Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix(s3api): restore error return when access key not found 

Critical fix: The previous cleanup of sensitive logging inadvertently removed
the error return statement when access key lookup fails. This caused the code
to continue and call isCredentialExpired() on nil pointer, crashing the server.

This explains EOF errors in CORS tests - server was panicking on requests
with invalid keys.
pull/7944/head
Chris Lu 1 month ago
parent
643558fcc9
commit
8001c3747d
1 changed files with 1 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      weed/s3api/auth_signature_v4.go

3
weed/s3api/auth_signature_v4.go
View File

@ -233,8 +233,7 @@ func (iam *IdentityAccessManagement) verifyV4Signature(r *http.Request, shouldCh
glog.Warningf("InvalidAccessKeyId: attempted key '%s' not found. Available keys: %d, Auth enabled: %v",
authInfo.AccessKey, len(availableKeys), iam.isAuthEnabled)
}
return nil, nil, "", nil, s3err.ErrInvalidAccessKeyID }
// Check service account expiration
if cred.isCredentialExpired() {

Write Preview
Loading…
Cancel
Save