s3-gateway: Allow encryption S3 passthrough for SSE-S3 (#13204)

This reverts commit 35cbe43b6d.
This commit is contained in:
Anis Elleuch 2021-09-14 20:55:32 +01:00 committed by GitHub
parent 67596ef0cc
commit f221153776
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -916,9 +916,18 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re
return return
} }
if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { if _, ok := crypto.IsRequested(r.Header); ok {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) if globalIsGateway {
return if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
} else {
if !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
}
} }
vars := mux.Vars(r) vars := mux.Vars(r)
@ -1467,9 +1476,18 @@ func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Req
return return
} }
if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { if _, ok := crypto.IsRequested(r.Header); ok {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) if globalIsGateway {
return if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
} else {
if !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
}
} }
vars := mux.Vars(r) vars := mux.Vars(r)
@ -1798,9 +1816,18 @@ func (api objectAPIHandlers) PutObjectExtractHandler(w http.ResponseWriter, r *h
return return
} }
if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { if _, ok := crypto.IsRequested(r.Header); ok {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) if globalIsGateway {
return if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
} else {
if !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
}
} }
vars := mux.Vars(r) vars := mux.Vars(r)
@ -2075,9 +2102,18 @@ func (api objectAPIHandlers) NewMultipartUploadHandler(w http.ResponseWriter, r
return return
} }
if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { if _, ok := crypto.IsRequested(r.Header); ok {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) if globalIsGateway {
return if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
} else {
if !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
}
} }
vars := mux.Vars(r) vars := mux.Vars(r)
@ -2517,8 +2553,18 @@ func (api objectAPIHandlers) PutObjectPartHandler(w http.ResponseWriter, r *http
return return
} }
if _, ok := crypto.IsRequested(r.Header); ok && !objectAPI.IsEncryptionSupported() { if _, ok := crypto.IsRequested(r.Header); ok {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL) if globalIsGateway {
if crypto.SSEC.IsRequested(r.Header) && !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
} else {
if !objectAPI.IsEncryptionSupported() {
writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL)
return
}
}
} }
vars := mux.Vars(r) vars := mux.Vars(r)