do not disable root for invalid API config values (#17386)

This commit is contained in:
Harshavardhana 2023-06-08 15:50:06 -07:00 committed by GitHub
parent 6e38d0f3ab
commit b829e80ecb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 55 additions and 29 deletions

View File

@ -97,8 +97,17 @@ func (t *apiConfig) init(cfg api.Config, setDriveCounts []int) {
t.mu.Lock()
defer t.mu.Unlock()
t.clusterDeadline = cfg.ClusterDeadline
t.corsAllowOrigins = cfg.CorsAllowOrigin
clusterDeadline := cfg.ClusterDeadline
if clusterDeadline == 0 {
clusterDeadline = 10 * time.Second
}
t.clusterDeadline = clusterDeadline
corsAllowOrigin := cfg.CorsAllowOrigin
if len(corsAllowOrigin) == 0 {
corsAllowOrigin = []string{"*"}
}
t.corsAllowOrigins = corsAllowOrigin
maxSetDrives := 0
for _, setDriveCount := range setDriveCounts {
t.totalDriveCount += setDriveCount
@ -136,13 +145,16 @@ func (t *apiConfig) init(cfg api.Config, setDriveCounts []int) {
t.requestsPool = make(chan struct{}, apiRequestsMaxPerNode)
}
t.requestsDeadline = cfg.RequestsDeadline
t.listQuorum = cfg.ListQuorum
listQuorum := cfg.ListQuorum
if listQuorum == "" {
listQuorum = "strict"
}
t.listQuorum = listQuorum
if globalReplicationPool != nil &&
cfg.ReplicationPriority != t.replicationPriority {
globalReplicationPool.ResizeWorkerPriority(cfg.ReplicationPriority)
}
t.replicationPriority = cfg.ReplicationPriority
if globalTransitionState != nil && cfg.TransitionWorkers != t.transitionWorkers {
globalTransitionState.UpdateWorkers(cfg.TransitionWorkers)
}
@ -181,6 +193,10 @@ func (t *apiConfig) getListQuorum() string {
t.mu.RLock()
defer t.mu.RUnlock()
if t.listQuorum == "" {
return "strict"
}
return t.listQuorum
}
@ -188,6 +204,10 @@ func (t *apiConfig) getCorsAllowOrigins() []string {
t.mu.RLock()
defer t.mu.RUnlock()
if len(t.corsAllowOrigins) == 0 {
return []string{"*"}
}
corsAllowOrigins := make([]string, len(t.corsAllowOrigins))
copy(corsAllowOrigins, t.corsAllowOrigins)
return corsAllowOrigins
@ -316,6 +336,10 @@ func (t *apiConfig) getReplicationPriority() string {
t.mu.RLock()
defer t.mu.RUnlock()
if t.replicationPriority == "" {
return "auto"
}
return t.replicationPriority
}
@ -323,5 +347,9 @@ func (t *apiConfig) getTransitionWorkers() int {
t.mu.RLock()
defer t.mu.RUnlock()
if t.transitionWorkers <= 0 {
return runtime.GOMAXPROCS(0) / 2
}
return t.transitionWorkers
}

View File

@ -21,7 +21,6 @@ import (
"encoding/json"
"errors"
"fmt"
"runtime"
"strconv"
"strings"
"time"
@ -180,12 +179,23 @@ func LookupConfig(kvs config.KVS) (cfg Config, err error) {
return cfg, err
}
disableODirect := env.Get(EnvAPIDisableODirect, kvs.Get(apiDisableODirect)) == config.EnableOn
gzipObjects := env.Get(EnvAPIGzipObjects, kvs.Get(apiGzipObjects)) == config.EnableOn
rootAccess := env.Get(EnvAPIRootAccess, kvs.Get(apiRootAccess)) == config.EnableOn
cfg = Config{
DisableODirect: disableODirect,
GzipObjects: gzipObjects,
RootAccess: rootAccess,
}
// Check environment variables parameters
requestsMax, err := strconv.Atoi(env.Get(EnvAPIRequestsMax, kvs.GetWithDefault(apiRequestsMax, DefaultKVS)))
if err != nil {
return cfg, err
}
cfg.RequestsMax = requestsMax
if requestsMax < 0 {
return cfg, errors.New("invalid API max requests value")
}
@ -194,28 +204,33 @@ func LookupConfig(kvs config.KVS) (cfg Config, err error) {
if err != nil {
return cfg, err
}
cfg.RequestsDeadline = requestsDeadline
clusterDeadline, err := time.ParseDuration(env.Get(EnvAPIClusterDeadline, kvs.GetWithDefault(apiClusterDeadline, DefaultKVS)))
if err != nil {
return cfg, err
}
cfg.ClusterDeadline = clusterDeadline
corsAllowOrigin := strings.Split(env.Get(EnvAPICorsAllowOrigin, kvs.Get(apiCorsAllowOrigin)), ",")
if len(corsAllowOrigin) == 0 {
corsAllowOrigin = []string{"*"} // defaults to '*'
}
cfg.CorsAllowOrigin = corsAllowOrigin
remoteTransportDeadline, err := time.ParseDuration(env.Get(EnvAPIRemoteTransportDeadline, kvs.GetWithDefault(apiRemoteTransportDeadline, DefaultKVS)))
if err != nil {
return cfg, err
}
cfg.RemoteTransportDeadline = remoteTransportDeadline
listQuorum := env.Get(EnvAPIListQuorum, kvs.GetWithDefault(apiListQuorum, DefaultKVS))
switch listQuorum {
case "strict", "optimal", "reduced", "disk":
default:
return cfg, fmt.Errorf("invalid value %v for list_quorum", listQuorum)
return cfg, fmt.Errorf("invalid value %v for list_quorum: will default to 'strict'", listQuorum)
}
cfg.ListQuorum = listQuorum
replicationPriority := env.Get(EnvAPIReplicationPriority, kvs.GetWithDefault(apiReplicationPriority, DefaultKVS))
switch replicationPriority {
@ -223,14 +238,13 @@ func LookupConfig(kvs config.KVS) (cfg Config, err error) {
default:
return cfg, fmt.Errorf("invalid value %v for replication_priority", replicationPriority)
}
cfg.ReplicationPriority = replicationPriority
transitionWorkers, err := strconv.Atoi(env.Get(EnvAPITransitionWorkers, kvs.GetWithDefault(apiTransitionWorkers, DefaultKVS)))
if err != nil {
return cfg, err
}
if transitionWorkers < runtime.GOMAXPROCS(0)/2 {
return cfg, config.ErrInvalidTransitionWorkersValue(nil)
}
cfg.TransitionWorkers = transitionWorkers
v := env.Get(EnvAPIDeleteCleanupInterval, kvs.Get(apiDeleteCleanupInterval))
if v == "" {
@ -241,35 +255,19 @@ func LookupConfig(kvs config.KVS) (cfg Config, err error) {
if err != nil {
return cfg, err
}
cfg.DeleteCleanupInterval = deleteCleanupInterval
staleUploadsCleanupInterval, err := time.ParseDuration(env.Get(EnvAPIStaleUploadsCleanupInterval, kvs.GetWithDefault(apiStaleUploadsCleanupInterval, DefaultKVS)))
if err != nil {
return cfg, err
}
cfg.StaleUploadsCleanupInterval = staleUploadsCleanupInterval
staleUploadsExpiry, err := time.ParseDuration(env.Get(EnvAPIStaleUploadsExpiry, kvs.GetWithDefault(apiStaleUploadsExpiry, DefaultKVS)))
if err != nil {
return cfg, err
}
cfg.StaleUploadsExpiry = staleUploadsExpiry
disableODirect := env.Get(EnvAPIDisableODirect, kvs.Get(apiDisableODirect)) == config.EnableOn
gzipObjects := env.Get(EnvAPIGzipObjects, kvs.Get(apiGzipObjects)) == config.EnableOn
rootAccess := env.Get(EnvAPIRootAccess, kvs.Get(apiRootAccess)) == config.EnableOn
return Config{
RequestsMax: requestsMax,
RequestsDeadline: requestsDeadline,
ClusterDeadline: clusterDeadline,
CorsAllowOrigin: corsAllowOrigin,
RemoteTransportDeadline: remoteTransportDeadline,
ListQuorum: listQuorum,
ReplicationPriority: replicationPriority,
TransitionWorkers: transitionWorkers,
StaleUploadsCleanupInterval: staleUploadsCleanupInterval,
StaleUploadsExpiry: staleUploadsExpiry,
DeleteCleanupInterval: deleteCleanupInterval,
DisableODirect: disableODirect,
GzipObjects: gzipObjects,
RootAccess: rootAccess,
}, nil
return cfg, nil
}