Admin: Raise error if config and env credentials mismatch (#4870)

master
poornas 7 years ago committed by Dee Koder
parent 189b6682d6
commit 0d154871d5
  1. 18
      cmd/admin-handlers.go
  2. 6
      cmd/api-errors.go

@ -979,6 +979,24 @@ func (adminAPI adminAPIHandlers) SetConfigHandler(w http.ResponseWriter, r *http
return return
} }
var config serverConfigV19
err = json.Unmarshal(configBytes, &config)
if err != nil {
errorIf(err, "Failed to unmarshal config from request body.")
writeErrorResponse(w, toAPIErrorCode(err), r.URL)
return
}
if globalIsEnvCreds {
creds := serverConfig.GetCredential()
if config.Credential.AccessKey != creds.AccessKey ||
config.Credential.SecretKey != creds.SecretKey {
writeErrorResponse(w, ErrAdminCredentialsMismatch, r.URL)
return
}
}
// Write config received from request onto a temporary file on // Write config received from request onto a temporary file on
// all nodes. // all nodes.
tmpFileName := fmt.Sprintf(minioConfigTmpFormat, mustGetUUID()) tmpFileName := fmt.Sprintf(minioConfigTmpFormat, mustGetUUID())

@ -153,6 +153,7 @@ const (
ErrAdminInvalidAccessKey ErrAdminInvalidAccessKey
ErrAdminInvalidSecretKey ErrAdminInvalidSecretKey
ErrAdminConfigNoQuorum ErrAdminConfigNoQuorum
ErrAdminCredentialsMismatch
ErrInsecureClientRequest ErrInsecureClientRequest
) )
@ -633,6 +634,11 @@ var errorCodeResponse = map[APIErrorCode]APIError{
Description: "Configuration update failed because server quorum was not met", Description: "Configuration update failed because server quorum was not met",
HTTPStatusCode: http.StatusServiceUnavailable, HTTPStatusCode: http.StatusServiceUnavailable,
}, },
ErrAdminCredentialsMismatch: {
Code: "XMinioAdminCredentialsMismatch",
Description: "Credentials in config mismatch with server environment variables",
HTTPStatusCode: http.StatusServiceUnavailable,
},
ErrInsecureClientRequest: { ErrInsecureClientRequest: {
Code: "XMinioInsecureClientRequest", Code: "XMinioInsecureClientRequest",
Description: "Cannot respond to plain-text request from TLS-encrypted server", Description: "Cannot respond to plain-text request from TLS-encrypted server",

Loading…
Cancel
Save