handler/PUT: Handle signature verification through a custom reader. (#2066)

Change brings in a new signVerifyReader which provides a io.Reader compatible reader, additionally implements Verify() function. Verify() function validates the signature present in the incoming request. This approach is choosen to avoid complexities involved in using io.Pipe(). Thanks to Krishna for his inputs on this. Fixes #2058 Fixes #2054 Fixes #2087
2025-11-20 01:50:24 -05:00 · 2016-07-05 01:04:50 -07:00
parent 0540863663
commit 8a028a9efb
18 changed files with 380 additions and 518 deletions
--- a/xl-v1-multipart.go
+++ b/xl-v1-multipart.go
@@ -302,10 +302,23 @@ func (xl xlObjects) NewMultipartUpload(bucket, object string, meta map[string]st
 	return xl.newMultipartUpload(bucket, object, meta)
 }

-// putObjectPart - reads incoming data until EOF for the part file on
-// an ongoing multipart transaction. Internally incoming data is
-// erasure coded and written across all disks.
-func (xl xlObjects) putObjectPart(bucket string, object string, uploadID string, partID int, size int64, data io.Reader, md5Hex string) (string, error) {
+// PutObjectPart - reads incoming stream and internally erasure codes
+// them. This call is similar to single put operation but it is part
+// of the multipart transcation.
+//
+// Implements S3 compatible Upload Part API.
+func (xl xlObjects) PutObjectPart(bucket, object, uploadID string, partID int, size int64, data io.Reader, md5Hex string) (string, error) {
+	// Verify if bucket is valid.
+	if !IsValidBucketName(bucket) {
+		return "", BucketNameInvalid{Bucket: bucket}
+	}
+	// Verify whether the bucket exists.
+	if !xl.isBucketExist(bucket) {
+		return "", BucketNotFound{Bucket: bucket}
+	}
+	if !IsValidObjectName(object) {
+		return "", ObjectNameInvalid{Bucket: bucket, Object: object}
+	}
 	// Hold the lock and start the operation.
 	uploadIDPath := pathJoin(mpartMetaPrefix, bucket, object, uploadID)
 	nsMutex.Lock(minioMetaBucket, uploadIDPath)
@@ -345,7 +358,7 @@ func (xl xlObjects) putObjectPart(bucket string, object string, uploadID string,
 	if size > 0 {
 		// This is done so that we can avoid erroneous clients sending
 		// more data than the set content size.
-		data = io.LimitReader(data, size+1)
+		data = io.LimitReader(data, size)
 	} // else we read till EOF.

 	// Construct a tee reader for md5sum.
@@ -369,6 +382,16 @@ func (xl xlObjects) putObjectPart(bucket string, object string, uploadID string,
 		size = sizeWritten
 	}

+	// Validate if payload is valid.
+	if isSignVerify(data) {
+		if err = data.(*signVerifyReader).Verify(); err != nil {
+			// Incoming payload wrong, delete the temporary object.
+			xl.deleteObject(minioMetaBucket, tmpPartPath)
+			// Returns md5 mismatch.
+			return "", toObjectErr(err, bucket, object)
+		}
+	}
+
 	// Calculate new md5sum.
 	newMD5Hex := hex.EncodeToString(md5Writer.Sum(nil))
 	if md5Hex != "" {
@@ -422,26 +445,6 @@ func (xl xlObjects) putObjectPart(bucket string, object string, uploadID string,
 	return newMD5Hex, nil
 }

-// PutObjectPart - reads incoming stream and internally erasure codes
-// them. This call is similar to single put operation but it is part
-// of the multipart transcation.
-//
-// Implements S3 compatible Upload Part API.
-func (xl xlObjects) PutObjectPart(bucket, object, uploadID string, partID int, size int64, data io.Reader, md5Hex string) (string, error) {
-	// Verify if bucket is valid.
-	if !IsValidBucketName(bucket) {
-		return "", BucketNameInvalid{Bucket: bucket}
-	}
-	// Verify whether the bucket exists.
-	if !xl.isBucketExist(bucket) {
-		return "", BucketNotFound{Bucket: bucket}
-	}
-	if !IsValidObjectName(object) {
-		return "", ObjectNameInvalid{Bucket: bucket, Object: object}
-	}
-	return xl.putObjectPart(bucket, object, uploadID, partID, size, data, md5Hex)
-}
-
 // listObjectParts - wrapper reading `xl.json` for a given object and
 // uploadID. Lists all the parts captured inside `xl.json` content.
 func (xl xlObjects) listObjectParts(bucket, object, uploadID string, partNumberMarker, maxParts int) (ListPartsInfo, error) {