mirror of
https://github.com/minio/minio.git
synced 2024-12-25 06:35:56 -05:00
credentials: min/max length check for credentials.
This commit is contained in:
parent
2395c42fb5
commit
e318925f62
@ -44,10 +44,10 @@ const (
|
|||||||
)
|
)
|
||||||
|
|
||||||
// isValidSecretKey - validate secret key.
|
// isValidSecretKey - validate secret key.
|
||||||
var isValidSecretKey = regexp.MustCompile("^.{40}$")
|
var isValidSecretKey = regexp.MustCompile("^.{8,40}$")
|
||||||
|
|
||||||
// isValidAccessKey - validate access key.
|
// isValidAccessKey - validate access key.
|
||||||
var isValidAccessKey = regexp.MustCompile("^[A-Z0-9\\-\\.\\_\\~]{20}$")
|
var isValidAccessKey = regexp.MustCompile("^[a-zA-Z0-9\\-\\.\\_\\~]{5,20}$")
|
||||||
|
|
||||||
// mustGenAccessKeys - must generate access credentials.
|
// mustGenAccessKeys - must generate access credentials.
|
||||||
func mustGenAccessKeys() (creds credential) {
|
func mustGenAccessKeys() (creds credential) {
|
||||||
|
@ -311,11 +311,11 @@ func (web *webAPI) SetAuth(r *http.Request, args *SetAuthArgs, reply *SetAuthRep
|
|||||||
if !isJWTReqAuthenticated(r) {
|
if !isJWTReqAuthenticated(r) {
|
||||||
return &json2.Error{Message: "Unauthorized request"}
|
return &json2.Error{Message: "Unauthorized request"}
|
||||||
}
|
}
|
||||||
if args.AccessKey == "" {
|
if !isValidAccessKey.MatchString(args.AccessKey) {
|
||||||
return &json2.Error{Message: "Empty access key not allowed"}
|
return &json2.Error{Message: "Invalid Access Key"}
|
||||||
}
|
}
|
||||||
if args.SecretKey == "" {
|
if !isValidSecretKey.MatchString(args.SecretKey) {
|
||||||
return &json2.Error{Message: "Empty secret key not allowed"}
|
return &json2.Error{Message: "Invalid Secret Key"}
|
||||||
}
|
}
|
||||||
cred := credential{args.AccessKey, args.SecretKey}
|
cred := credential{args.AccessKey, args.SecretKey}
|
||||||
serverConfig.SetCredential(cred)
|
serverConfig.SetCredential(cred)
|
||||||
|
Loading…
Reference in New Issue
Block a user