MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 21:02:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: disallow SSE-C encrypted objects on replicated buckets (#16467)

Browse Source
This commit is contained in:
Harshavardhana
2023-01-25 05:16:33 +05:30
committed by GitHub
parent d67a846ec4
commit e64b9f6751
9 changed files with 238 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cmd/bucket-handlers.go
View File

@@ -1062,11 +1062,17 @@ func (api objectAPIHandlers) PostPolicyBucketHandler(w http.ResponseWriter, r *h
return
}
if crypto.Requested(formValues) && !HasSuffix(object, SlashSeparator) { // handle SSE requests
if crypto.Requested(formValues) {
if crypto.SSECopy.IsRequested(r.Header) {
writeErrorResponse(ctx, w, toAPIError(ctx, errInvalidEncryptionParameters), r.URL)
return
}
if crypto.SSEC.IsRequested(r.Header) && isReplicationEnabled(ctx, bucket) {
writeErrorResponse(ctx, w, toAPIError(ctx, errInvalidEncryptionParametersSSEC), r.URL)
return
}
var (
reader io.Reader
keyID string