root
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Actions 1 Packages Projects Releases Wiki Activity
minio/cmd/generic-handlers.go

778 lines
24 KiB
Go
Raw Normal View History

Add license and fix development scripts
2015-02-15 16:48:15 +08:00
/*
Add response header timeouts (#9170) - Add conservative timeouts upto 3 minutes for internode communication - Add aggressive timeouts of 30 seconds for gateway communication Fixes #9105 Fixes #8732 Fixes #8881 Fixes #8376 Fixes #9028
2020-03-22 13:10:13 +08:00
* MinIO Cloud Storage, (C) 2015-2020 MinIO, Inc.
Add license and fix development scripts
2015-02-15 16:48:15 +08:00
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
server: Move all the top level files into cmd folder. (#2490) This change brings a change which was done for the 'mc' package to allow for clean repo and have a cleaner github drop in experience.
2016-08-19 07:23:42 +08:00
package cmd
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 19:23:15 +08:00
import (
"net/http"
Add proper router for handling putBucketACLHandler
2015-10-08 11:36:36 +08:00
"strings"
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 18:54:49 +08:00
"time"
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 19:23:15 +08:00
Move dependency from minio-go v6 to v7 (#10042)
2020-07-15 00:38:05 +08:00
"github.com/minio/minio-go/v7/pkg/set"
Add support for CopyObject across regions and multiple Minio IPs This PR adds CopyObject support for objects residing in buckets in different Minio instances (where Minio instances are part of a federated setup). Also, added support for multiple Minio domain IPs. This is required for distributed deployments, where one deployment may have multiple nodes, each with a different public IP.
2018-05-12 03:02:30 +08:00
Use humanize constants for KiB, MiB and GiB units. (#3322)
2016-11-23 10:18:22 +08:00
humanize "github.com/dustin/go-humanize"
simplify webhook DNS further generalize for gateway (#10448) continuation of the changes from eaaf05a7cc358893650614770365da540615570f this further simplifies, enables this for gateway deployments as well
2020-09-11 05:19:32 +08:00
"github.com/minio/minio/cmd/config/dns"
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-17 10:22:09 +08:00
"github.com/minio/minio/cmd/crypto"
Ensure that we use constants everywhere (#7845) This allows for canonicalization of the strings throughout our code and provides a common space for all these constants to reside. This list is rather non-exhaustive but captures all the headers used in AWS S3 API operations
2019-07-03 13:34:32 +08:00
xhttp "github.com/minio/minio/cmd/http"
fix: Audit tests on the correct response writer type (#9445)
2020-04-30 13:17:36 +08:00
"github.com/minio/minio/cmd/http/stats"
Remove panic() and handle it appropriately (#5807) This is an effort to remove panic from the source. Add a new call called CriticialIf, that calls LogIf and exits. Replace panics with one of CriticalIf, FatalIf and a return of error.
2018-04-20 08:24:43 +08:00
"github.com/minio/minio/cmd/logger"
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
"github.com/minio/minio/pkg/handlers"
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 19:23:15 +08:00
)
Allow idiomatic usage of middlewares in gorilla/mux (#9802) Historically due to lack of support for middlewares we ended up writing wrapped handlers for all middlewares on top of the gorilla/mux, this causes multiple issues when we want to let's say - Overload r.Body with some custom implementation to track the incoming Reads() - Add other sort of top level checks to avoid DDOSing the server with large incoming HTTP bodies. Since 1.7.x release gorilla/mux provides proper use of middlewares, which are honored by the muxer directly. This makes sure that Go can honor its own internal ServeHTTP(w, r) implementation where Go net/http can wrap into its own customer readers. This PR as a side-affect fixes rare issues of client hangs which were reported in the wild but never really understood or fixed in our codebase. Fixes #9759 Fixes #7266 Fixes #6540 Fixes #5455 Fixes #5150 Refer https://github.com/boto/botocore/pull/1328 for one variation of the same issue in #9759
2020-06-11 23:19:55 +08:00
// MiddlewareFunc - useful to chain different http.Handler middlewares
type MiddlewareFunc func(http.Handler) http.Handler
Remove unneeded functions in middleware init
2015-09-16 07:59:43 +08:00
Allow idiomatic usage of middlewares in gorilla/mux (#9802) Historically due to lack of support for middlewares we ended up writing wrapped handlers for all middlewares on top of the gorilla/mux, this causes multiple issues when we want to let's say - Overload r.Body with some custom implementation to track the incoming Reads() - Add other sort of top level checks to avoid DDOSing the server with large incoming HTTP bodies. Since 1.7.x release gorilla/mux provides proper use of middlewares, which are honored by the muxer directly. This makes sure that Go can honor its own internal ServeHTTP(w, r) implementation where Go net/http can wrap into its own customer readers. This PR as a side-affect fixes rare issues of client hangs which were reported in the wild but never really understood or fixed in our codebase. Fixes #9759 Fixes #7266 Fixes #6540 Fixes #5455 Fixes #5150 Refer https://github.com/boto/botocore/pull/1328 for one variation of the same issue in #9759
2020-06-11 23:19:55 +08:00
func registerMiddlewares(next http.Handler) http.Handler {
for _, handlerFn := range globalHandlers {
next = handlerFn(next)
Add rpc signature handler
2015-10-09 10:56:41 +08:00
}
Allow idiomatic usage of middlewares in gorilla/mux (#9802) Historically due to lack of support for middlewares we ended up writing wrapped handlers for all middlewares on top of the gorilla/mux, this causes multiple issues when we want to let's say - Overload r.Body with some custom implementation to track the incoming Reads() - Add other sort of top level checks to avoid DDOSing the server with large incoming HTTP bodies. Since 1.7.x release gorilla/mux provides proper use of middlewares, which are honored by the muxer directly. This makes sure that Go can honor its own internal ServeHTTP(w, r) implementation where Go net/http can wrap into its own customer readers. This PR as a side-affect fixes rare issues of client hangs which were reported in the wild but never really understood or fixed in our codebase. Fixes #9759 Fixes #7266 Fixes #6540 Fixes #5455 Fixes #5150 Refer https://github.com/boto/botocore/pull/1328 for one variation of the same issue in #9759
2020-06-11 23:19:55 +08:00
return next
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 18:54:49 +08:00
}
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients
2016-07-29 03:02:22 +08:00
// Adds limiting body size middleware
server: set maximum allowed request body. (#3324) This patch sets the value as 5GiB + 64MiB. 5GiB is the maximum allowed object size and 64MiB is for form data fields and headers.
2016-11-23 11:58:51 +08:00
// Maximum allowed form data field values. 64MiB is a guessed practical value
// which is more than enough to accommodate any form data fields and headers.
const requestFormDataSize = 64 * humanize.MiByte
api: Increase the maximum object size limit from 5GiB to 16GiB. (#3834) The globalMaxObjectSize limit is instilled in S3 spec perhaps due to certain limitations on S3 infrastructure. For minio we don't have such limitations and we can stream a larger file instead. So we are going to bump this limit to 16GiB. Fixes #3825
2017-03-04 02:14:17 +08:00
// For any HTTP request, request body should be not more than 16GiB + requestFormDataSize
// where, 16GiB is the maximum allowed object size for object upload.
const requestMaxBodySize = globalMaxObjectSize + requestFormDataSize
Limit POST form fields and file size + Generic Request Size limiter (#2317) * Use less memory when receiving a file via multipart * Add generic http request maximum size limiter to secure against malicious clients
2016-07-29 03:02:22 +08:00
type requestSizeLimitHandler struct {
handler http.Handler
maxBodySize int64
}
func setRequestSizeLimitHandler(h http.Handler) http.Handler {
return requestSizeLimitHandler{handler: h, maxBodySize: requestMaxBodySize}
}
func (h requestSizeLimitHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// Restricting read data to a given maximum length
r.Body = http.MaxBytesReader(w, r.Body, h.maxBodySize)
h.handler.ServeHTTP(w, r)
}
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-23 07:53:35 +08:00
const (
// Maximum size for http headers - See: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
maxHeaderSize = 8 * 1024
// Maximum size for user-defined metadata - See: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
maxUserDataSize = 2 * 1024
)
type requestHeaderSizeLimitHandler struct {
http.Handler
}
func setRequestHeaderSizeLimitHandler(h http.Handler) http.Handler {
return requestHeaderSizeLimitHandler{h}
}
// ServeHTTP restricts the size of the http header to 8 KB and the size
// of the user-defined metadata to 2 KB.
func (h requestHeaderSizeLimitHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if isHTTPHeaderSizeTooLarge(r.Header) {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrMetadataTooLarge), r.URL, guessIsBrowserReq(r))
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-23 07:53:35 +08:00
return
}
h.Handler.ServeHTTP(w, r)
}
// isHTTPHeaderSizeTooLarge returns true if the provided
// header is larger than 8 KB or the user-defined metadata
// is larger than 2 KB.
func isHTTPHeaderSizeTooLarge(header http.Header) bool {
var size, usersize int
for key := range header {
length := len(key) + len(header.Get(key))
size += length
for _, prefix := range userMetadataKeyPrefixes {
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-13 11:04:01 +08:00
if strings.HasPrefix(strings.ToLower(key), prefix) {
restirct max size of http header and user metadata (#4634) (#4680) S3 only allows http headers with a size of 8 KB and user-defined metadata with a size of 2 KB. This change adds a new API error and returns this error to clients which sends to large http requests. Fixes #4634
2017-08-23 07:53:35 +08:00
usersize += length
break
}
}
if usersize > maxUserDataSize || size > maxHeaderSize {
return true
}
}
return false
}
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 07:18:59 +08:00
// ReservedMetadataPrefix is the prefix of a metadata key which
// is reserved and for internal use only.
fix: CopyObject behavior on expanded zones (#9729) CopyObject was not correctly figuring out the correct destination object location and would end up creating duplicate objects on two different zones, reproduced by doing encryption based key rotation.
2020-05-29 05:36:38 +08:00
const (
ReservedMetadataPrefix = "X-Minio-Internal-"
ReservedMetadataPrefixLower = "x-minio-internal-"
)
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 07:18:59 +08:00
type reservedMetadataHandler struct {
http.Handler
}
func filterReservedMetadata(h http.Handler) http.Handler {
return reservedMetadataHandler{h}
}
// ServeHTTP fails if the request contains at least one reserved header which
// would be treated as metadata.
func (h reservedMetadataHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if containsReservedMetadata(r.Header) {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrUnsupportedMetadata), r.URL, guessIsBrowserReq(r))
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 07:18:59 +08:00
return
}
h.Handler.ServeHTTP(w, r)
}
// containsReservedMetadata returns true if the http.Header contains
// keys which are treated as metadata but are reserved for internal use
// and must not set by clients
func containsReservedMetadata(header http.Header) bool {
for key := range header {
fix: CopyObject behavior on expanded zones (#9729) CopyObject was not correctly figuring out the correct destination object location and would end up creating duplicate objects on two different zones, reproduced by doing encryption based key rotation.
2020-05-29 05:36:38 +08:00
if strings.HasPrefix(strings.ToLower(key), ReservedMetadataPrefixLower) {
add SSE-C support for HEAD, GET, PUT (#4894) This change adds server-side-encryption support for HEAD, GET and PUT operations. This PR only addresses single-part PUTs and GETs without HTTP ranges. Further this change adds the concept of reserved object metadata which is required to make encrypted objects tamper-proof and provide API compatibility to AWS S3. This PR adds the following reserved metadata entries: - X-Minio-Internal-Server-Side-Encryption-Iv ('guarantees' tamper-proof property) - X-Minio-Internal-Server-Side-Encryption-Kdf (makes Key-MAC computation negotiable in future) - X-Minio-Internal-Server-Side-Encryption-Key-Mac (provides AWS S3 API compatibility) The prefix `X-Minio_Internal` specifies an internal metadata entry which must not send to clients. All client requests containing a metadata key starting with `X-Minio-Internal` must also rejected. This is implemented by a generic-handler. This PR implements SSE-C separated from client-side-encryption (CSE). This cannot decrypt server-side-encrypted objects on the client-side. However, clients can encrypted the same object with CSE and SSE-C. This PR does not address: - SSE-C Copy and Copy part - SSE-C GET with HTTP ranges - SSE-C multipart PUT - SSE-C Gateway Each point must be addressed in a separate PR. Added to vendor dir: - x/crypto/chacha20poly1305 - x/crypto/poly1305 - github.com/minio/sio
2017-11-08 07:18:59 +08:00
return true
}
}
return false
}
routers: Move API and Web routers into their own files. This is done to ensure we have a clean way to add new routers such as - diskRouter - configRouter - lockRouter
2016-03-28 03:37:21 +08:00
// Reserved bucket.
signature: Use a layered approach for signature verification. Signature calculation has now moved out from being a package to top-level as a layered mechanism. In case of payload calculation with body, go-routines are initiated to simultaneously write and calculate shasum. Errors are sent over the writer so that the lower layer removes the temporary files properly.
2016-03-13 08:08:15 +08:00
const (
fs: Do not return reservedBucket names in ListBuckets() (#3754) Make sure to skip reserved bucket names in `ListBuckets()` current code didn't skip this properly and also generalize this behavior for both XL and FS.
2017-02-17 06:52:14 +08:00
minioReservedBucket = "minio"
Use const slashSeparator instead of "/" everywhere (#8028)
2019-08-07 03:08:58 +08:00
minioReservedBucketPath = SlashSeparator + minioReservedBucket
Log in with OIDC not work with MINIO_DOMAIN (#8558) (#8559)
2019-11-22 09:45:15 +08:00
loginPathPrefix = SlashSeparator + "login"
signature: Use a layered approach for signature verification. Signature calculation has now moved out from being a package to top-level as a layered mechanism. In case of payload calculation with body, go-routines are initiated to simultaneously write and calculate shasum. Errors are sent over the writer so that the lower layer removes the temporary files properly.
2016-03-13 08:08:15 +08:00
)
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
// Adds redirect rules for incoming requests.
type redirectHandler struct {
handler http.Handler
}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
func setBrowserRedirectHandler(h http.Handler) http.Handler {
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
return redirectHandler{handler: h}
}
// Fetch redirect location if urlPath satisfies certain
// criteria. Some special names are considered to be
// redirectable, this is purely internal function and
// serves only limited purpose on redirect-handler for
// browser requests.
func getRedirectLocation(urlPath string) (rLocation string) {
fs: Do not return reservedBucket names in ListBuckets() (#3754) Make sure to skip reserved bucket names in `ListBuckets()` current code didn't skip this properly and also generalize this behavior for both XL and FS.
2017-02-17 06:52:14 +08:00
if urlPath == minioReservedBucketPath {
Use const slashSeparator instead of "/" everywhere (#8028)
2019-08-07 03:08:58 +08:00
rLocation = minioReservedBucketPath + SlashSeparator
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
}
if contains([]string{
Use const slashSeparator instead of "/" everywhere (#8028)
2019-08-07 03:08:58 +08:00
SlashSeparator,
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
"/webrpc",
"/login",
[web-router] update the white list for favicons (#8024)
2019-08-12 13:17:02 +08:00
"/favicon-16x16.png",
"/favicon-32x32.png",
"/favicon-96x96.png",
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
}, urlPath) {
fs: Do not return reservedBucket names in ListBuckets() (#3754) Make sure to skip reserved bucket names in `ListBuckets()` current code didn't skip this properly and also generalize this behavior for both XL and FS.
2017-02-17 06:52:14 +08:00
rLocation = minioReservedBucketPath + urlPath
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
}
return rLocation
}
// guessIsBrowserReq - returns true if the request is browser.
// This implementation just validates user-agent and
// looks for "Mozilla" string. This is no way certifiable
// way to know if the request really came from a browser
// since User-Agent's can be arbitrary. But this is just
// a best effort function.
func guessIsBrowserReq(req *http.Request) bool {
if req == nil {
return false
}
Valid if bucket names are internal (#7476) This commit fixes a privilege escalation issue against the S3 and web handlers. An authenticated IAM user can: - Read from or write to the internal '.minio.sys' bucket by simply sending a properly signed S3 GET or PUT request. Further, the user can - Read from or write to the internal '.minio.sys' bucket using the 'Upload'/'Download'/'DownloadZIP' API by sending a "browser" request authenticated with its JWT token.
2019-04-04 14:10:37 +08:00
aType := getRequestAuthType(req)
Migrate config to KV data format (#8392) - adding oauth support to MinIO browser (#8400) by @kanagaraj - supports multi-line get/set/del for all config fields - add support for comments, allow toggle - add extensive validation of config before saving - support MinIO browser to support proper claims, using STS tokens - env support for all config parameters, legacy envs are also supported with all documentation now pointing to latest ENVs - preserve accessKey/secretKey from FS mode setups - add history support implements three APIs - ClearHistory - RestoreHistory - ListHistory - add help command support for each config parameters - all the bug fixes after migration to KV, and other bug fixes encountered during testing.
2019-10-23 13:59:13 +08:00
return strings.Contains(req.Header.Get("User-Agent"), "Mozilla") && globalBrowserEnabled &&
Valid if bucket names are internal (#7476) This commit fixes a privilege escalation issue against the S3 and web handlers. An authenticated IAM user can: - Read from or write to the internal '.minio.sys' bucket by simply sending a properly signed S3 GET or PUT request. Further, the user can - Read from or write to the internal '.minio.sys' bucket using the 'Upload'/'Download'/'DownloadZIP' API by sending a "browser" request authenticated with its JWT token.
2019-04-04 14:10:37 +08:00
(aType == authTypeJWT || aType == authTypeAnonymous)
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
}
Add healthcheck endpoints (#5543) This PR adds readiness and liveness endpoints to probe Minio server instance health. Endpoints can only be accessed without authentication and the paths are /minio/health/live and /minio/health/ready for liveness and readiness respectively. The new healthcheck liveness endpoint is used for Docker healthcheck now. Fixes #5357 Fixes #5514
2018-03-12 14:16:53 +08:00
// guessIsHealthCheckReq - returns true if incoming request looks
// like healthcheck request
func guessIsHealthCheckReq(req *http.Request) bool {
if req == nil {
return false
}
aType := getRequestAuthType(req)
Update healthcheck related examples and add head support (#5650) - Add head method for healthcheck endpoint. Some platforms/users may use the HTTP Head method to check for health status. - Add liveness and readiness probe examples in Kubernetes yaml example docs. Note that readiness probe not added to StatefulSet example due to https://github.com/kubernetes/kubernetes/issues/27114
2018-03-15 12:25:02 +08:00
return aType == authTypeAnonymous && (req.Method == http.MethodGet || req.Method == http.MethodHead) &&
Add healthcheck endpoints (#5543) This PR adds readiness and liveness endpoints to probe Minio server instance health. Endpoints can only be accessed without authentication and the paths are /minio/health/live and /minio/health/ready for liveness and readiness respectively. The new healthcheck liveness endpoint is used for Docker healthcheck now. Fixes #5357 Fixes #5514
2018-03-12 14:16:53 +08:00
(req.URL.Path == healthCheckPathPrefix+healthCheckLivenessPath ||
fix: return proper errors Get/HeadObject for deleteMarkers (#9957)
2020-07-03 07:17:27 +08:00
req.URL.Path == healthCheckPathPrefix+healthCheckReadinessPath ||
req.URL.Path == healthCheckPathPrefix+healthCheckClusterPath)
Add healthcheck endpoints (#5543) This PR adds readiness and liveness endpoints to probe Minio server instance health. Endpoints can only be accessed without authentication and the paths are /minio/health/live and /minio/health/ready for liveness and readiness respectively. The new healthcheck liveness endpoint is used for Docker healthcheck now. Fixes #5357 Fixes #5514
2018-03-12 14:16:53 +08:00
}
Introduce new unauthenticated endpoint /metric (#5723) (#5829) /metric exposes Promethus compatible data for scraping metrics Fixes: #5723
2018-04-19 07:01:42 +08:00
// guessIsMetricsReq - returns true if incoming request looks
// like metrics request
func guessIsMetricsReq(req *http.Request) bool {
if req == nil {
return false
}
aType := getRequestAuthType(req)
Authorize prometheus endpoint with bearer token (#7640)
2019-09-22 22:57:12 +08:00
return (aType == authTypeAnonymous || aType == authTypeJWT) &&
Introduce new unauthenticated endpoint /metric (#5723) (#5829) /metric exposes Promethus compatible data for scraping metrics Fixes: #5723
2018-04-19 07:01:42 +08:00
req.URL.Path == minioReservedBucketPath+prometheusMetricsPath
}
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-02 03:16:54 +08:00
// guessIsRPCReq - returns true if the request is for an RPC endpoint.
func guessIsRPCReq(req *http.Request) bool {
if req == nil {
return false
}
fix: Better check of RPC type requests (#6927) guessIsRPCReq() considers all POST requests as RPC but doesn't check if this is an object operation API or not, which is actually confusing bucket forwarder handler when it receives a new multipart upload API which is a POST http request. Due to this bug, users having a federated setup are not able to upload a multipart object using an endpoint which doesn't actually contain the specified bucket that will store the object. Hence this commit will fix the described issue.
2018-12-06 06:28:48 +08:00
return req.Method == http.MethodPost &&
Use const slashSeparator instead of "/" everywhere (#8028)
2019-08-07 03:08:58 +08:00
strings.HasPrefix(req.URL.Path, minioReservedBucketPath+SlashSeparator)
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-02 03:16:54 +08:00
}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
func (h redirectHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Valid if bucket names are internal (#7476) This commit fixes a privilege escalation issue against the S3 and web handlers. An authenticated IAM user can: - Read from or write to the internal '.minio.sys' bucket by simply sending a properly signed S3 GET or PUT request. Further, the user can - Read from or write to the internal '.minio.sys' bucket using the 'Upload'/'Download'/'DownloadZIP' API by sending a "browser" request authenticated with its JWT token.
2019-04-04 14:10:37 +08:00
// Re-direction is handled specifically for browser requests.
if guessIsBrowserReq(r) {
// Fetch the redirect location if any.
redirectLocation := getRedirectLocation(r.URL.Path)
if redirectLocation != "" {
// Employ a temporary re-direct.
http.Redirect(w, r, redirectLocation, http.StatusTemporaryRedirect)
return
Remove SignatureV2 support, bring in SignatureV4 header only validation for now
2015-05-01 07:29:03 +08:00
}
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 18:54:49 +08:00
}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
h.handler.ServeHTTP(w, r)
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 18:54:49 +08:00
}
browser-caching: enable browser caching for WebUI
2016-02-05 05:57:56 +08:00
// Adds Cache-Control header
type cacheControlHandler struct {
handler http.Handler
}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
func setBrowserCacheControlHandler(h http.Handler) http.Handler {
browser-caching: enable browser caching for WebUI
2016-02-05 05:57:56 +08:00
return cacheControlHandler{h}
}
func (h cacheControlHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Valid if bucket names are internal (#7476) This commit fixes a privilege escalation issue against the S3 and web handlers. An authenticated IAM user can: - Read from or write to the internal '.minio.sys' bucket by simply sending a properly signed S3 GET or PUT request. Further, the user can - Read from or write to the internal '.minio.sys' bucket using the 'Upload'/'Download'/'DownloadZIP' API by sending a "browser" request authenticated with its JWT token.
2019-04-04 14:10:37 +08:00
if r.Method == http.MethodGet && guessIsBrowserReq(r) {
caching: disable caching of index.html and enable caching for other UI asset files.
2016-02-26 21:19:35 +08:00
// For all browser requests set appropriate Cache-Control policies
Add Support for Cache and S3 related metrics in Prometheus endpoint (#8591) This PR adds support below metrics - Cache Hit Count - Cache Miss Count - Data served from Cache (in Bytes) - Bytes received from AWS S3 - Bytes sent to AWS S3 - Number of requests sent to AWS S3 Fixes #8549
2019-12-06 15:16:06 +08:00
if HasPrefix(r.URL.Path, minioReservedBucketPath+SlashSeparator) {
if HasSuffix(r.URL.Path, ".js") || r.URL.Path == minioReservedBucketPath+"/favicon.ico" {
Remove regexp usage (#3456) This patch removes regexp usage in cacheControlHandler.ServeHTTP() and server-main.checkEndpointsSyntax()
2016-12-18 03:00:16 +08:00
// For assets set cache expiry of one year. For each release, the name
// of the asset name will change and hence it can not be served from cache.
Ensure that we use constants everywhere (#7845) This allows for canonicalization of the strings throughout our code and provides a common space for all these constants to reside. This list is rather non-exhaustive but captures all the headers used in AWS S3 API operations
2019-07-03 13:34:32 +08:00
w.Header().Set(xhttp.CacheControl, "max-age=31536000")
Remove regexp usage (#3456) This patch removes regexp usage in cacheControlHandler.ServeHTTP() and server-main.checkEndpointsSyntax()
2016-12-18 03:00:16 +08:00
} else {
// For non asset requests we serve index.html which will never be cached.
Ensure that we use constants everywhere (#7845) This allows for canonicalization of the strings throughout our code and provides a common space for all these constants to reside. This list is rather non-exhaustive but captures all the headers used in AWS S3 API operations
2019-07-03 13:34:32 +08:00
w.Header().Set(xhttp.CacheControl, "no-store")
Remove regexp usage (#3456) This patch removes regexp usage in cacheControlHandler.ServeHTTP() and server-main.checkEndpointsSyntax()
2016-12-18 03:00:16 +08:00
}
caching: disable caching of index.html and enable caching for other UI asset files.
2016-02-26 21:19:35 +08:00
}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
}
Remove regexp usage (#3456) This patch removes regexp usage in cacheControlHandler.ServeHTTP() and server-main.checkEndpointsSyntax()
2016-12-18 03:00:16 +08:00
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
h.handler.ServeHTTP(w, r)
}
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-23 06:54:55 +08:00
// Check to allow access to the reserved "bucket" `/minio` for Admin
// API requests.
func isAdminReq(r *http.Request) bool {
Return appropriate errors API versions changes across REST APIs (#8480) This PR adds code to appropriately handle versioning issues that come up quite constantly across our API changes. Currently we were also routing our requests wrong which sort of made it harder to write a consistent error handling code to appropriately reject or honor requests. This PR potentially fixes issues - old mc is used against new minio release which is incompatible returns an appropriate for client action. - any older servers talking to each other, report appropriate error - incompatible peer servers should report error and reject the calls with appropriate error
2019-11-05 01:30:59 +08:00
return strings.HasPrefix(r.URL.Path, adminPathPrefix)
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-23 06:54:55 +08:00
}
Log in with OIDC not work with MINIO_DOMAIN (#8558) (#8559)
2019-11-22 09:45:15 +08:00
// guessIsLoginSTSReq - returns true if incoming request is Login STS user
func guessIsLoginSTSReq(req *http.Request) bool {
if req == nil {
return false
}
return strings.HasPrefix(req.URL.Path, loginPathPrefix) ||
(req.Method == http.MethodPost && req.URL.Path == SlashSeparator &&
getRequestAuthType(req) == authTypeSTS)
}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
// Adds verification for incoming paths.
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-02 03:16:54 +08:00
type minioReservedBucketHandler struct {
web: Validate if bucket names are reserved (#3841) Both '.minio.sys' and 'minio' should be never allowed to be created from web-ui and then fail to list it by filtering them out. Fixes #3840
2017-03-03 19:01:42 +08:00
handler http.Handler
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
}
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-02 03:16:54 +08:00
func setReservedBucketHandler(h http.Handler) http.Handler {
return minioReservedBucketHandler{h}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
}
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-02 03:16:54 +08:00
func (h minioReservedBucketHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-23 06:54:55 +08:00
switch {
Introduce new unauthenticated endpoint /metric (#5723) (#5829) /metric exposes Promethus compatible data for scraping metrics Fixes: #5723
2018-04-19 07:01:42 +08:00
case guessIsRPCReq(r), guessIsBrowserReq(r), guessIsHealthCheckReq(r), guessIsMetricsReq(r), isAdminReq(r):
Move admin APIs to new path and add redesigned heal APIs (#5351) - Changes related to moving admin APIs - admin APIs now have an endpoint under /minio/admin - admin APIs are now versioned - a new API to server the version is added at "GET /minio/admin/version" and all API operations have the path prefix /minio/admin/v1/<operation> - new service stop API added - credentials change API is moved to /minio/admin/v1/config/credential - credentials change API and configuration get/set API now require TLS so that credentials are protected - all API requests now receive JSON - heal APIs are disabled as they will be changed substantially - Heal API changes Heal API is now provided at a single endpoint with the ability for a client to start a heal sequence on all the data in the server, a single bucket, or under a prefix within a bucket. When a heal sequence is started, the server returns a unique token that needs to be used for subsequent 'status' requests to fetch heal results. On each status request from the client, the server returns heal result records that it has accumulated since the previous status request. The server accumulates upto 1000 records and pauses healing further objects until the client requests for status. If the client does not request any further records for a long time, the server aborts the heal sequence automatically. A heal result record is returned for each entity healed on the server, such as system metadata, object metadata, buckets and objects, and has information about the before and after states on each disk. A client may request to force restart a heal sequence - this causes the running heal sequence to be aborted at the next safe spot and starts a new heal sequence.
2018-01-23 06:54:55 +08:00
// Allow access to reserved buckets
default:
Return appropriate errors API versions changes across REST APIs (#8480) This PR adds code to appropriately handle versioning issues that come up quite constantly across our API changes. Currently we were also routing our requests wrong which sort of made it harder to write a consistent error handling code to appropriately reject or honor requests. This PR potentially fixes issues - old mc is used against new minio release which is incompatible returns an appropriate for client action. - any older servers talking to each other, report appropriate error - incompatible peer servers should report error and reject the calls with appropriate error
2019-11-05 01:30:59 +08:00
// For all other requests reject access to reserved buckets
Handle HEAD/GET requests for virtual DNS requests (#7839) r.URL.Path is empty when HEAD bucket with virtual DNS requests come in since bucket is now part of r.Host, we should use our domain names and fetch the right bucket/object names. This fixes an really old issue in our federation setups.
2019-06-27 09:21:54 +08:00
bucketName, _ := request2BucketObjectName(r)
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-02 03:16:54 +08:00
if isMinioReservedBucket(bucketName) || isMinioMetaBucket(bucketName) {
Return appropriate errors API versions changes across REST APIs (#8480) This PR adds code to appropriately handle versioning issues that come up quite constantly across our API changes. Currently we were also routing our requests wrong which sort of made it harder to write a consistent error handling code to appropriately reject or honor requests. This PR potentially fixes issues - old mc is used against new minio release which is incompatible returns an appropriate for client action. - any older servers talking to each other, report appropriate error - incompatible peer servers should report error and reject the calls with appropriate error
2019-11-05 01:30:59 +08:00
browser := guessIsBrowserReq(r)
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrAllAccessDisabled), r.URL, browser)
Ignore reservedBucket checks for net/rpc requests (#4884) All `net/rpc` requests go to `/minio`, so the existing generic handler for reserved bucket check would essentially erroneously send errors leading to distributed setups to wait infinitely. For `net/rpc` requests alone we should skip this check and allow resource bucket names to be from `/minio` .
2017-09-02 03:16:54 +08:00
return
}
browser-caching: enable browser caching for WebUI
2016-02-05 05:57:56 +08:00
}
h.handler.ServeHTTP(w, r)
}
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
type timeValidityHandler struct {
handler http.Handler
}
// setTimeValidityHandler to validate parsable time over http header
func setTimeValidityHandler(h http.Handler) http.Handler {
return timeValidityHandler{h}
}
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 11:04:51 +08:00
// Supported Amz date formats.
var amzDateFormats = []string{
handlers: Cleanup time handlers helpers.
2016-03-08 01:52:20 +08:00
time.RFC1123,
time.RFC1123Z,
iso8601Format,
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 11:04:51 +08:00
// Add new AMZ date formats here.
handlers: Cleanup time handlers helpers.
2016-03-08 01:52:20 +08:00
}
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
// Supported Amz date headers.
var amzDateHeaders = []string{
"x-amz-date",
"date",
}
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 11:04:51 +08:00
// parseAmzDate - parses date string into supported amz date formats.
func parseAmzDate(amzDateStr string) (amzDate time.Time, apiErr APIErrorCode) {
for _, dateFormat := range amzDateFormats {
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
amzDate, err := time.Parse(dateFormat, amzDateStr)
if err == nil {
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 11:04:51 +08:00
return amzDate, ErrNone
handlers: Cleanup time handlers helpers.
2016-03-08 01:52:20 +08:00
}
}
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 11:04:51 +08:00
return time.Time{}, ErrMalformedDate
}
// parseAmzDateHeader - parses supported amz date headers, in
// supported amz date formats.
func parseAmzDateHeader(req *http.Request) (time.Time, APIErrorCode) {
for _, amzDateHeader := range amzDateHeaders {
re-implement data usage crawler to be more efficient (#9075) Implementation overview: https://gist.github.com/klauspost/1801c858d5e0df391114436fdad6987b
2020-03-19 07:19:29 +08:00
amzDateStr := req.Header.Get(amzDateHeader)
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 11:04:51 +08:00
if amzDateStr != "" {
return parseAmzDate(amzDateStr)
handlers: Cleanup time handlers helpers.
2016-03-08 01:52:20 +08:00
}
}
error: Signature errors should be returned with APIErrorCode. The reasoning is that we can reply back with wide range of S3 error responses, which would provide more richer context to S3 client. Fixes #1267
2016-03-31 11:04:51 +08:00
// Date header missing.
return time.Time{}, ErrMissingDateHeader
handlers: Cleanup time handlers helpers.
2016-03-08 01:52:20 +08:00
}
Avoid checking date header of web requests by properly applying generic handlers (#2914)
2016-10-13 03:58:36 +08:00
func (h timeValidityHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Reduce number of envs and options from command line. (#3230) Ref #3229 After review with @abperiasamy we decided to remove all the unnecessary options - MINIO_BROWSER (Implemented as a security feature but now deemed obsolete since even if blocking access to MINIO_BROWSER, s3 API port is open) - MINIO_CACHE_EXPIRY (Defaults to 72h) - MINIO_MAXCONN (No one used this option and we don't test this) - MINIO_ENABLE_FSMETA (Enable FSMETA all the time) Remove --ignore-disks option - this option was implemented when XL layer would initialize the backend disks and heal them automatically to disallow XL accidentally using the root partition itself this option was introduced. This behavior has been changed XL no longer automatically initializes `format.json` a HEAL is controlled activity, so ignore-disks is not useful anymore. This change also addresses the problems of our documentation going forward and keeps things simple. This patch brings in reduction of options and defaulting them to a valid known inputs. This patch also serves as a guideline of limiting many ways to do the same thing.
2016-11-12 08:36:07 +08:00
aType := getRequestAuthType(r)
Validate date header only for Signed{,V2} and StreamingSigned. (#3248) Fixes #2941
2016-11-14 04:08:24 +08:00
if aType == authTypeSigned || aType == authTypeSignedV2 || aType == authTypeStreamingSigned {
Reduce number of envs and options from command line. (#3230) Ref #3229 After review with @abperiasamy we decided to remove all the unnecessary options - MINIO_BROWSER (Implemented as a security feature but now deemed obsolete since even if blocking access to MINIO_BROWSER, s3 API port is open) - MINIO_CACHE_EXPIRY (Defaults to 72h) - MINIO_MAXCONN (No one used this option and we don't test this) - MINIO_ENABLE_FSMETA (Enable FSMETA all the time) Remove --ignore-disks option - this option was implemented when XL layer would initialize the backend disks and heal them automatically to disallow XL accidentally using the root partition itself this option was introduced. This behavior has been changed XL no longer automatically initializes `format.json` a HEAL is controlled activity, so ignore-disks is not useful anymore. This change also addresses the problems of our documentation going forward and keeps things simple. This patch brings in reduction of options and defaulting them to a valid known inputs. This patch also serves as a guideline of limiting many ways to do the same thing.
2016-11-12 08:36:07 +08:00
// Verify if date headers are set, if not reject the request
Support unknown gateway errors and convert at handler layer (#7219) Different gateway implementations due to different backend API errors, might return different unsupported errors at our handler layer. Current code posed a problem for us because this information was lost and we would convert it to InternalError in this situation all S3 clients end up retrying the request. To avoid this unexpected situation implement a way to support this cleanly such that the underlying information is not lost which is returned by gateway.
2019-02-12 17:25:52 +08:00
amzDate, errCode := parseAmzDateHeader(r)
if errCode != ErrNone {
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
// All our internal APIs are sensitive towards Date
// header, for all requests where Date header is not
// present we will reject such clients.
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(errCode), r.URL, guessIsBrowserReq(r))
Make minio work with curl and browsers again
2015-04-30 09:30:17 +08:00
return
}
prep: Initialization should wait instead of exit the servers. (#2872) - Servers do not exit for invalid credentials instead they print and wait. - Servers do not exit for version mismatch instead they print and wait. - Servers do not exit for time differences between nodes they print and wait.
2016-10-08 02:15:55 +08:00
// Verify if the request date header is shifted by less than globalMaxSkewTime parameter in the past
Forbid requests generated at least 15 min in the past or in the future (#2648)
2016-09-10 06:33:35 +08:00
// or in the future, reject request otherwise.
Add UTCNow() function. (#3931) This patch adds UTCNow() function which returns current UTC time. This is equivalent of UTCNow() == time.Now().UTC()
2017-03-19 02:28:41 +08:00
curTime := UTCNow()
prep: Initialization should wait instead of exit the servers. (#2872) - Servers do not exit for invalid credentials instead they print and wait. - Servers do not exit for version mismatch instead they print and wait. - Servers do not exit for time differences between nodes they print and wait.
2016-10-08 02:15:55 +08:00
if curTime.Sub(amzDate) > globalMaxSkewTime || amzDate.Sub(curTime) > globalMaxSkewTime {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrRequestTimeTooSkewed), r.URL, guessIsBrowserReq(r))
Make minio work with curl and browsers again
2015-04-30 09:30:17 +08:00
return
}
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 18:54:49 +08:00
}
Reduce number of envs and options from command line. (#3230) Ref #3229 After review with @abperiasamy we decided to remove all the unnecessary options - MINIO_BROWSER (Implemented as a security feature but now deemed obsolete since even if blocking access to MINIO_BROWSER, s3 API port is open) - MINIO_CACHE_EXPIRY (Defaults to 72h) - MINIO_MAXCONN (No one used this option and we don't test this) - MINIO_ENABLE_FSMETA (Enable FSMETA all the time) Remove --ignore-disks option - this option was implemented when XL layer would initialize the backend disks and heal them automatically to disallow XL accidentally using the root partition itself this option was introduced. This behavior has been changed XL no longer automatically initializes `format.json` a HEAL is controlled activity, so ignore-disks is not useful anymore. This change also addresses the problems of our documentation going forward and keeps things simple. This patch brings in reduction of options and defaulting them to a valid known inputs. This patch also serves as a guideline of limiting many ways to do the same thing.
2016-11-12 08:36:07 +08:00
h.handler.ServeHTTP(w, r)
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 18:54:49 +08:00
}
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
type resourceHandler struct {
handler http.Handler
}
handlers: Fix the naming of all handlers.
2016-02-05 06:57:20 +08:00
// setIgnoreResourcesHandler -
Update minioapi documentation
2015-02-24 08:46:48 +08:00
// Ignore resources handler is wrapper handler used for API request resource validation
// Since we do not support all the S3 queries, it is necessary for us to throw back a
web/rpc: Merge ports with API server. Fixes #1081 and #1130
2016-02-17 10:50:36 +08:00
// valid error message indicating that requested feature is not implemented.
handlers: Fix the naming of all handlers.
2016-02-05 06:57:20 +08:00
func setIgnoreResourcesHandler(h http.Handler) http.Handler {
Verify if request date is 5minutes late, reject such a request as it could be a possible replay attack. This commit also fixes #505, by returning MethodNotAllowed instead of NotImplemented
2015-04-27 18:54:49 +08:00
return resourceHandler{h}
Some more cleanup
2015-02-19 04:15:33 +08:00
}
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-13 11:04:01 +08:00
var supportedDummyBucketAPIs = map[string][]string{
"acl": {http.MethodPut, http.MethodGet},
"cors": {http.MethodGet},
"website": {http.MethodGet, http.MethodDelete},
"logging": {http.MethodGet},
"accelerate": {http.MethodGet},
"requestPayment": {http.MethodGet},
}
// List of not implemented bucket queries
var notImplementedBucketResourceNames = map[string]struct{}{
"cors": {},
"metrics": {},
"website": {},
"logging": {},
"inventory": {},
"accelerate": {},
"requestPayment": {},
}
Add proper content-length for error and success responses - All compliance issues with S3 API for Put,Get,List (Bucket,Object) respectively - Encodes and returns back proper HTTP headers
2015-04-30 06:28:04 +08:00
// Checks requests for not implemented Bucket resources
func ignoreNotImplementedBucketResources(req *http.Request) bool {
cleanup: Remove definitions and move them to its relative places accordingly - Move fs-definitions.go and break them into fs-datatypes.go, fs-bucket-acl.go and fs-utils.go - Move api-definitions.go to api-response.go, where they should be. - Move web-definitions to its related handlers.
2016-02-20 08:04:29 +08:00
for name := range req.URL.Query() {
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-13 11:04:01 +08:00
methods, ok := supportedDummyBucketAPIs[name]
if ok {
for _, method := range methods {
if method == req.Method {
return false
}
}
Implement a dummy GetBucketACL for legacy reasons (#5906) GetBucketACL call returns empty for all GET in ACL requests, the primary purpose of this PR is to provide legacy API support for legacy applications. Fixes #5706
2018-05-10 12:02:26 +08:00
}
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-13 11:04:01 +08:00
if _, ok := notImplementedBucketResourceNames[name]; ok {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 19:23:15 +08:00
return true
}
}
return false
}
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-13 11:04:01 +08:00
var supportedDummyObjectAPIs = map[string][]string{
"acl": {http.MethodGet, http.MethodPut},
}
// List of not implemented object APIs
var notImplementedObjectResourceNames = map[string]struct{}{
"restore": {},
"torrent": {},
}
Add proper content-length for error and success responses - All compliance issues with S3 API for Put,Get,List (Bucket,Object) respectively - Encodes and returns back proper HTTP headers
2015-04-30 06:28:04 +08:00
// Checks requests for not implemented Object resources
func ignoreNotImplementedObjectResources(req *http.Request) bool {
cleanup: Remove definitions and move them to its relative places accordingly - Move fs-definitions.go and break them into fs-datatypes.go, fs-bucket-acl.go and fs-utils.go - Move api-definitions.go to api-response.go, where they should be. - Move web-definitions to its related handlers.
2016-02-20 08:04:29 +08:00
for name := range req.URL.Query() {
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-13 11:04:01 +08:00
methods, ok := supportedDummyObjectAPIs[name]
if ok {
for _, method := range methods {
if method == req.Method {
return false
}
}
Implement a dummy GetBucketACL for legacy reasons (#5906) GetBucketACL call returns empty for all GET in ACL requests, the primary purpose of this PR is to provide legacy API support for legacy applications. Fixes #5706
2018-05-10 12:02:26 +08:00
}
Support bucket versioning (#9377) - Implement a new xl.json 2.0.0 format to support, this moves the entire marshaling logic to POSIX layer, top layer always consumes a common FileInfo construct which simplifies the metadata reads. - Implement list object versions - Migrate to siphash from crchash for new deployments for object placements. Fixes #2111
2020-06-13 11:04:01 +08:00
if _, ok := notImplementedObjectResourceNames[name]; ok {
Implement S3 Style ErrorCodes and Response This patchset also brings in lot of cleanup in terms of minioapi codebase
2015-02-11 19:23:15 +08:00
return true
}
}
return false
}
cleanup: Remove definitions and move them to its relative places accordingly - Move fs-definitions.go and break them into fs-datatypes.go, fs-bucket-acl.go and fs-utils.go - Move api-definitions.go to api-response.go, where they should be. - Move web-definitions to its related handlers.
2016-02-20 08:04:29 +08:00
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
// Resource handler ServeHTTP() wrapper
func (h resourceHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Handle HEAD/GET requests for virtual DNS requests (#7839) r.URL.Path is empty when HEAD bucket with virtual DNS requests come in since bucket is now part of r.Host, we should use our domain names and fetch the right bucket/object names. This fixes an really old issue in our federation setups.
2019-06-27 09:21:54 +08:00
bucketName, objectName := request2BucketObjectName(r)
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
// If bucketName is present and not objectName check for bucket level resource queries.
if bucketName != "" && objectName == "" {
if ignoreNotImplementedBucketResources(r) {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL, guessIsBrowserReq(r))
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
return
}
}
// If bucketName and objectName are present check for its resource queries.
if bucketName != "" && objectName != "" {
if ignoreNotImplementedObjectResources(r) {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrNotImplemented), r.URL, guessIsBrowserReq(r))
env: Bring back MINIO_BROWSER env. (#3423) Set MINIO_BROWSER=off to disable web browser completely. Fixes #3422
2016-12-10 16:42:22 +08:00
return
}
}
// Serve HTTP.
h.handler.ServeHTTP(w, r)
}
stats: Add network and http statisics (#3686) Network: total bytes of incoming and outgoing server's data by taking advantage of our ConnMux Read/Write wrapping HTTP: total number of different http verbs passed in http requests and different status codes passed in http responses. This is counted in a new http handler.
2017-02-07 01:29:53 +08:00
// httpStatsHandler definition: gather HTTP statistics
type httpStatsHandler struct {
handler http.Handler
}
// setHttpStatsHandler sets a http Stats Handler
func setHTTPStatsHandler(h http.Handler) http.Handler {
return httpStatsHandler{handler: h}
}
func (h httpStatsHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
fix: Audit tests on the correct response writer type (#9445)
2020-04-30 13:17:36 +08:00
// Meters s3 connection stats.
meteredRequest := &stats.IncomingTrafficMeter{ReadCloser: r.Body}
meteredResponse := &stats.OutgoingTrafficMeter{ResponseWriter: w}
stats: Add network and http statisics (#3686) Network: total bytes of incoming and outgoing server's data by taking advantage of our ConnMux Read/Write wrapping HTTP: total number of different http verbs passed in http requests and different status codes passed in http responses. This is counted in a new http handler.
2017-02-07 01:29:53 +08:00
// Execute the request
fix: Audit tests on the correct response writer type (#9445)
2020-04-30 13:17:36 +08:00
r.Body = meteredRequest
h.handler.ServeHTTP(meteredResponse, r)
if strings.HasPrefix(r.URL.Path, minioReservedBucketPath) {
globalConnStats.incInputBytes(meteredRequest.BytesCount())
globalConnStats.incOutputBytes(meteredResponse.BytesCount())
} else {
globalConnStats.incS3InputBytes(meteredRequest.BytesCount())
globalConnStats.incS3OutputBytes(meteredResponse.BytesCount())
}
stats: Add network and http statisics (#3686) Network: total bytes of incoming and outgoing server's data by taking advantage of our ConnMux Read/Write wrapping HTTP: total number of different http verbs passed in http requests and different status codes passed in http responses. This is counted in a new http handler.
2017-02-07 01:29:53 +08:00
}
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
Validate and reject unusual requests (#7258)
2019-02-20 13:02:41 +08:00
// requestValidityHandler validates all the incoming paths for
// any malicious requests.
type requestValidityHandler struct {
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
handler http.Handler
}
Validate and reject unusual requests (#7258)
2019-02-20 13:02:41 +08:00
func setRequestValidityHandler(h http.Handler) http.Handler {
return requestValidityHandler{handler: h}
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
}
// Bad path components to be rejected by the path validity handler.
const (
dotdotComponent = ".."
dotComponent = "."
)
// Check if the incoming path has bad path components,
// such as ".." and "."
func hasBadPathComponent(path string) bool {
path = strings.TrimSpace(path)
Use const slashSeparator instead of "/" everywhere (#8028)
2019-08-07 03:08:58 +08:00
for _, p := range strings.Split(path, SlashSeparator) {
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
switch strings.TrimSpace(p) {
case dotdotComponent:
return true
case dotComponent:
return true
}
}
return false
}
Validate and reject unusual requests (#7258)
2019-02-20 13:02:41 +08:00
// Check if client is sending a malicious request.
func hasMultipleAuth(r *http.Request) bool {
authTypeCount := 0
for _, hasValidAuth := range []func(*http.Request) bool{isRequestSignatureV2, isRequestPresignedSignatureV2, isRequestSignatureV4, isRequestPresignedSignatureV4, isRequestJWT, isRequestPostPolicySignatureV4} {
if hasValidAuth(r) {
authTypeCount++
}
}
return authTypeCount > 1
}
func (h requestValidityHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
// Check for bad components in URL path.
if hasBadPathComponent(r.URL.Path) {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrInvalidResourceName), r.URL, guessIsBrowserReq(r))
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
return
}
// Check for bad components in URL query values.
for _, vv := range r.URL.Query() {
for _, v := range vv {
if hasBadPathComponent(v) {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrInvalidResourceName), r.URL, guessIsBrowserReq(r))
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
return
}
}
}
Validate and reject unusual requests (#7258)
2019-02-20 13:02:41 +08:00
if hasMultipleAuth(r) {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrInvalidRequest), r.URL, guessIsBrowserReq(r))
Validate and reject unusual requests (#7258)
2019-02-20 13:02:41 +08:00
return
}
server: Validate path for bad components in a handler. (#4170)
2017-04-25 09:13:46 +08:00
h.handler.ServeHTTP(w, r)
}
Limit number of connections upto system maxlimit (#5109)
2017-12-20 16:00:14 +08:00
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
// To forward the path style requests on a bucket to the right
// configured server, bucket to IP configuration is obtained
// from centralized etcd configuration service.
type bucketForwardingHandler struct {
fwd *handlers.Forwarder
handler http.Handler
}
func (f bucketForwardingHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Support multiple-domains in MINIO_DOMAIN (#7274) Fixes #7173
2019-02-23 11:18:01 +08:00
if globalDNSConfig == nil || len(globalDomainNames) == 0 ||
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
guessIsHealthCheckReq(r) || guessIsMetricsReq(r) ||
Disable federated buckets when etcd is namespaced (#8709) This is to ensure that when we have multiple tenants deployed all sharing the same etcd for global bucket should avoid listing each others buckets, this leads to information leak which should be avoided unless etcd is not namespaced for IAM assets in which case it can be assumed that its a federated setup. Federated setup and namespaced IAM assets on etcd is not supported since namespacing is only useful when you wish to separate the tenants as isolated instances of MinIO. This PR allows a new type of behavior, primarily driven by the usecase of m3(mkube) multi-tenant deployments with global bucket support.
2019-12-30 00:56:45 +08:00
guessIsRPCReq(r) || guessIsLoginSTSReq(r) || isAdminReq(r) ||
!globalBucketFederation {
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
f.handler.ServeHTTP(w, r)
return
}
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
// For browser requests, when federation is setup we need to
// specifically handle download and upload for browser requests.
Support multiple-domains in MINIO_DOMAIN (#7274) Fixes #7173
2019-02-23 11:18:01 +08:00
if guessIsBrowserReq(r) && globalDNSConfig != nil && len(globalDomainNames) > 0 {
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
var bucket, _ string
switch r.Method {
case http.MethodPut:
if getRequestAuthType(r) == authTypeJWT {
fix: Avoid double usage calculation on every restart (#8856) On every restart of the server, usage was being calculated which is not useful instead wait for sufficient time to start the crawling routine. This PR also avoids lots of double allocations through strings, optimizes usage of string builders and also avoids crawling through symbolic links. Fixes #8844
2020-01-22 06:07:49 +08:00
bucket, _ = path2BucketObjectWithBasePath(minioReservedBucketPath+"/upload", r.URL.Path)
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
}
case http.MethodGet:
if t := r.URL.Query().Get("token"); t != "" {
fix: Avoid double usage calculation on every restart (#8856) On every restart of the server, usage was being calculated which is not useful instead wait for sufficient time to start the crawling routine. This PR also avoids lots of double allocations through strings, optimizes usage of string builders and also avoids crawling through symbolic links. Fixes #8844
2020-01-22 06:07:49 +08:00
bucket, _ = path2BucketObjectWithBasePath(minioReservedBucketPath+"/download", r.URL.Path)
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
} else if getRequestAuthType(r) != authTypeJWT && !strings.HasPrefix(r.URL.Path, minioReservedBucketPath) {
fix BucketForward Handler for federated setup (#8646) fixes #8595
2019-12-18 16:36:03 +08:00
bucket, _ = request2BucketObjectName(r)
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
}
}
Allow CopyObject in pathStyle across federated instances (#8064) Fixes #7976
2019-08-22 16:02:39 +08:00
if bucket == "" {
f.handler.ServeHTTP(w, r)
return
}
sr, err := globalDNSConfig.Get(bucket)
if err != nil {
if err == dns.ErrNoEntriesFound {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrNoSuchBucket),
Allow CopyObject in pathStyle across federated instances (#8064) Fixes #7976
2019-08-22 16:02:39 +08:00
r.URL, guessIsBrowserReq(r))
} else {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, toAPIError(r.Context(), err),
Allow CopyObject in pathStyle across federated instances (#8064) Fixes #7976
2019-08-22 16:02:39 +08:00
r.URL, guessIsBrowserReq(r))
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
}
Allow CopyObject in pathStyle across federated instances (#8064) Fixes #7976
2019-08-22 16:02:39 +08:00
return
}
if globalDomainIPs.Intersection(set.CreateStringSet(getHostsSlice(sr)...)).IsEmpty() {
r.URL.Scheme = "http"
if globalIsSSL {
r.URL.Scheme = "https"
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
}
Allow CopyObject in pathStyle across federated instances (#8064) Fixes #7976
2019-08-22 16:02:39 +08:00
r.URL.Host = getHostFromSrv(sr)
f.fwd.ServeHTTP(w, r)
return
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
}
Fix for web-uploads in federated mode (#8175) Fixes #8173
2019-09-05 01:44:02 +08:00
f.handler.ServeHTTP(w, r)
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
return
}
Handle HEAD/GET requests for virtual DNS requests (#7839) r.URL.Path is empty when HEAD bucket with virtual DNS requests come in since bucket is now part of r.Host, we should use our domain names and fetch the right bucket/object names. This fixes an really old issue in our federation setups.
2019-06-27 09:21:54 +08:00
bucket, object := request2BucketObjectName(r)
fix: requests without bucket should route to the original router (#9541) requests in federated setups for STS type calls which are performed at '/' resource should be routed by the muxer, the assumption is simply such that requests without a bucket in a federated setup cannot be proxied, so serve them at current server.
2020-05-08 02:49:04 +08:00
// Requests in federated setups for STS type calls which are
// performed at '/' resource should be routed by the muxer,
// the assumption is simply such that requests without a bucket
// in a federated setup cannot be proxied, so serve them at
// current server.
if bucket == "" {
Add functionality to add old buckets to etcd on startup Buckets already present on a Minio server before it joins a bucket federated deployment will now be added to etcd during startup. In case of a bucket name collision, admin is informed via Minio server console message. Added configuration migration for configuration stored in etcd backend. Also, environment variables are updated and ListBucket path style request is no longer forwarded.
2018-04-05 23:18:42 +08:00
f.handler.ServeHTTP(w, r)
return
}
Use random host from among multiple hosts to create requests Also use hosts passed to Minio startup command to populate IP addresses if MINIO_PUBLIC_IPS is not set.
2018-05-16 09:20:22 +08:00
// MakeBucket requests should be handled at current endpoint
if r.Method == http.MethodPut && bucket != "" && object == "" {
f.handler.ServeHTTP(w, r)
return
}
Add support for CopyObject across regions and multiple Minio IPs This PR adds CopyObject support for objects residing in buckets in different Minio instances (where Minio instances are part of a federated setup). Also, added support for multiple Minio domain IPs. This is required for distributed deployments, where one deployment may have multiple nodes, each with a different public IP.
2018-05-12 03:02:30 +08:00
// CopyObject requests should be handled at current endpoint as path style
// requests have target bucket and object in URI and source details are in
// header fields
Allow CopyObject in pathStyle across federated instances (#8064) Fixes #7976
2019-08-22 16:02:39 +08:00
if r.Method == http.MethodPut && r.Header.Get(xhttp.AmzCopySource) != "" {
fix: Avoid double usage calculation on every restart (#8856) On every restart of the server, usage was being calculated which is not useful instead wait for sufficient time to start the crawling routine. This PR also avoids lots of double allocations through strings, optimizes usage of string builders and also avoids crawling through symbolic links. Fixes #8844
2020-01-22 06:07:49 +08:00
bucket, object = path2BucketObject(r.Header.Get(xhttp.AmzCopySource))
Allow CopyObject in pathStyle across federated instances (#8064) Fixes #7976
2019-08-22 16:02:39 +08:00
if bucket == "" || object == "" {
f.handler.ServeHTTP(w, r)
return
}
Add support for CopyObject across regions and multiple Minio IPs This PR adds CopyObject support for objects residing in buckets in different Minio instances (where Minio instances are part of a federated setup). Also, added support for multiple Minio domain IPs. This is required for distributed deployments, where one deployment may have multiple nodes, each with a different public IP.
2018-05-12 03:02:30 +08:00
}
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
sr, err := globalDNSConfig.Get(bucket)
if err != nil {
Update federation target to etcd/clientv3 (#6119) With CoreDNS now supporting etcdv3 as the DNS backend, we can update our federation target to etcdv3. Users will now be able to use etcdv3 server as the federation backbone. Minio will update bucket data to etcdv3 and CoreDNS can pick that data up and serve it as bucket style DNS path.
2018-07-13 05:12:40 +08:00
if err == dns.ErrNoEntriesFound {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrNoSuchBucket), r.URL, guessIsBrowserReq(r))
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
} else {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, toAPIError(r.Context(), err), r.URL, guessIsBrowserReq(r))
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
}
return
}
Add support for CopyObject across regions and multiple Minio IPs This PR adds CopyObject support for objects residing in buckets in different Minio instances (where Minio instances are part of a federated setup). Also, added support for multiple Minio domain IPs. This is required for distributed deployments, where one deployment may have multiple nodes, each with a different public IP.
2018-05-12 03:02:30 +08:00
if globalDomainIPs.Intersection(set.CreateStringSet(getHostsSlice(sr)...)).IsEmpty() {
Use random host from among multiple hosts to create requests Also use hosts passed to Minio startup command to populate IP addresses if MINIO_PUBLIC_IPS is not set.
2018-05-16 09:20:22 +08:00
r.URL.Scheme = "http"
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
if globalIsSSL {
Use random host from among multiple hosts to create requests Also use hosts passed to Minio startup command to populate IP addresses if MINIO_PUBLIC_IPS is not set.
2018-05-16 09:20:22 +08:00
r.URL.Scheme = "https"
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
}
Add support for federation on browser (#6891)
2018-12-19 21:13:47 +08:00
r.URL.Host = getHostFromSrv(sr)
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
f.fwd.ServeHTTP(w, r)
return
}
f.handler.ServeHTTP(w, r)
}
// setBucketForwardingHandler middleware forwards the path style requests
// on a bucket to the right bucket location, bucket to IP configuration
// is obtained from centralized etcd configuration service.
func setBucketForwardingHandler(h http.Handler) http.Handler {
fwd := handlers.NewForwarder(&handlers.Forwarder{
PassHost: true,
fix: bump the response header timeout for forwarder as well (#9994) continuation of #9986, add more place where the lower timeout comes into effect.
2020-07-09 01:55:24 +08:00
RoundTripper: newGatewayHTTPTransport(1 * time.Hour),
federation: Avoid printing context canceled error (#7997) Golang proactively prints this error `http: proxy error: context canceled` when a request arrived to the current deployment and redirected to another deployment in a federated setup. Since this error can confuse users, this commit will just hide it.
2019-08-01 02:08:10 +08:00
Logger: func(err error) {
use GlobalContext whenever possible (#9280) This change is throughout the codebase to ensure that all codepaths honor GlobalContext
2020-04-10 00:30:02 +08:00
logger.LogIf(GlobalContext, err)
federation: Avoid printing context canceled error (#7997) Golang proactively prints this error `http: proxy error: context canceled` when a request arrived to the current deployment and redirected to another deployment in a federated setup. Since this error can confuse users, this commit will just hide it.
2019-08-01 02:08:10 +08:00
},
Bring etcd support for bucket DNS federation - Supports centralized `config.json` - Supports centralized `bucket` service records for client lookups - implement a new proxy forwarder
2018-02-03 10:18:52 +08:00
})
return bucketForwardingHandler{fwd, h}
}
Remove DeploymentID from response headers (#7815) Response headers need not contain deployment ID.
2019-07-02 03:22:01 +08:00
// customHeaderHandler sets x-amz-request-id header.
Refactor logging in more Go idiomatic style (#6816) This refactor brings a change which allows targets to be added in a cleaner way and also audit is now moved out. This PR also simplifies logger dependency for auditing
2018-11-20 06:47:03 +08:00
// Previously, this value was set right before a response was sent to
// the client. So, logger and Error response XML were not using this
// value. This is set here so that this header can be logged as
// part of the log entry, Error response XML and auditing.
type customHeaderHandler struct {
Log x-amz-request-id as log and XML error response (#6173) Currently, requestid field in logEntry is not populated, as the requestid field gets set at the very end. It is now set before regular handler functions. This is also useful in setting it as part of the XML error response. Travis build for ppc64le has been quite inconsistent and stays queued for most of the time. Removing this build as part of Travis.yml for the time being.
2018-07-21 09:46:32 +08:00
handler http.Handler
}
Refactor logging in more Go idiomatic style (#6816) This refactor brings a change which allows targets to be added in a cleaner way and also audit is now moved out. This PR also simplifies logger dependency for auditing
2018-11-20 06:47:03 +08:00
func addCustomHeaders(h http.Handler) http.Handler {
return customHeaderHandler{handler: h}
Log x-amz-request-id as log and XML error response (#6173) Currently, requestid field in logEntry is not populated, as the requestid field gets set at the very end. It is now set before regular handler functions. This is also useful in setting it as part of the XML error response. Travis build for ppc64le has been quite inconsistent and stays queued for most of the time. Removing this build as part of Travis.yml for the time being.
2018-07-21 09:46:32 +08:00
}
Refactor logging in more Go idiomatic style (#6816) This refactor brings a change which allows targets to be added in a cleaner way and also audit is now moved out. This PR also simplifies logger dependency for auditing
2018-11-20 06:47:03 +08:00
func (s customHeaderHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
Remove DeploymentID from response headers (#7815) Response headers need not contain deployment ID.
2019-07-02 03:22:01 +08:00
// Set custom headers such as x-amz-request-id for each request.
Ensure that we use constants everywhere (#7845) This allows for canonicalization of the strings throughout our code and provides a common space for all these constants to reside. This list is rather non-exhaustive but captures all the headers used in AWS S3 API operations
2019-07-03 13:34:32 +08:00
w.Header().Set(xhttp.AmzRequestID, mustGetRequestID(UTCNow()))
Refactor logging in more Go idiomatic style (#6816) This refactor brings a change which allows targets to be added in a cleaner way and also audit is now moved out. This PR also simplifies logger dependency for auditing
2018-11-20 06:47:03 +08:00
s.handler.ServeHTTP(logger.NewResponseWriter(w), r)
Log x-amz-request-id as log and XML error response (#6173) Currently, requestid field in logEntry is not populated, as the requestid field gets set at the very end. It is now set before regular handler functions. This is also useful in setting it as part of the XML error response. Travis build for ppc64le has been quite inconsistent and stays queued for most of the time. Removing this build as part of Travis.yml for the time being.
2018-07-21 09:46:32 +08:00
}
add some security HTTP headers (#5814) This change adds some security headers like Content-Security-Policy. It does not set the HSTS header because Content-Security-Policy prevents mixed HTTP and HTTPS content and the server does not use cookies. However it is a header which could be added later on. It also moves some header added by #5805 from a vendored file to a generic handler. Fixes ##5813
2018-04-13 06:57:41 +08:00
type securityHeaderHandler struct {
handler http.Handler
}
func addSecurityHeaders(h http.Handler) http.Handler {
return securityHeaderHandler{handler: h}
}
func (s securityHeaderHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
header := w.Header()
Remove quotes for XSS Protection Header (#5992)
2018-05-30 17:29:27 +08:00
header.Set("X-XSS-Protection", "1; mode=block") // Prevents against XSS attacks
add some security HTTP headers (#5814) This change adds some security headers like Content-Security-Policy. It does not set the HSTS header because Content-Security-Policy prevents mixed HTTP and HTTPS content and the server does not use cookies. However it is a header which could be added later on. It also moves some header added by #5805 from a vendored file to a generic handler. Fixes ##5813
2018-04-13 06:57:41 +08:00
header.Set("Content-Security-Policy", "block-all-mixed-content") // prevent mixed (HTTP / HTTPS content)
s.handler.ServeHTTP(w, r)
}
replace os.Exit with panic for logger.CriticalIf (#6065) This commit prevents complete server failures caused by `logger.CriticalIf` calls. Instead of calling `os.Exit(1)` the function now executes a panic with a special value indicating that a critical error happend. At the top HTTP handler layer panics are recovered and if its a critical error the client gets an InternalServerError status code. Further this allows unit tests to cover critical-error code paths.
2018-06-26 04:51:49 +08:00
// criticalErrorHandler handles critical server failures caused by
// `panic(logger.ErrCritical)` as done by `logger.CriticalIf`.
//
// It should be always the first / highest HTTP handler.
type criticalErrorHandler struct{ handler http.Handler }
func (h criticalErrorHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
defer func() {
if err := recover(); err == logger.ErrCritical { // handle
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrInternalError), r.URL, guessIsBrowserReq(r))
Allow idiomatic usage of middlewares in gorilla/mux (#9802) Historically due to lack of support for middlewares we ended up writing wrapped handlers for all middlewares on top of the gorilla/mux, this causes multiple issues when we want to let's say - Overload r.Body with some custom implementation to track the incoming Reads() - Add other sort of top level checks to avoid DDOSing the server with large incoming HTTP bodies. Since 1.7.x release gorilla/mux provides proper use of middlewares, which are honored by the muxer directly. This makes sure that Go can honor its own internal ServeHTTP(w, r) implementation where Go net/http can wrap into its own customer readers. This PR as a side-affect fixes rare issues of client hangs which were reported in the wild but never really understood or fixed in our codebase. Fixes #9759 Fixes #7266 Fixes #6540 Fixes #5455 Fixes #5150 Refer https://github.com/boto/botocore/pull/1328 for one variation of the same issue in #9759
2020-06-11 23:19:55 +08:00
return
replace os.Exit with panic for logger.CriticalIf (#6065) This commit prevents complete server failures caused by `logger.CriticalIf` calls. Instead of calling `os.Exit(1)` the function now executes a panic with a special value indicating that a critical error happend. At the top HTTP handler layer panics are recovered and if its a critical error the client gets an InternalServerError status code. Further this allows unit tests to cover critical-error code paths.
2018-06-26 04:51:49 +08:00
} else if err != nil {
panic(err) // forward other panic calls
}
}()
h.handler.ServeHTTP(w, r)
}
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-17 10:22:09 +08:00
func setSSETLSHandler(h http.Handler) http.Handler { return sseTLSHandler{h} }
// sseTLSHandler enforces certain rules for SSE requests which are made / must be made over TLS.
type sseTLSHandler struct{ handler http.Handler }
func (h sseTLSHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// Deny SSE-C requests if not made over TLS
if !globalIsSSL && (crypto.SSEC.IsRequested(r.Header) || crypto.SSECopy.IsRequested(r.Header)) {
Return error response header only for HEAD method (#6709)
2018-10-27 09:03:17 +08:00
if r.Method == http.MethodHead {
Support unknown gateway errors and convert at handler layer (#7219) Different gateway implementations due to different backend API errors, might return different unsupported errors at our handler layer. Current code posed a problem for us because this information was lost and we would convert it to InternalError in this situation all S3 clients end up retrying the request. To avoid this unexpected situation implement a way to support this cleanly such that the underlying information is not lost which is returned by gateway.
2019-02-12 17:25:52 +08:00
writeErrorResponseHeadersOnly(w, errorCodes.ToAPIErr(ErrInsecureSSECustomerRequest))
Return error response header only for HEAD method (#6709)
2018-10-27 09:03:17 +08:00
} else {
fix: various optimizations, idiomatic changes (#9179) - acquire since leader lock for all background operations - healing, crawling and applying lifecycle policies. - simplify lifecyle to avoid network calls, which was a bug in implementation - we should hold a leader and do everything from there, we have access to entire name space. - make listing, walking not interfere by slowing itself down like the crawler. - effectively use global context everywhere to ensure proper shutdown, in cache, lifecycle, healing - don't read `format.json` for prometheus metrics in StorageInfo() call.
2020-03-23 03:16:36 +08:00
writeErrorResponse(r.Context(), w, errorCodes.ToAPIErr(ErrInsecureSSECustomerRequest), r.URL, guessIsBrowserReq(r))
Return error response header only for HEAD method (#6709)
2018-10-27 09:03:17 +08:00
}
move SSE-C TLS enforcement into generic handler (#6639) This commit moves the check that SSE-C requests must be made over TLS into a generic HTTP handler. Since the HTTP server uses custom TCP connection handling it is not possible to use `http.Request.TLS` to check for TLS connections. So using `globalIsSSL` is the only option to detect whether the request is made over TLS. By extracting this check into a separate handler it's possible to refactor other parts of the SSE handling code further.
2018-10-17 10:22:09 +08:00
return
}
h.handler.ServeHTTP(w, r)
}