Validate Minio config.json file on the client side (#6067)

master
ebozduman 6 years ago committed by kannappanr
parent 726e75611e
commit b0b0fb4c8d
  1. 35
      pkg/madmin/config-commands.go

@ -19,10 +19,13 @@ package madmin
import ( import (
"encoding/json" "encoding/json"
"errors"
"fmt" "fmt"
"io" "io"
"io/ioutil" "io/ioutil"
"net/http" "net/http"
"github.com/minio/minio/pkg/quick"
) )
// NodeSummary - represents the result of an operation part of // NodeSummary - represents the result of an operation part of
@ -65,15 +68,41 @@ func (adm *AdminClient) GetConfig() ([]byte, error) {
// SetConfig - set config supplied as config.json for the setup. // SetConfig - set config supplied as config.json for the setup.
func (adm *AdminClient) SetConfig(config io.Reader) (r SetConfigResult, err error) { func (adm *AdminClient) SetConfig(config io.Reader) (r SetConfigResult, err error) {
const maxConfigJSONSize = 256 * 1024 // 256KiB
if !adm.secure { // No TLS? if !adm.secure { // No TLS?
return r, fmt.Errorf("credentials/configuration cannot be updated over an insecure connection") return r, fmt.Errorf("credentials/configuration cannot be updated over an insecure connection")
} }
// Read config bytes to calculate MD5, SHA256 and content length. // Read configuration bytes
configBytes, err := ioutil.ReadAll(config) configBuf := make([]byte, maxConfigJSONSize+1)
if err != nil { n, err := io.ReadFull(config, configBuf)
if err == nil {
return r, fmt.Errorf("too large file")
}
if err != io.ErrUnexpectedEOF {
return r, err return r, err
} }
configBytes := configBuf[:n]
type configVersion struct {
Version string `json:"version,omitempty"`
}
var cfg configVersion
// Check if read data is in json format
if err = json.Unmarshal(configBytes, &cfg); err != nil {
return r, errors.New("Invalid JSON format: " + err.Error())
}
// Check if the provided json file has "version" key set
if cfg.Version == "" {
return r, errors.New("Missing or unset \"version\" key in json file")
}
// Validate there are no duplicate keys in the JSON
if err = quick.CheckDuplicateKeys(string(configBytes)); err != nil {
return r, errors.New("Duplicate key in json file: " + err.Error())
}
reqData := requestData{ reqData := requestData{
relPath: "/v1/config", relPath: "/v1/config",

Loading…
Cancel
Save