MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-21 18:26:04 -05:00
Code Issues Packages Projects Releases Wiki Activity

signature: No need to validate region for getBucketLocation and listBuckets.

Browse Source 
This type of check is added for making sure that we can support
custom regions.

ListBuckets and GetBucketLocation are always "us-east-1" rest
should look for the configured region.

Fixes #1278
This commit is contained in:
Harshavardhana
2016-04-01 22:45:27 -07:00
parent 2c793a2ea7
commit a6a4e7e297
4 changed files with 79 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
object-handlers.go
View File

@@ -601,8 +601,9 @@ func (api objectStorageAPI) PutObjectHandler(w http.ResponseWriter, r *http.Requ
// Create anonymous object.
objectInfo, err = api.ObjectAPI.PutObject(bucket, object, size, r.Body, nil)
case authTypePresigned:
validateRegion := true // Validate region.
// For presigned requests verify them right here.
if apiErr := doesPresignedSignatureMatch(r); apiErr != ErrNone {
if apiErr := doesPresignedSignatureMatch(r, validateRegion); apiErr != ErrNone {
writeErrorResponse(w, r, apiErr, r.URL.Path)
return
}
@@ -622,7 +623,8 @@ func (api objectStorageAPI) PutObjectHandler(w http.ResponseWriter, r *http.Requ
return
}
shaPayload := shaWriter.Sum(nil)
if apiErr := doesSignatureMatch(hex.EncodeToString(shaPayload), r); apiErr != ErrNone {
validateRegion := true // Validate region.
if apiErr := doesSignatureMatch(hex.EncodeToString(shaPayload), r, validateRegion); apiErr != ErrNone {
if apiErr == ErrSignatureDoesNotMatch {
writer.CloseWithError(errSignatureMismatch)
return
@@ -779,8 +781,9 @@ func (api objectStorageAPI) PutObjectPartHandler(w http.ResponseWriter, r *http.
// already allowed.
partMD5, err = api.ObjectAPI.PutObjectPart(bucket, object, uploadID, partID, size, r.Body, hex.EncodeToString(md5Bytes))
case authTypePresigned:
validateRegion := true // Validate region.
// For presigned requests verify right here.
apiErr := doesPresignedSignatureMatch(r)
apiErr := doesPresignedSignatureMatch(r, validateRegion)
if apiErr != ErrNone {
writeErrorResponse(w, r, apiErr, r.URL.Path)
return
@@ -800,7 +803,8 @@ func (api objectStorageAPI) PutObjectPartHandler(w http.ResponseWriter, r *http.
return
}
shaPayload := shaWriter.Sum(nil)
if apiErr := doesSignatureMatch(hex.EncodeToString(shaPayload), r); apiErr != ErrNone {
validateRegion := true // Validate region.
if apiErr := doesSignatureMatch(hex.EncodeToString(shaPayload), r, validateRegion); apiErr != ErrNone {
if apiErr == ErrSignatureDoesNotMatch {
writer.CloseWithError(errSignatureMismatch)
return