Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

SSE-KMS headers are present, this is not an SSE-C request (mutually exclusive)

pull/7480/head
chrislu 3 weeks ago
parent
0ab4d7720b
commit
2182d2224e
1 changed files with 7 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      weed/s3api/s3api_object_handlers.go

7
weed/s3api/s3api_object_handlers.go
View File

@ -247,7 +247,14 @@ func (s3a *S3ApiServer) hasConditionalHeaders(r *http.Request) bool {
// hasSSECHeaders checks if the request has SSE-C decryption headers
// SSE-C requires the customer to provide the decryption key in GET/HEAD requests
// According to S3 spec, SSE-C and SSE-KMS headers are mutually exclusive
func (s3a *S3ApiServer) hasSSECHeaders(r *http.Request) bool {
// If SSE-KMS headers are present, this is not an SSE-C request (mutually exclusive)
if r.Header.Get(s3_constants.AmzServerSideEncryption) == s3_constants.SSEAlgorithmKMS ||
r.Header.Get(s3_constants.AmzServerSideEncryptionAwsKmsKeyId) != "" {
return false
}
return r.Header.Get(s3_constants.AmzServerSideEncryptionCustomerAlgorithm) != "" ||
r.Header.Get(s3_constants.AmzServerSideEncryptionCustomerKey) != "" ||
r.Header.Get(s3_constants.AmzServerSideEncryptionCustomerKeyMD5) != ""

Write Preview
Loading…
Cancel
Save