From 4ca10479b58c0557c7c8c7c58b623e40b2671c88 Mon Sep 17 00:00:00 2001 From: Andreas Auernhammer Date: Wed, 14 Feb 2018 00:43:46 +0100 Subject: [PATCH] [SSE-C]: avoid encrypting empty objects. (#5525) This change adds an object size check such that the server does not encrypt empty objects (typically folders) for SSE-C. The server still returns SSE-C headers but the object is not encrypted since there is no point to encrypt such objects. Fixes #5493 --- cmd/object-handlers.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/object-handlers.go b/cmd/object-handlers.go index 08631bdba..fcfb61888 100644 --- a/cmd/object-handlers.go +++ b/cmd/object-handlers.go @@ -556,7 +556,7 @@ func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Req return } if objectAPI.IsEncryptionSupported() { - if IsSSECustomerRequest(r.Header) { // handle SSE-C requests + if IsSSECustomerRequest(r.Header) && size > 0 { // handle SSE-C requests reader, err = EncryptRequest(hashReader, r, metadata) if err != nil { writeErrorResponse(w, toAPIErrorCode(err), r.URL)