credScope, \
|
||||||
// SignedHeaders=signedHeaders, Signature=signature
|
// SignedHeaders=signedHeaders, Signature=signature
|
||||||
//
|
|
||||||
func parseSignV4(v4Auth string, region string, stype serviceType) (sv signValues, aec APIErrorCode) {
|
func parseSignV4(v4Auth string, region string, stype serviceType) (sv signValues, aec APIErrorCode) {
|
||||||
// credElement is fetched first to skip replacing the space in access key.
|
// credElement is fetched first to skip replacing the space in access key.
|
||||||
credElement := strings.TrimPrefix(strings.Split(strings.TrimSpace(v4Auth), ",")[0], signV4Algorithm)
|
credElement := strings.TrimPrefix(strings.Split(strings.TrimSpace(v4Auth), ",")[0], signV4Algorithm)
|
||||||
|
@ -82,6 +82,7 @@ func validateCredentialfields(t *testing.T, testNum int, expectedCredentials cre
|
|||||||
// A valid format of creadential should be of the following format.
|
// A valid format of creadential should be of the following format.
|
||||||
// Credential = accessKey + SlashSeparator+ scope
|
// Credential = accessKey + SlashSeparator+ scope
|
||||||
// where scope = string.Join([]string{ currTime.Format(yyyymmdd),
|
// where scope = string.Join([]string{ currTime.Format(yyyymmdd),
|
||||||
|
//
|
||||||
// globalMinioDefaultRegion,
|
// globalMinioDefaultRegion,
|
||||||
// "s3",
|
// "s3",
|
||||||
// "aws4_request",
|
// "aws4_request",
|
||||||
|
@ -95,13 +95,13 @@ func getSignedHeaders(signedHeaders http.Header) string {
|
|||||||
// getCanonicalRequest generate a canonical request of style
|
// getCanonicalRequest generate a canonical request of style
|
||||||
//
|
//
|
||||||
// canonicalRequest =
|
// canonicalRequest =
|
||||||
|
//
|
||||||
// <HTTPMethod>\n
|
// <HTTPMethod>\n
|
||||||
// <CanonicalURI>\n
|
// <CanonicalURI>\n
|
||||||
// <CanonicalQueryString>\n
|
// <CanonicalQueryString>\n
|
||||||
// <CanonicalHeaders>\n
|
// <CanonicalHeaders>\n
|
||||||
// <SignedHeaders>\n
|
// <SignedHeaders>\n
|
||||||
// <HashedPayload>
|
// <HashedPayload>
|
||||||
//
|
|
||||||
func getCanonicalRequest(extractedSignedHeaders http.Header, payload, queryStr, urlPath, method string) string {
|
func getCanonicalRequest(extractedSignedHeaders http.Header, payload, queryStr, urlPath, method string) string {
|
||||||
rawQuery := strings.ReplaceAll(queryStr, "+", "%20")
|
rawQuery := strings.ReplaceAll(queryStr, "+", "%20")
|
||||||
encodedPath := s3utils.EncodePath(urlPath)
|
encodedPath := s3utils.EncodePath(urlPath)
|
||||||
@ -170,6 +170,7 @@ func compareSignatureV4(sig1, sig2 string) bool {
|
|||||||
|
|
||||||
// doesPolicySignatureMatch - Verify query headers with post policy
|
// doesPolicySignatureMatch - Verify query headers with post policy
|
||||||
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html
|
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-HTTPPOSTConstructPolicy.html
|
||||||
|
//
|
||||||
// returns ErrNone if the signature matches.
|
// returns ErrNone if the signature matches.
|
||||||
func doesPolicySignatureV4Match(formValues http.Header) (auth.Credentials, APIErrorCode) {
|
func doesPolicySignatureV4Match(formValues http.Header) (auth.Credentials, APIErrorCode) {
|
||||||
// Server region.
|
// Server region.
|
||||||
@ -204,6 +205,7 @@ func doesPolicySignatureV4Match(formValues http.Header) (auth.Credentials, APIEr
|
|||||||
|
|
||||||
// doesPresignedSignatureMatch - Verify query headers with presigned signature
|
// doesPresignedSignatureMatch - Verify query headers with presigned signature
|
||||||
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
|
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
|
||||||
|
//
|
||||||
// returns ErrNone if the signature matches.
|
// returns ErrNone if the signature matches.
|
||||||
func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region string, stype serviceType) APIErrorCode {
|
func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region string, stype serviceType) APIErrorCode {
|
||||||
// Copy request
|
// Copy request
|
||||||
@ -330,6 +332,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region s
|
|||||||
|
|
||||||
// doesSignatureMatch - Verify authorization header with calculated header in accordance with
|
// doesSignatureMatch - Verify authorization header with calculated header in accordance with
|
||||||
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
|
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
|
||||||
|
//
|
||||||
// returns ErrNone if signature matches.
|
// returns ErrNone if signature matches.
|
||||||
func doesSignatureMatch(hashedPayload string, r *http.Request, region string, stype serviceType) APIErrorCode {
|
func doesSignatureMatch(hashedPayload string, r *http.Request, region string, stype serviceType) APIErrorCode {
|
||||||
// Copy request.
|
// Copy request.
|
||||||
|
@ -22,6 +22,7 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// DeleteOptions represents the disk level delete options available for the APIs
|
// DeleteOptions represents the disk level delete options available for the APIs
|
||||||
|
//
|
||||||
//msgp:ignore DeleteOptions
|
//msgp:ignore DeleteOptions
|
||||||
type DeleteOptions struct {
|
type DeleteOptions struct {
|
||||||
Recursive bool
|
Recursive bool
|
||||||
@ -32,8 +33,11 @@ type DeleteOptions struct {
|
|||||||
|
|
||||||
// DiskInfo is an extended type which returns current
|
// DiskInfo is an extended type which returns current
|
||||||
// disk usage per path.
|
// disk usage per path.
|
||||||
//msgp:tuple DiskInfo
|
|
||||||
// The above means that any added/deleted fields are incompatible.
|
// The above means that any added/deleted fields are incompatible.
|
||||||
|
//
|
||||||
|
// The above means that any added/deleted fields are incompatible.
|
||||||
|
//
|
||||||
|
//msgp:tuple DiskInfo
|
||||||
type DiskInfo struct {
|
type DiskInfo struct {
|
||||||
Total uint64
|
Total uint64
|
||||||
Free uint64
|
Free uint64
|
||||||
@ -65,8 +69,11 @@ type DiskMetrics struct {
|
|||||||
type VolsInfo []VolInfo
|
type VolsInfo []VolInfo
|
||||||
|
|
||||||
// VolInfo - represents volume stat information.
|
// VolInfo - represents volume stat information.
|
||||||
//msgp:tuple VolInfo
|
|
||||||
// The above means that any added/deleted fields are incompatible.
|
// The above means that any added/deleted fields are incompatible.
|
||||||
|
//
|
||||||
|
// The above means that any added/deleted fields are incompatible.
|
||||||
|
//
|
||||||
|
//msgp:tuple VolInfo
|
||||||
type VolInfo struct {
|
type VolInfo struct {
|
||||||
// Name of the volume.
|
// Name of the volume.
|
||||||
Name string
|
Name string
|
||||||
@ -77,6 +84,8 @@ type VolInfo struct {
|
|||||||
|
|
||||||
// FilesInfo represent a list of files, additionally
|
// FilesInfo represent a list of files, additionally
|
||||||
// indicates if the list is last.
|
// indicates if the list is last.
|
||||||
|
//
|
||||||
|
//msgp:tuple FileInfo
|
||||||
type FilesInfo struct {
|
type FilesInfo struct {
|
||||||
Files []FileInfo
|
Files []FileInfo
|
||||||
IsTruncated bool
|
IsTruncated bool
|
||||||
@ -91,8 +100,11 @@ func (f FileInfoVersions) Size() (size int64) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// FileInfoVersions represent a list of versions for a given file.
|
// FileInfoVersions represent a list of versions for a given file.
|
||||||
//msgp:tuple FileInfoVersions
|
|
||||||
// The above means that any added/deleted fields are incompatible.
|
// The above means that any added/deleted fields are incompatible.
|
||||||
|
//
|
||||||
|
// The above means that any added/deleted fields are incompatible.
|
||||||
|
//
|
||||||
|
//msgp:tuple FileInfoVersions
|
||||||
type FileInfoVersions struct {
|
type FileInfoVersions struct {
|
||||||
// Name of the volume.
|
// Name of the volume.
|
||||||
Volume string `msg:"v,omitempty"`
|
Volume string `msg:"v,omitempty"`
|
||||||
@ -136,7 +148,6 @@ type RawFileInfo struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// FileInfo - represents file stat information.
|
// FileInfo - represents file stat information.
|
||||||
//msgp:tuple FileInfo
|
|
||||||
// The above means that any added/deleted fields are incompatible.
|
// The above means that any added/deleted fields are incompatible.
|
||||||
// Make sure to bump the internode version at storage-rest-common.go
|
// Make sure to bump the internode version at storage-rest-common.go
|
||||||
type FileInfo struct {
|
type FileInfo struct {
|
||||||
|
@ -64,6 +64,7 @@ func getChunkSignature(cred auth.Credentials, seedSignature string, region strin
|
|||||||
|
|
||||||
// calculateSeedSignature - Calculate seed signature in accordance with
|
// calculateSeedSignature - Calculate seed signature in accordance with
|
||||||
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html
|
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html
|
||||||
|
//
|
||||||
// returns signature, error otherwise if the signature mismatches or any other
|
// returns signature, error otherwise if the signature mismatches or any other
|
||||||
// error while parsing and validating.
|
// error while parsing and validating.
|
||||||
func calculateSeedSignature(r *http.Request) (cred auth.Credentials, signature string, region string, date time.Time, errCode APIErrorCode) {
|
func calculateSeedSignature(r *http.Request) (cred auth.Credentials, signature string, region string, date time.Time, errCode APIErrorCode) {
|
||||||
@ -195,6 +196,7 @@ func (cr *s3ChunkedReader) Close() (err error) {
|
|||||||
|
|
||||||
// Now, we read one chunk from the underlying reader.
|
// Now, we read one chunk from the underlying reader.
|
||||||
// A chunk has the following format:
|
// A chunk has the following format:
|
||||||
|
//
|
||||||
// <chunk-size-as-hex> + ";chunk-signature=" + <signature-as-hex> + "\r\n" + <payload> + "\r\n"
|
// <chunk-size-as-hex> + ";chunk-signature=" + <signature-as-hex> + "\r\n" + <payload> + "\r\n"
|
||||||
//
|
//
|
||||||
// First, we read the chunk size but fail if it is larger
|
// First, we read the chunk size but fail if it is larger
|
||||||
@ -414,6 +416,7 @@ const s3ChunkSignatureStr = ";chunk-signature="
|
|||||||
|
|
||||||
// parses3ChunkExtension removes any s3 specific chunk-extension from buf.
|
// parses3ChunkExtension removes any s3 specific chunk-extension from buf.
|
||||||
// For example,
|
// For example,
|
||||||
|
//
|
||||||
// "10000;chunk-signature=..." => "10000", "chunk-signature=..."
|
// "10000;chunk-signature=..." => "10000", "chunk-signature=..."
|
||||||
func parseS3ChunkExtension(buf []byte) ([]byte, []byte) {
|
func parseS3ChunkExtension(buf []byte) ([]byte, []byte) {
|
||||||
buf = trimTrailingWhitespace(buf)
|
buf = trimTrailingWhitespace(buf)
|
||||||
|
@ -522,6 +522,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithSSO(w http.ResponseWriter, r *http.Requ
|
|||||||
// Connect-compatible identity provider.
|
// Connect-compatible identity provider.
|
||||||
//
|
//
|
||||||
// Eg:-
|
// Eg:-
|
||||||
|
//
|
||||||
// $ curl https://minio:9000/?Action=AssumeRoleWithWebIdentity&WebIdentityToken=<jwt>
|
// $ curl https://minio:9000/?Action=AssumeRoleWithWebIdentity&WebIdentityToken=<jwt>
|
||||||
func (sts *stsAPIHandlers) AssumeRoleWithWebIdentity(w http.ResponseWriter, r *http.Request) {
|
func (sts *stsAPIHandlers) AssumeRoleWithWebIdentity(w http.ResponseWriter, r *http.Request) {
|
||||||
sts.AssumeRoleWithSSO(w, r)
|
sts.AssumeRoleWithSSO(w, r)
|
||||||
@ -531,6 +532,7 @@ func (sts *stsAPIHandlers) AssumeRoleWithWebIdentity(w http.ResponseWriter, r *h
|
|||||||
// OAuth2.0 client credential grants.
|
// OAuth2.0 client credential grants.
|
||||||
//
|
//
|
||||||
// Eg:-
|
// Eg:-
|
||||||
|
//
|
||||||
// $ curl https://minio:9000/?Action=AssumeRoleWithClientGrants&Token=<jwt>
|
// $ curl https://minio:9000/?Action=AssumeRoleWithClientGrants&Token=<jwt>
|
||||||
func (sts *stsAPIHandlers) AssumeRoleWithClientGrants(w http.ResponseWriter, r *http.Request) {
|
func (sts *stsAPIHandlers) AssumeRoleWithClientGrants(w http.ResponseWriter, r *http.Request) {
|
||||||
sts.AssumeRoleWithSSO(w, r)
|
sts.AssumeRoleWithSSO(w, r)
|
||||||
|
@ -127,7 +127,6 @@ func TestMain(m *testing.M) {
|
|||||||
// concurrency level for certain parallel tests.
|
// concurrency level for certain parallel tests.
|
||||||
const testConcurrencyLevel = 10
|
const testConcurrencyLevel = 10
|
||||||
|
|
||||||
//
|
|
||||||
// Excerpts from @lsegal - https://github.com/aws/aws-sdk-js/issues/659#issuecomment-120477258
|
// Excerpts from @lsegal - https://github.com/aws/aws-sdk-js/issues/659#issuecomment-120477258
|
||||||
//
|
//
|
||||||
// User-Agent:
|
// User-Agent:
|
||||||
@ -139,7 +138,6 @@ const testConcurrencyLevel = 10
|
|||||||
// Authorization:
|
// Authorization:
|
||||||
//
|
//
|
||||||
// Is skipped for obvious reasons
|
// Is skipped for obvious reasons
|
||||||
//
|
|
||||||
var ignoredHeaders = map[string]bool{
|
var ignoredHeaders = map[string]bool{
|
||||||
"Authorization": true,
|
"Authorization": true,
|
||||||
"User-Agent": true,
|
"User-Agent": true,
|
||||||
@ -302,6 +300,7 @@ func isSameType(obj1, obj2 interface{}) bool {
|
|||||||
|
|
||||||
// TestServer encapsulates an instantiation of a MinIO instance with a temporary backend.
|
// TestServer encapsulates an instantiation of a MinIO instance with a temporary backend.
|
||||||
// Example usage:
|
// Example usage:
|
||||||
|
//
|
||||||
// s := StartTestServer(t,"Erasure")
|
// s := StartTestServer(t,"Erasure")
|
||||||
// defer s.Stop()
|
// defer s.Stop()
|
||||||
type TestServer struct {
|
type TestServer struct {
|
||||||
@ -1563,10 +1562,13 @@ func prepareTestBackend(ctx context.Context, instanceType string) (ObjectLayer,
|
|||||||
// response for anonymous/unsigned and unknown signature type HTTP request.
|
// response for anonymous/unsigned and unknown signature type HTTP request.
|
||||||
|
|
||||||
// Here is the brief description of some of the arguments to the function below.
|
// Here is the brief description of some of the arguments to the function below.
|
||||||
|
//
|
||||||
// apiRouter - http.Handler with the relevant API endPoint (API endPoint under test) registered.
|
// apiRouter - http.Handler with the relevant API endPoint (API endPoint under test) registered.
|
||||||
// anonReq - unsigned *http.Request to invoke the handler's response for anonymous requests.
|
// anonReq - unsigned *http.Request to invoke the handler's response for anonymous requests.
|
||||||
// policyFunc - function to return bucketPolicy statement which would permit the anonymous request to be served.
|
// policyFunc - function to return bucketPolicy statement which would permit the anonymous request to be served.
|
||||||
|
//
|
||||||
// The test works in 2 steps, here is the description of the steps.
|
// The test works in 2 steps, here is the description of the steps.
|
||||||
|
//
|
||||||
// STEP 1: Call the handler with the unsigned HTTP request (anonReq), assert for the `ErrAccessDenied` error response.
|
// STEP 1: Call the handler with the unsigned HTTP request (anonReq), assert for the `ErrAccessDenied` error response.
|
||||||
func ExecObjectLayerAPIAnonTest(t *testing.T, obj ObjectLayer, testName, bucketName, objectName, instanceType string, apiRouter http.Handler,
|
func ExecObjectLayerAPIAnonTest(t *testing.T, obj ObjectLayer, testName, bucketName, objectName, instanceType string, apiRouter http.Handler,
|
||||||
anonReq *http.Request, bucketPolicy *policy.Policy,
|
anonReq *http.Request, bucketPolicy *policy.Policy,
|
||||||
|
@ -27,11 +27,13 @@ import (
|
|||||||
// // Perform a ObjectLayer.GetObjectInfo to fetch object version information
|
// // Perform a ObjectLayer.GetObjectInfo to fetch object version information
|
||||||
// goiOpts := os.GetOpts()
|
// goiOpts := os.GetOpts()
|
||||||
// gerr := objAPI.GetObjectInfo(ctx, bucket, object, goiOpts)
|
// gerr := objAPI.GetObjectInfo(ctx, bucket, object, goiOpts)
|
||||||
|
//
|
||||||
// if gerr == nil {
|
// if gerr == nil {
|
||||||
// os.SetTransitionState(goi)
|
// os.SetTransitionState(goi)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// // After the overwriting object operation is complete.
|
// // After the overwriting object operation is complete.
|
||||||
|
//
|
||||||
// if jentry, ok := os.ShouldRemoveRemoteObject(); ok {
|
// if jentry, ok := os.ShouldRemoveRemoteObject(); ok {
|
||||||
// err := globalTierJournal.AddEntry(jentry)
|
// err := globalTierJournal.AddEntry(jentry)
|
||||||
// logger.LogIf(ctx, err)
|
// logger.LogIf(ctx, err)
|
||||||
|
@ -51,8 +51,10 @@ func filterMatchingPrefix(entries []string, prefixEntry string) []string {
|
|||||||
// we need to remove this trailing "/" for objects and retain "/" for prefixes before
|
// we need to remove this trailing "/" for objects and retain "/" for prefixes before
|
||||||
// sorting because the trailing "/" can affect the sorting results for certain cases.
|
// sorting because the trailing "/" can affect the sorting results for certain cases.
|
||||||
// Ex. lets say entries = ["a-b/", "a/"] and both are objects.
|
// Ex. lets say entries = ["a-b/", "a/"] and both are objects.
|
||||||
|
//
|
||||||
// sorting with out trailing "/" = ["a", "a-b"]
|
// sorting with out trailing "/" = ["a", "a-b"]
|
||||||
// sorting with trailing "/" = ["a-b/", "a/"]
|
// sorting with trailing "/" = ["a-b/", "a/"]
|
||||||
|
//
|
||||||
// Hence if entries[] does not have a case like the above example then isLeaf() check
|
// Hence if entries[] does not have a case like the above example then isLeaf() check
|
||||||
// can be delayed till the entry is pushed into the TreeWalkResult channel.
|
// can be delayed till the entry is pushed into the TreeWalkResult channel.
|
||||||
// delayIsLeafCheck() returns true if isLeaf can be delayed or false if
|
// delayIsLeafCheck() returns true if isLeaf can be delayed or false if
|
||||||
|
@ -124,7 +124,6 @@ func GetCurrentReleaseTime() (releaseTime time.Time, err error) {
|
|||||||
// https://github.com/moby/moby/blob/master/daemon/initlayer/setup_unix.go#L25
|
// https://github.com/moby/moby/blob/master/daemon/initlayer/setup_unix.go#L25
|
||||||
//
|
//
|
||||||
// "/.dockerenv": "file",
|
// "/.dockerenv": "file",
|
||||||
//
|
|
||||||
func IsDocker() bool {
|
func IsDocker() bool {
|
||||||
if !globalIsCICD {
|
if !globalIsCICD {
|
||||||
_, err := os.Stat("/.dockerenv")
|
_, err := os.Stat("/.dockerenv")
|
||||||
|
@ -390,6 +390,7 @@ func (lc Lifecycle) ComputeAction(obj ObjectOpts) Action {
|
|||||||
// ExpectedExpiryTime calculates the expiry, transition or restore date/time based on a object modtime.
|
// ExpectedExpiryTime calculates the expiry, transition or restore date/time based on a object modtime.
|
||||||
// The expected transition or restore time is always a midnight time following the the object
|
// The expected transition or restore time is always a midnight time following the the object
|
||||||
// modification time plus the number of transition/restore days.
|
// modification time plus the number of transition/restore days.
|
||||||
|
//
|
||||||
// e.g. If the object modtime is `Thu May 21 13:42:50 GMT 2020` and the object should
|
// e.g. If the object modtime is `Thu May 21 13:42:50 GMT 2020` and the object should
|
||||||
// transition in 1 day, then the expected transition time is `Fri, 23 May 2020 00:00:00 GMT`
|
// transition in 1 day, then the expected transition time is `Fri, 23 May 2020 00:00:00 GMT`
|
||||||
func ExpectedExpiryTime(modTime time.Time, days int) time.Time {
|
func ExpectedExpiryTime(modTime time.Time, days int) time.Time {
|
||||||
|
@ -60,7 +60,9 @@ type Config struct {
|
|||||||
|
|
||||||
// BitrotScanCycle returns the configured cycle for the scanner healing
|
// BitrotScanCycle returns the configured cycle for the scanner healing
|
||||||
// -1 for not enabled
|
// -1 for not enabled
|
||||||
|
//
|
||||||
// 0 for contiunous bitrot scanning
|
// 0 for contiunous bitrot scanning
|
||||||
|
//
|
||||||
// >0 interval duration between cycles
|
// >0 interval duration between cycles
|
||||||
func (opts Config) BitrotScanCycle() (d time.Duration) {
|
func (opts Config) BitrotScanCycle() (d time.Duration) {
|
||||||
configMutex.RLock()
|
configMutex.RLock()
|
||||||
|
@ -216,8 +216,11 @@ func validateParity(ssParity, rrsParity, setDriveCount int) (err error) {
|
|||||||
//
|
//
|
||||||
// -- if input storage class is empty then standard is assumed
|
// -- if input storage class is empty then standard is assumed
|
||||||
// -- if input is RRS but RRS is not configured default '2' parity
|
// -- if input is RRS but RRS is not configured default '2' parity
|
||||||
|
//
|
||||||
// for RRS is assumed
|
// for RRS is assumed
|
||||||
|
//
|
||||||
// -- if input is STANDARD but STANDARD is not configured '0' parity
|
// -- if input is STANDARD but STANDARD is not configured '0' parity
|
||||||
|
//
|
||||||
// is returned, the caller is expected to choose the right parity
|
// is returned, the caller is expected to choose the right parity
|
||||||
// at that point.
|
// at that point.
|
||||||
func (sCfg Config) GetParityForSC(sc string) (parity int) {
|
func (sCfg Config) GetParityForSC(sc string) (parity int) {
|
||||||
|
@ -25,7 +25,6 @@
|
|||||||
// with an unique key-encryption-key. Given the correct key-encryption-key the
|
// with an unique key-encryption-key. Given the correct key-encryption-key the
|
||||||
// sealed 'ObjectKey' can be unsealed and the object can be decrypted.
|
// sealed 'ObjectKey' can be unsealed and the object can be decrypted.
|
||||||
//
|
//
|
||||||
//
|
|
||||||
// ## SSE-C
|
// ## SSE-C
|
||||||
//
|
//
|
||||||
// SSE-C computes the key-encryption-key from the client-provided key, an
|
// SSE-C computes the key-encryption-key from the client-provided key, an
|
||||||
@ -51,7 +50,6 @@
|
|||||||
// - object_data := DAREv2_Dec(ObjectKey, enc_object_data)
|
// - object_data := DAREv2_Dec(ObjectKey, enc_object_data)
|
||||||
// Output: object_data
|
// Output: object_data
|
||||||
//
|
//
|
||||||
//
|
|
||||||
// ## SSE-S3
|
// ## SSE-S3
|
||||||
//
|
//
|
||||||
// SSE-S3 can use either a master key or a KMS as root-of-trust.
|
// SSE-S3 can use either a master key or a KMS as root-of-trust.
|
||||||
@ -83,11 +81,12 @@
|
|||||||
// - object_data := DAREv2_Dec(ObjectKey, enc_object_data)
|
// - object_data := DAREv2_Dec(ObjectKey, enc_object_data)
|
||||||
// Output: object_data
|
// Output: object_data
|
||||||
//
|
//
|
||||||
//
|
|
||||||
// ### SSE-S3 and KMS
|
// ### SSE-S3 and KMS
|
||||||
//
|
//
|
||||||
// SSE-S3 requires that the KMS provides two functions:
|
// SSE-S3 requires that the KMS provides two functions:
|
||||||
|
//
|
||||||
// 1. Generate(KeyID) -> (Key, EncKey)
|
// 1. Generate(KeyID) -> (Key, EncKey)
|
||||||
|
//
|
||||||
// 2. Unseal(KeyID, EncKey) -> Key
|
// 2. Unseal(KeyID, EncKey) -> Key
|
||||||
//
|
//
|
||||||
// 1. Encrypt:
|
// 1. Encrypt:
|
||||||
@ -115,5 +114,4 @@
|
|||||||
// - ObjectKey := DAREv2_Dec(KeyEncKey, SealedKey)
|
// - ObjectKey := DAREv2_Dec(KeyEncKey, SealedKey)
|
||||||
// - object_data := DAREv2_Dec(ObjectKey, enc_object_data)
|
// - object_data := DAREv2_Dec(ObjectKey, enc_object_data)
|
||||||
// Output: object_data
|
// Output: object_data
|
||||||
//
|
|
||||||
package crypto
|
package crypto
|
||||||
|
@ -43,9 +43,9 @@ const (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// Type represents an AWS SSE type:
|
// Type represents an AWS SSE type:
|
||||||
// • SSE-C
|
// - SSE-C
|
||||||
// • SSE-S3
|
// - SSE-S3
|
||||||
// • SSE-KMS
|
// - SSE-KMS
|
||||||
type Type interface {
|
type Type interface {
|
||||||
fmt.Stringer
|
fmt.Stringer
|
||||||
|
|
||||||
|
@ -206,7 +206,6 @@ func TestTwoSimultaneousLocksForDifferentResources(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Test refreshing lock - refresh should always return true
|
// Test refreshing lock - refresh should always return true
|
||||||
//
|
|
||||||
func TestSuccessfulLockRefresh(t *testing.T) {
|
func TestSuccessfulLockRefresh(t *testing.T) {
|
||||||
if testing.Short() {
|
if testing.Short() {
|
||||||
t.Skip("skipping test in short mode.")
|
t.Skip("skipping test in short mode.")
|
||||||
|
@ -24,19 +24,18 @@
|
|||||||
// In general, an S3 ETag is an MD5 checksum of the object
|
// In general, an S3 ETag is an MD5 checksum of the object
|
||||||
// content. However, there are many exceptions to this rule.
|
// content. However, there are many exceptions to this rule.
|
||||||
//
|
//
|
||||||
//
|
// # Single-part Upload
|
||||||
// Single-part Upload
|
|
||||||
//
|
//
|
||||||
// In case of a basic single-part PUT operation - without server
|
// In case of a basic single-part PUT operation - without server
|
||||||
// side encryption or object compression - the ETag of an object
|
// side encryption or object compression - the ETag of an object
|
||||||
// is its content MD5.
|
// is its content MD5.
|
||||||
//
|
//
|
||||||
//
|
// # Multi-part Upload
|
||||||
// Multi-part Upload
|
|
||||||
//
|
//
|
||||||
// The ETag of an object does not correspond to its content MD5
|
// The ETag of an object does not correspond to its content MD5
|
||||||
// when the object is uploaded in multiple parts via the S3
|
// when the object is uploaded in multiple parts via the S3
|
||||||
// multipart API. Instead, S3 first computes a MD5 of each part:
|
// multipart API. Instead, S3 first computes a MD5 of each part:
|
||||||
|
//
|
||||||
// e1 := MD5(part-1)
|
// e1 := MD5(part-1)
|
||||||
// e2 := MD5(part-2)
|
// e2 := MD5(part-2)
|
||||||
// ...
|
// ...
|
||||||
@ -45,6 +44,7 @@
|
|||||||
// Then, the ETag of the object is computed as MD5 of all individual
|
// Then, the ETag of the object is computed as MD5 of all individual
|
||||||
// part checksums. S3 also encodes the number of parts into the ETag
|
// part checksums. S3 also encodes the number of parts into the ETag
|
||||||
// by appending a -<number-of-parts> at the end:
|
// by appending a -<number-of-parts> at the end:
|
||||||
|
//
|
||||||
// ETag := MD5(e1 || e2 || e3 ... || eN) || -N
|
// ETag := MD5(e1 || e2 || e3 ... || eN) || -N
|
||||||
//
|
//
|
||||||
// For example: ceb8853ddc5086cc4ab9e149f8f09c88-5
|
// For example: ceb8853ddc5086cc4ab9e149f8f09c88-5
|
||||||
@ -52,7 +52,7 @@
|
|||||||
// However, this scheme is only used for multipart objects that are
|
// However, this scheme is only used for multipart objects that are
|
||||||
// not encrypted.
|
// not encrypted.
|
||||||
//
|
//
|
||||||
// Server-side Encryption
|
// # Server-side Encryption
|
||||||
//
|
//
|
||||||
// S3 specifies three types of server-side-encryption - SSE-C, SSE-S3
|
// S3 specifies three types of server-side-encryption - SSE-C, SSE-S3
|
||||||
// and SSE-KMS - with different semantics w.r.t. ETags.
|
// and SSE-KMS - with different semantics w.r.t. ETags.
|
||||||
@ -75,12 +75,12 @@
|
|||||||
// in case of SSE-C or SSE-KMS except that the ETag is well-formed.
|
// in case of SSE-C or SSE-KMS except that the ETag is well-formed.
|
||||||
//
|
//
|
||||||
// To put all of this into a simple rule:
|
// To put all of this into a simple rule:
|
||||||
|
//
|
||||||
// SSE-S3 : ETag == MD5
|
// SSE-S3 : ETag == MD5
|
||||||
// SSE-C : ETag != MD5
|
// SSE-C : ETag != MD5
|
||||||
// SSE-KMS: ETag != MD5
|
// SSE-KMS: ETag != MD5
|
||||||
//
|
//
|
||||||
//
|
// # Encrypted ETags
|
||||||
// Encrypted ETags
|
|
||||||
//
|
//
|
||||||
// An S3 implementation has to remember the content MD5 of objects
|
// An S3 implementation has to remember the content MD5 of objects
|
||||||
// in case of SSE-S3. However, storing the ETag of an encrypted
|
// in case of SSE-S3. However, storing the ETag of an encrypted
|
||||||
@ -94,8 +94,7 @@
|
|||||||
// encryption schemes. Such an ETag must be decrypted before sent to an
|
// encryption schemes. Such an ETag must be decrypted before sent to an
|
||||||
// S3 client.
|
// S3 client.
|
||||||
//
|
//
|
||||||
//
|
// # S3 Clients
|
||||||
// S3 Clients
|
|
||||||
//
|
//
|
||||||
// There are many different S3 client implementations. Most of them
|
// There are many different S3 client implementations. Most of them
|
||||||
// access the ETag by looking for the HTTP response header key "Etag".
|
// access the ETag by looking for the HTTP response header key "Etag".
|
||||||
@ -221,6 +220,7 @@ func (e ETag) Parts() int {
|
|||||||
// in a random-looking ETag which an S3 client will not accept.
|
// in a random-looking ETag which an S3 client will not accept.
|
||||||
//
|
//
|
||||||
// Hence, a caller has to check:
|
// Hence, a caller has to check:
|
||||||
|
//
|
||||||
// if method == SSE-S3 {
|
// if method == SSE-S3 {
|
||||||
// ETag, err := Decrypt(key, ETag)
|
// ETag, err := Decrypt(key, ETag)
|
||||||
// if err != nil {
|
// if err != nil {
|
||||||
|
@ -64,7 +64,6 @@ func (r wrapReader) ETag() ETag {
|
|||||||
// // Now, we need an io.Reader that can access
|
// // Now, we need an io.Reader that can access
|
||||||
// // the ETag computed over the content.
|
// // the ETag computed over the content.
|
||||||
// reader := etag.Wrap(encryptedContent, content)
|
// reader := etag.Wrap(encryptedContent, content)
|
||||||
//
|
|
||||||
func Wrap(wrapped, content io.Reader) io.Reader {
|
func Wrap(wrapped, content io.Reader) io.Reader {
|
||||||
if t, ok := content.(Tagger); ok {
|
if t, ok := content.(Tagger); ok {
|
||||||
return wrapReader{
|
return wrapReader{
|
||||||
|
@ -72,6 +72,7 @@ func (f *Forwarder) ServeHTTP(w http.ResponseWriter, inReq *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// customErrHandler is originally implemented to avoid having the following error
|
// customErrHandler is originally implemented to avoid having the following error
|
||||||
|
//
|
||||||
// `http: proxy error: context canceled` printed by Golang
|
// `http: proxy error: context canceled` printed by Golang
|
||||||
func (f *Forwarder) customErrHandler(w http.ResponseWriter, r *http.Request, err error) {
|
func (f *Forwarder) customErrHandler(w http.ResponseWriter, r *http.Request, err error) {
|
||||||
if f.Logger != nil && err != context.Canceled {
|
if f.Logger != nil && err != context.Canceled {
|
||||||
|
@ -39,6 +39,7 @@ import (
|
|||||||
|
|
||||||
// Parse parses s as single-key KMS. The given string
|
// Parse parses s as single-key KMS. The given string
|
||||||
// is expected to have the following format:
|
// is expected to have the following format:
|
||||||
|
//
|
||||||
// <key-id>:<base64-key>
|
// <key-id>:<base64-key>
|
||||||
//
|
//
|
||||||
// The returned KMS implementation uses the parsed
|
// The returned KMS implementation uses the parsed
|
||||||
|
@ -27,6 +27,7 @@ import (
|
|||||||
|
|
||||||
// Target is the entity that we will receive
|
// Target is the entity that we will receive
|
||||||
// a single log entry and Send it to the log target
|
// a single log entry and Send it to the log target
|
||||||
|
//
|
||||||
// e.g. Send the log to a http server
|
// e.g. Send the log to a http server
|
||||||
type Target interface {
|
type Target interface {
|
||||||
String() string
|
String() string
|
||||||
@ -126,6 +127,7 @@ func initKafkaTargets(cfgMap map[string]kafka.Config) (tgts []Target, err error)
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Split targets into two groups:
|
// Split targets into two groups:
|
||||||
|
//
|
||||||
// group1 contains all targets of type t
|
// group1 contains all targets of type t
|
||||||
// group2 contains the remaining targets
|
// group2 contains the remaining targets
|
||||||
func splitTargets(targets []Target, t types.TargetType) (group1 []Target, group2 []Target) {
|
func splitTargets(targets []Target, t types.TargetType) (group1 []Target, group2 []Target) {
|
||||||
|
@ -128,9 +128,9 @@ var progressHeader = []byte{
|
|||||||
//
|
//
|
||||||
// Payload specification:
|
// Payload specification:
|
||||||
// Progress message payload is an XML document containing information about the progress of a request.
|
// Progress message payload is an XML document containing information about the progress of a request.
|
||||||
// * BytesScanned => Number of bytes that have been processed before being uncompressed (if the file is compressed).
|
// - BytesScanned => Number of bytes that have been processed before being uncompressed (if the file is compressed).
|
||||||
// * BytesProcessed => Number of bytes that have been processed after being uncompressed (if the file is compressed).
|
// - BytesProcessed => Number of bytes that have been processed after being uncompressed (if the file is compressed).
|
||||||
// * BytesReturned => Current number of bytes of records payload data returned by S3.
|
// - BytesReturned => Current number of bytes of records payload data returned by S3.
|
||||||
//
|
//
|
||||||
// For uncompressed files, BytesScanned and BytesProcessed are equal.
|
// For uncompressed files, BytesScanned and BytesProcessed are equal.
|
||||||
//
|
//
|
||||||
@ -138,11 +138,12 @@ var progressHeader = []byte{
|
|||||||
//
|
//
|
||||||
// <?xml version="1.0" encoding="UTF-8"?>
|
// <?xml version="1.0" encoding="UTF-8"?>
|
||||||
// <Progress>
|
// <Progress>
|
||||||
|
//
|
||||||
// <BytesScanned>512</BytesScanned>
|
// <BytesScanned>512</BytesScanned>
|
||||||
// <BytesProcessed>1024</BytesProcessed>
|
// <BytesProcessed>1024</BytesProcessed>
|
||||||
// <BytesReturned>1024</BytesReturned>
|
// <BytesReturned>1024</BytesReturned>
|
||||||
// </Progress>
|
|
||||||
//
|
//
|
||||||
|
// </Progress>
|
||||||
func newProgressMessage(bytesScanned, bytesProcessed, bytesReturned int64) []byte {
|
func newProgressMessage(bytesScanned, bytesProcessed, bytesReturned int64) []byte {
|
||||||
payload := []byte(`<?xml version="1.0" encoding="UTF-8"?><Progress><BytesScanned>` +
|
payload := []byte(`<?xml version="1.0" encoding="UTF-8"?><Progress><BytesScanned>` +
|
||||||
strconv.FormatInt(bytesScanned, 10) + `</BytesScanned><BytesProcessed>` +
|
strconv.FormatInt(bytesScanned, 10) + `</BytesScanned><BytesProcessed>` +
|
||||||
@ -167,9 +168,9 @@ var statsHeader = []byte{
|
|||||||
//
|
//
|
||||||
// Payload specification:
|
// Payload specification:
|
||||||
// Stats message payload is an XML document containing information about a request's stats when processing is complete.
|
// Stats message payload is an XML document containing information about a request's stats when processing is complete.
|
||||||
// * BytesScanned => Number of bytes that have been processed before being uncompressed (if the file is compressed).
|
// - BytesScanned => Number of bytes that have been processed before being uncompressed (if the file is compressed).
|
||||||
// * BytesProcessed => Number of bytes that have been processed after being uncompressed (if the file is compressed).
|
// - BytesProcessed => Number of bytes that have been processed after being uncompressed (if the file is compressed).
|
||||||
// * BytesReturned => Total number of bytes of records payload data returned by S3.
|
// - BytesReturned => Total number of bytes of records payload data returned by S3.
|
||||||
//
|
//
|
||||||
// For uncompressed files, BytesScanned and BytesProcessed are equal.
|
// For uncompressed files, BytesScanned and BytesProcessed are equal.
|
||||||
//
|
//
|
||||||
@ -177,9 +178,11 @@ var statsHeader = []byte{
|
|||||||
//
|
//
|
||||||
// <?xml version="1.0" encoding="UTF-8"?>
|
// <?xml version="1.0" encoding="UTF-8"?>
|
||||||
// <Stats>
|
// <Stats>
|
||||||
|
//
|
||||||
// <BytesScanned>512</BytesScanned>
|
// <BytesScanned>512</BytesScanned>
|
||||||
// <BytesProcessed>1024</BytesProcessed>
|
// <BytesProcessed>1024</BytesProcessed>
|
||||||
// <BytesReturned>1024</BytesReturned>
|
// <BytesReturned>1024</BytesReturned>
|
||||||
|
//
|
||||||
// </Stats>
|
// </Stats>
|
||||||
func newStatsMessage(bytesScanned, bytesProcessed, bytesReturned int64) []byte {
|
func newStatsMessage(bytesScanned, bytesProcessed, bytesReturned int64) []byte {
|
||||||
payload := []byte(`<?xml version="1.0" encoding="UTF-8"?><Stats><BytesScanned>` +
|
payload := []byte(`<?xml version="1.0" encoding="UTF-8"?><Stats><BytesScanned>` +
|
||||||
|
@ -18,6 +18,7 @@
|
|||||||
package smart
|
package smart
|
||||||
|
|
||||||
// Defined in <linux/nvme_ioctl.h>
|
// Defined in <linux/nvme_ioctl.h>
|
||||||
|
//
|
||||||
//nolint:structcheck,deadcode
|
//nolint:structcheck,deadcode
|
||||||
type nvmePassthruCommand struct {
|
type nvmePassthruCommand struct {
|
||||||
opcode uint8
|
opcode uint8
|
||||||
@ -138,6 +139,7 @@ type nvmeSMARTLog struct {
|
|||||||
} // 512 bytes
|
} // 512 bytes
|
||||||
|
|
||||||
// NVMeDevice represents drive data about NVMe drives
|
// NVMeDevice represents drive data about NVMe drives
|
||||||
|
//
|
||||||
//nolint:structcheck
|
//nolint:structcheck
|
||||||
type NVMeDevice struct {
|
type NVMeDevice struct {
|
||||||
Name string
|
Name string
|
||||||
|
Loading…
Reference in New Issue
Block a user