Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

s3: check the MD5 values from clients

pull/1895/head
wuh-fnst 5 years ago
parent
5f99eee27c
commit
8096609869
3 changed files with 24 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      weed/s3api/s3api_object_handlers.go
  2. 12
      weed/s3api/s3api_object_multipart_handlers.go
  3. 6
      weed/s3api/s3err/s3api_errors.go

7
weed/s3api/s3api_object_handlers.go
View File

@ -40,7 +40,7 @@ func (s3a *S3ApiServer) PutObjectHandler(w http.ResponseWriter, r *http.Request)
bucket, object := getBucketAndObject(r) bucket, object := getBucketAndObject(r)
_, err := validateContentMd5(r.Header)
contentMd5, err := validateContentMd5(r.Header)
if err != nil { if err != nil {
writeErrorResponse(w, s3err.ErrInvalidDigest, r.URL) writeErrorResponse(w, s3err.ErrInvalidDigest, r.URL)
return return
@ -81,6 +81,11 @@ func (s3a *S3ApiServer) PutObjectHandler(w http.ResponseWriter, r *http.Request)
} }
setEtag(w, etag) setEtag(w, etag)
if len(contentMd5) != 0 && fmt.Sprintf("%x", contentMd5) != etag {
writeErrorResponse(w, s3err.ErrBadDigest, r.URL)
return
}
} }
writeSuccessResponseEmpty(w) writeSuccessResponseEmpty(w)

12
weed/s3api/s3api_object_multipart_handlers.go
View File

@ -182,6 +182,13 @@ func (s3a *S3ApiServer) PutObjectPartHandler(w http.ResponseWriter, r *http.Requ
return return
} }
// get Content-Md5 sent by client and verify if valid
contentMd5, err := validateContentMd5(r.Header)
if err != nil {
writeErrorResponse(w, s3err.ErrInvalidDigest, r.URL)
return
}
dataReader := r.Body dataReader := r.Body
if s3a.iam.isEnabled() { if s3a.iam.isEnabled() {
rAuthType := getRequestAuthType(r) rAuthType := getRequestAuthType(r)
@ -213,6 +220,11 @@ func (s3a *S3ApiServer) PutObjectPartHandler(w http.ResponseWriter, r *http.Requ
setEtag(w, etag) setEtag(w, etag)
if len(contentMd5) != 0 && fmt.Sprintf("%x", contentMd5) != etag {
writeErrorResponse(w, s3err.ErrBadDigest, r.URL)
return
}
writeSuccessResponseEmpty(w) writeSuccessResponseEmpty(w)
} }

6
weed/s3api/s3err/s3api_errors.go
View File

@ -45,6 +45,7 @@ const (
ErrNone ErrorCode = iota ErrNone ErrorCode = iota
ErrAccessDenied ErrAccessDenied
ErrMethodNotAllowed ErrMethodNotAllowed
ErrBadDigest
ErrBucketNotEmpty ErrBucketNotEmpty
ErrBucketAlreadyExists ErrBucketAlreadyExists
ErrBucketAlreadyOwnedByYou ErrBucketAlreadyOwnedByYou
@ -109,6 +110,11 @@ var errorCodeResponse = map[ErrorCode]APIError{
Description: "The specified method is not allowed against this resource.", Description: "The specified method is not allowed against this resource.",
HTTPStatusCode: http.StatusMethodNotAllowed, HTTPStatusCode: http.StatusMethodNotAllowed,
}, },
ErrBadDigest: {
Code: "BadDigest",
Description: "The Content-Md5 you specified did not match what we received.",
HTTPStatusCode: http.StatusBadRequest,
},
ErrBucketNotEmpty: { ErrBucketNotEmpty: {
Code: "BucketNotEmpty", Code: "BucketNotEmpty",
Description: "The bucket you tried to delete is not empty", Description: "The bucket you tried to delete is not empty",

Write Preview
Loading…
Cancel
Save