oyd
/
minio
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #1077 from harshavardhana/flags

Browse Source 
flags: Remove anonymous, ratelimit, json and web-address flags.
master
Harshavardhana 9 years ago
parent e39b6caada df91661ec6
commit 15924a8f05
8 changed files with 98 additions and 282 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 104
      bucket-handlers.go
  2. 25
      flags.go
  3. 4
      main.go
  4. 186
      object-handlers.go
  5. 7
      routers.go
  6. 46
      server-main.go
  7. 1
      server_fs_test.go
  8. 7
      signature-handler.go

104
bucket-handlers.go
Unescape View File

@ -34,13 +34,6 @@ func (api CloudStorageAPI) GetBucketLocationHandler(w http.ResponseWriter, req *
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
_, err := api.Filesystem.GetBucketMetadata(bucket) _, err := api.Filesystem.GetBucketMetadata(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetBucketMetadata failed.", nil) errorIf(err.Trace(), "GetBucketMetadata failed.", nil)
@ -75,13 +68,6 @@ func (api CloudStorageAPI) ListMultipartUploadsHandler(w http.ResponseWriter, re
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
resources := getBucketMultipartResources(req.URL.Query()) resources := getBucketMultipartResources(req.URL.Query())
if resources.MaxUploads < 0 { if resources.MaxUploads < 0 {
writeErrorResponse(w, req, InvalidMaxUploads, req.URL.Path) writeErrorResponse(w, req, InvalidMaxUploads, req.URL.Path)
@ -121,15 +107,6 @@ func (api CloudStorageAPI) ListObjectsHandler(w http.ResponseWriter, req *http.R
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
// TODO handle encoding type. // TODO handle encoding type.
prefix, marker, delimiter, maxkeys, _ := getBucketResources(req.URL.Query()) prefix, marker, delimiter, maxkeys, _ := getBucketResources(req.URL.Query())
if maxkeys < 0 { if maxkeys < 0 {
@ -171,12 +148,6 @@ func (api CloudStorageAPI) ListObjectsHandler(w http.ResponseWriter, req *http.R
// This implementation of the GET operation returns a list of all buckets // This implementation of the GET operation returns a list of all buckets
// owned by the authenticated sender of the request. // owned by the authenticated sender of the request.
func (api CloudStorageAPI) ListBucketsHandler(w http.ResponseWriter, req *http.Request) { func (api CloudStorageAPI) ListBucketsHandler(w http.ResponseWriter, req *http.Request) {
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
buckets, err := api.Filesystem.ListBuckets() buckets, err := api.Filesystem.ListBuckets()
if err == nil { if err == nil {
// generate response // generate response
@ -199,13 +170,6 @@ func (api CloudStorageAPI) PutBucketHandler(w http.ResponseWriter, req *http.Req
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
// read from 'x-amz-acl' // read from 'x-amz-acl'
aclType := getACLType(req) aclType := getACLType(req)
if aclType == unsupportedACLType { if aclType == unsupportedACLType {
@ -214,26 +178,24 @@ func (api CloudStorageAPI) PutBucketHandler(w http.ResponseWriter, req *http.Req
} }
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { // Init signature V4 verification
// Init signature V4 verification if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -374,13 +336,6 @@ func (api CloudStorageAPI) PutBucketACLHandler(w http.ResponseWriter, req *http.
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
// read from 'x-amz-acl' // read from 'x-amz-acl'
aclType := getACLType(req) aclType := getACLType(req)
if aclType == unsupportedACLType { if aclType == unsupportedACLType {
@ -413,13 +368,6 @@ func (api CloudStorageAPI) GetBucketACLHandler(w http.ResponseWriter, req *http.
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
bucketMetadata, err := api.Filesystem.GetBucketMetadata(bucket) bucketMetadata, err := api.Filesystem.GetBucketMetadata(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetBucketMetadata failed.", nil) errorIf(err.Trace(), "GetBucketMetadata failed.", nil)
@ -452,15 +400,6 @@ func (api CloudStorageAPI) HeadBucketHandler(w http.ResponseWriter, req *http.Re
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
_, err := api.Filesystem.GetBucketMetadata(bucket) _, err := api.Filesystem.GetBucketMetadata(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetBucketMetadata failed.", nil) errorIf(err.Trace(), "GetBucketMetadata failed.", nil)
@ -482,13 +421,6 @@ func (api CloudStorageAPI) DeleteBucketHandler(w http.ResponseWriter, req *http.
vars := mux.Vars(req) vars := mux.Vars(req)
bucket := vars["bucket"] bucket := vars["bucket"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
err := api.Filesystem.DeleteBucket(bucket) err := api.Filesystem.DeleteBucket(bucket)
if err != nil { if err != nil {
errorIf(err.Trace(), "DeleteBucket failed.", nil) errorIf(err.Trace(), "DeleteBucket failed.", nil)

25
flags.go
Unescape View File

@ -34,32 +34,12 @@ var (
Usage: "ADDRESS:PORT for cloud storage access.", Usage: "ADDRESS:PORT for cloud storage access.",
} }
webAddressFlag = cli.StringFlag{
Name: "web-address",
Value: ":9001",
Hide: true,
Usage: "WEBADDRESS:PORT for cloud storage access.",
}
accessLogFlag = cli.BoolFlag{ accessLogFlag = cli.BoolFlag{
Name: "enable-accesslog", Name: "enable-accesslog",
Hide: true, Hide: true,
Usage: "Enable access logs for all incoming HTTP request.", Usage: "Enable access logs for all incoming HTTP request.",
} }
rateLimitFlag = cli.IntFlag{
Name: "ratelimit",
Hide: true,
Value: 0,
Usage: "Limit for total concurrent requests: [DEFAULT: 0].",
}
anonymousFlag = cli.BoolFlag{
Name: "anonymous",
Hide: true,
Usage: "Make server run in anonymous mode where all client connections are accepted.",
}
certFlag = cli.StringFlag{ certFlag = cli.StringFlag{
Name: "cert", Name: "cert",
Usage: "Provide your domain certificate.", Usage: "Provide your domain certificate.",
@ -69,11 +49,6 @@ var (
Name: "key", Name: "key",
Usage: "Provide your domain private key.", Usage: "Provide your domain private key.",
} }
jsonFlag = cli.BoolFlag{
Name: "json",
Usage: "Enable json formatted output.",
}
) )
// registerFlag registers a cli flag // registerFlag registers a cli flag

4
main.go
Unescape View File

@ -121,13 +121,9 @@ func registerApp() *cli.App {
// register all flags // register all flags
registerFlag(configFolderFlag) registerFlag(configFolderFlag)
registerFlag(addressFlag) registerFlag(addressFlag)
registerFlag(webAddressFlag)
registerFlag(accessLogFlag) registerFlag(accessLogFlag)
registerFlag(rateLimitFlag)
registerFlag(anonymousFlag)
registerFlag(certFlag) registerFlag(certFlag)
registerFlag(keyFlag) registerFlag(keyFlag)
registerFlag(jsonFlag)
// set up app // set up app
app := cli.NewApp() app := cli.NewApp()

186
object-handlers.go
Unescape View File

@ -39,15 +39,6 @@ func (api CloudStorageAPI) GetObjectHandler(w http.ResponseWriter, req *http.Req
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
metadata, err := api.Filesystem.GetObjectMetadata(bucket, object) metadata, err := api.Filesystem.GetObjectMetadata(bucket, object)
if err != nil { if err != nil {
errorIf(err.Trace(), "GetObject failed.", nil) errorIf(err.Trace(), "GetObject failed.", nil)
@ -87,15 +78,6 @@ func (api CloudStorageAPI) HeadObjectHandler(w http.ResponseWriter, req *http.Re
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
metadata, err := api.Filesystem.GetObjectMetadata(bucket, object) metadata, err := api.Filesystem.GetObjectMetadata(bucket, object)
if err != nil { if err != nil {
switch err.ToGoError().(type) { switch err.ToGoError().(type) {
@ -125,15 +107,6 @@ func (api CloudStorageAPI) PutObjectHandler(w http.ResponseWriter, req *http.Req
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) || api.Filesystem.IsReadOnlyBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
// get Content-MD5 sent by client and verify if valid // get Content-MD5 sent by client and verify if valid
md5 := req.Header.Get("Content-MD5") md5 := req.Header.Get("Content-MD5")
if !isValidMD5(md5) { if !isValidMD5(md5) {
@ -153,26 +126,24 @@ func (api CloudStorageAPI) PutObjectHandler(w http.ResponseWriter, req *http.Req
} }
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { // Init signature V4 verification
// Init signature V4 verification var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -219,14 +190,6 @@ func (api CloudStorageAPI) NewMultipartUploadHandler(w http.ResponseWriter, req
bucket = vars["bucket"] bucket = vars["bucket"]
object = vars["object"] object = vars["object"]
if !api.Anonymous {
// Unauthorized multipart uploads are not supported
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
uploadID, err := api.Filesystem.NewMultipartUpload(bucket, object) uploadID, err := api.Filesystem.NewMultipartUpload(bucket, object)
if err != nil { if err != nil {
errorIf(err.Trace(), "NewMultipartUpload failed.", nil) errorIf(err.Trace(), "NewMultipartUpload failed.", nil)
@ -261,13 +224,6 @@ func (api CloudStorageAPI) PutObjectPartHandler(w http.ResponseWriter, req *http
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
// get Content-MD5 sent by client and verify if valid // get Content-MD5 sent by client and verify if valid
md5 := req.Header.Get("Content-MD5") md5 := req.Header.Get("Content-MD5")
if !isValidMD5(md5) { if !isValidMD5(md5) {
@ -302,26 +258,24 @@ func (api CloudStorageAPI) PutObjectPartHandler(w http.ResponseWriter, req *http
} }
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { // Init signature V4 verification
// Init signature V4 verification var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -361,13 +315,6 @@ func (api CloudStorageAPI) AbortMultipartUploadHandler(w http.ResponseWriter, re
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
objectResourcesMetadata := getObjectResources(req.URL.Query()) objectResourcesMetadata := getObjectResources(req.URL.Query())
err := api.Filesystem.AbortMultipartUpload(bucket, object, objectResourcesMetadata.UploadID) err := api.Filesystem.AbortMultipartUpload(bucket, object, objectResourcesMetadata.UploadID)
if err != nil { if err != nil {
@ -397,13 +344,6 @@ func (api CloudStorageAPI) ListObjectPartsHandler(w http.ResponseWriter, req *ht
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
objectResourcesMetadata := getObjectResources(req.URL.Query()) objectResourcesMetadata := getObjectResources(req.URL.Query())
if objectResourcesMetadata.PartNumberMarker < 0 { if objectResourcesMetadata.PartNumberMarker < 0 {
writeErrorResponse(w, req, InvalidPartNumberMarker, req.URL.Path) writeErrorResponse(w, req, InvalidPartNumberMarker, req.URL.Path)
@ -450,35 +390,26 @@ func (api CloudStorageAPI) CompleteMultipartUploadHandler(w http.ResponseWriter,
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
objectResourcesMetadata := getObjectResources(req.URL.Query()) objectResourcesMetadata := getObjectResources(req.URL.Query())
var signature *fs.Signature var signature *fs.Signature
if !api.Anonymous { if isRequestSignatureV4(req) {
if isRequestSignatureV4(req) { // Init signature V4 verification
// Init signature V4 verification var err *probe.Error
var err *probe.Error signature, err = initSignatureV4(req)
signature, err = initSignatureV4(req) if err != nil {
if err != nil { switch err.ToGoError() {
switch err.ToGoError() { case errInvalidRegion:
case errInvalidRegion: errorIf(err.Trace(), "Unknown region in authorization header.", nil)
errorIf(err.Trace(), "Unknown region in authorization header.", nil) writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path)
writeErrorResponse(w, req, AuthorizationHeaderMalformed, req.URL.Path) return
return case errAccessKeyIDInvalid:
case errAccessKeyIDInvalid: errorIf(err.Trace(), "Invalid access key id.", nil)
errorIf(err.Trace(), "Invalid access key id.", nil) writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path)
writeErrorResponse(w, req, InvalidAccessKeyID, req.URL.Path) return
return default:
default: errorIf(err.Trace(), "Initializing signature v4 failed.", nil)
errorIf(err.Trace(), "Initializing signature v4 failed.", nil) writeErrorResponse(w, req, InternalError, req.URL.Path)
writeErrorResponse(w, req, InternalError, req.URL.Path) return
return
}
} }
} }
} }
@ -528,15 +459,6 @@ func (api CloudStorageAPI) DeleteObjectHandler(w http.ResponseWriter, req *http.
bucket := vars["bucket"] bucket := vars["bucket"]
object := vars["object"] object := vars["object"]
if !api.Anonymous {
if isRequestRequiresACLCheck(req) {
if api.Filesystem.IsPrivateBucket(bucket) || api.Filesystem.IsReadOnlyBucket(bucket) {
writeErrorResponse(w, req, AccessDenied, req.URL.Path)
return
}
}
}
err := api.Filesystem.DeleteObject(bucket, object) err := api.Filesystem.DeleteObject(bucket, object)
if err != nil { if err != nil {
errorIf(err.Trace(), "DeleteObject failed.", nil) errorIf(err.Trace(), "DeleteObject failed.", nil)

7
routers.go
Unescape View File

@ -30,8 +30,6 @@ import (
// CloudStorageAPI container for S3 compatible API. // CloudStorageAPI container for S3 compatible API.
type CloudStorageAPI struct { type CloudStorageAPI struct {
// Do not check for incoming signatures, allow all requests.
Anonymous bool
// Once true log all incoming requests. // Once true log all incoming requests.
AccessLog bool AccessLog bool
// Filesystem instance. // Filesystem instance.
@ -153,7 +151,6 @@ func getNewCloudStorageAPI(conf cloudServerConfig) CloudStorageAPI {
} }
return CloudStorageAPI{ return CloudStorageAPI{
Filesystem: fs, Filesystem: fs,
Anonymous: conf.Anonymous,
AccessLog: conf.AccessLog, AccessLog: conf.AccessLog,
} }
} }
@ -163,9 +160,7 @@ func getCloudStorageAPIHandler(api CloudStorageAPI) http.Handler {
TimeValidityHandler, TimeValidityHandler,
IgnoreResourcesHandler, IgnoreResourcesHandler,
IgnoreSignatureV2RequestHandler, IgnoreSignatureV2RequestHandler,
} SignatureHandler,
if !api.Anonymous {
mwHandlers = append(mwHandlers, SignatureHandler)
} }
if api.AccessLog { if api.AccessLog {
mwHandlers = append(mwHandlers, AccessLogHandler) mwHandlers = append(mwHandlers, AccessLogHandler)

46
server-main.go
Unescape View File

@ -69,10 +69,8 @@ EXAMPLES:
// cloudServerConfig - http server config // cloudServerConfig - http server config
type cloudServerConfig struct { type cloudServerConfig struct {
/// HTTP server options /// HTTP server options
Address string // Address:Port listening Address string // Address:Port listening
WebAddress string // WebAddress:Port listening AccessLog bool // Enable access log handler
AccessLog bool // Enable access log handler
Anonymous bool // No signature turn off
// Credentials. // Credentials.
AccessKeyID string // Access key id. AccessKeyID string // Access key id.
@ -87,15 +85,25 @@ type cloudServerConfig struct {
TLS bool // TLS on when certs are specified TLS bool // TLS on when certs are specified
CertFile string // Domain certificate CertFile string // Domain certificate
KeyFile string // Domain key KeyFile string // Domain key
/// Advanced HTTP server options
RateLimit int // Ratelimited server of incoming connections
} }
func configureWebServer(conf cloudServerConfig) (*http.Server, *probe.Error) { func configureWebServer(conf cloudServerConfig) (*http.Server, *probe.Error) {
// Split the api address into host and port.
host, port, e := net.SplitHostPort(conf.Address)
if e != nil {
return nil, probe.NewError(e)
}
webPort, e := strconv.Atoi(port)
if e != nil {
return nil, probe.NewError(e)
}
// Always choose the next port, based on the API address port.
webPort = webPort + 1
webAddress := net.JoinHostPort(host, strconv.Itoa(webPort))
// Minio server config // Minio server config
webServer := &http.Server{ webServer := &http.Server{
Addr: conf.WebAddress, Addr: webAddress,
Handler: getWebAPIHandler(getNewWebAPI(conf)), Handler: getWebAPIHandler(getNewWebAPI(conf)),
MaxHeaderBytes: 1 << 20, MaxHeaderBytes: 1 << 20,
} }
@ -133,8 +141,8 @@ func configureAPIServer(conf cloudServerConfig) (*http.Server, *probe.Error) {
return apiServer, nil return apiServer, nil
} }
func printServerMsg(conf cloudServerConfig) { func printServerMsg(serverConf *http.Server) {
host, port, e := net.SplitHostPort(conf.Address) host, port, e := net.SplitHostPort(serverConf.Addr)
fatalIf(probe.NewError(e), "Unable to split host port.", nil) fatalIf(probe.NewError(e), "Unable to split host port.", nil)
var hosts []string var hosts []string
@ -155,7 +163,7 @@ func printServerMsg(conf cloudServerConfig) {
} }
} }
for _, host := range hosts { for _, host := range hosts {
if conf.TLS { if serverConf.TLSConfig != nil {
Printf(" https://%s:%s\n", host, port) Printf(" https://%s:%s\n", host, port)
} else { } else {
Printf(" http://%s:%s\n", host, port) Printf(" http://%s:%s\n", host, port)
@ -328,9 +336,7 @@ func serverMain(c *cli.Context) {
tls := (certFile != "" && keyFile != "") tls := (certFile != "" && keyFile != "")
serverConfig := cloudServerConfig{ serverConfig := cloudServerConfig{
Address: c.GlobalString("address"), Address: c.GlobalString("address"),
WebAddress: c.GlobalString("web-address"),
AccessLog: c.GlobalBool("enable-accesslog"), AccessLog: c.GlobalBool("enable-accesslog"),
Anonymous: c.GlobalBool("anonymous"),
AccessKeyID: conf.Credentials.AccessKeyID, AccessKeyID: conf.Credentials.AccessKeyID,
SecretAccessKey: conf.Credentials.SecretAccessKey, SecretAccessKey: conf.Credentials.SecretAccessKey,
Path: path, Path: path,
@ -339,23 +345,22 @@ func serverMain(c *cli.Context) {
TLS: tls, TLS: tls,
CertFile: certFile, CertFile: certFile,
KeyFile: keyFile, KeyFile: keyFile,
RateLimit: c.GlobalInt("ratelimit"),
} }
Println("\nMinio Object Storage:")
printServerMsg(serverConfig)
// configure API server. // configure API server.
apiServer, err := configureAPIServer(serverConfig) apiServer, err := configureAPIServer(serverConfig)
errorIf(err.Trace(), "Failed to configure API server.", nil) errorIf(err.Trace(), "Failed to configure API server.", nil)
Println("\nMinio Browser:") Println("\nMinio Object Storage:")
printServerMsg(serverConfig) printServerMsg(apiServer)
// configure Web server. // configure Web server.
webServer, err := configureWebServer(serverConfig) webServer, err := configureWebServer(serverConfig)
errorIf(err.Trace(), "Failed to configure Web server.", nil) errorIf(err.Trace(), "Failed to configure Web server.", nil)
Println("\nMinio Browser:")
printServerMsg(webServer)
Println("\nTo configure Minio Client:") Println("\nTo configure Minio Client:")
if runtime.GOOS == "windows" { if runtime.GOOS == "windows" {
Println(" Download \"mc\" from https://dl.minio.io/client/mc/release/" + runtime.GOOS + "-" + runtime.GOARCH + "/mc.exe") Println(" Download \"mc\" from https://dl.minio.io/client/mc/release/" + runtime.GOOS + "-" + runtime.GOARCH + "/mc.exe")
@ -367,7 +372,6 @@ func serverMain(c *cli.Context) {
} }
// Start server. // Start server.
rateLimit := serverConfig.RateLimit err = minhttp.ListenAndServe(apiServer, webServer)
err = minhttp.ListenAndServeLimited(rateLimit, apiServer, webServer)
errorIf(err.Trace(), "Failed to start the minio server.", nil) errorIf(err.Trace(), "Failed to start the minio server.", nil)
} }

1
server_fs_test.go
Unescape View File

@ -78,7 +78,6 @@ func (s *MyAPIFSCacheSuite) SetUpSuite(c *C) {
cloudServer := cloudServerConfig{ cloudServer := cloudServerConfig{
Path: fsroot, Path: fsroot,
MinFreeDisk: 0, MinFreeDisk: 0,
Anonymous: false,
} }
cloudStorageAPI := getNewCloudStorageAPI(cloudServer) cloudStorageAPI := getNewCloudStorageAPI(cloudServer)
httpHandler := getCloudStorageAPIHandler(cloudStorageAPI) httpHandler := getCloudStorageAPIHandler(cloudStorageAPI)

7
signature-handler.go
Unescape View File

@ -60,13 +60,6 @@ func isRequestPostPolicySignatureV4(req *http.Request) bool {
return false return false
} }
func isRequestRequiresACLCheck(req *http.Request) bool {
if isRequestSignatureV4(req) || isRequestPresignedSignatureV4(req) || isRequestPostPolicySignatureV4(req) {
return false
}
return true
}
func (s signatureHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (s signatureHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if isRequestPostPolicySignatureV4(r) && r.Method == "POST" { if isRequestPostPolicySignatureV4(r) && r.Method == "POST" {
s.handler.ServeHTTP(w, r) s.handler.ServeHTTP(w, r)

Write Preview
Loading…
Cancel
Save