mirror of
https://github.com/minio/minio.git
synced 2024-12-24 06:05:55 -05:00
S3 gateway signature probe use a unique bucket (#6190)
This fixes an issue because someone is using `probe-bucket-sign` bucket name in region 'eu-central-1'
This commit is contained in:
parent
2cd14f567c
commit
5acc2a6db1
@ -20,7 +20,9 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"io"
|
"io"
|
||||||
|
"math/rand"
|
||||||
"strings"
|
"strings"
|
||||||
|
"time"
|
||||||
|
|
||||||
"github.com/minio/cli"
|
"github.com/minio/cli"
|
||||||
miniogo "github.com/minio/minio-go"
|
miniogo "github.com/minio/minio-go"
|
||||||
@ -121,6 +123,31 @@ func (g *S3) Name() string {
|
|||||||
return s3Backend
|
return s3Backend
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const letterBytes = "abcdefghijklmnopqrstuvwxyz01234569"
|
||||||
|
const (
|
||||||
|
letterIdxBits = 6 // 6 bits to represent a letter index
|
||||||
|
letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
|
||||||
|
letterIdxMax = 63 / letterIdxBits // # of letter indices fitting in 63 bits
|
||||||
|
)
|
||||||
|
|
||||||
|
// randString generates random names and prepends them with a known prefix.
|
||||||
|
func randString(n int, src rand.Source, prefix string) string {
|
||||||
|
b := make([]byte, n)
|
||||||
|
// A rand.Int63() generates 63 random bits, enough for letterIdxMax letters!
|
||||||
|
for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
|
||||||
|
if remain == 0 {
|
||||||
|
cache, remain = src.Int63(), letterIdxMax
|
||||||
|
}
|
||||||
|
if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
|
||||||
|
b[i] = letterBytes[idx]
|
||||||
|
i--
|
||||||
|
}
|
||||||
|
cache >>= letterIdxBits
|
||||||
|
remain--
|
||||||
|
}
|
||||||
|
return prefix + string(b[0:30-len(prefix)])
|
||||||
|
}
|
||||||
|
|
||||||
// newS3 - Initializes a new client by auto probing S3 server signature.
|
// newS3 - Initializes a new client by auto probing S3 server signature.
|
||||||
func newS3(url, accessKey, secretKey string) (*miniogo.Core, error) {
|
func newS3(url, accessKey, secretKey string) (*miniogo.Core, error) {
|
||||||
if url == "" {
|
if url == "" {
|
||||||
@ -137,13 +164,13 @@ func newS3(url, accessKey, secretKey string) (*miniogo.Core, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
probeBucketName := randString(60, rand.NewSource(time.Now().UnixNano()), "probe-bucket-sign-")
|
||||||
if _, err = clnt.BucketExists("probe-bucket-sign"); err != nil {
|
if _, err = clnt.BucketExists(probeBucketName); err != nil {
|
||||||
clnt, err = miniogo.NewV2(endpoint, accessKey, secretKey, secure)
|
clnt, err = miniogo.NewV2(endpoint, accessKey, secretKey, secure)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
if _, err = clnt.BucketExists("probe-bucket-sign"); err != nil {
|
if _, err = clnt.BucketExists(probeBucketName); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user