From d15042470e9043321400ab92c52f8b9a70793b73 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Thu, 21 May 2020 18:51:23 -0700 Subject: [PATCH] add missing signature v2 query params (#9670) --- cmd/api-router.go | 5 +++++ cmd/signature-v2.go | 26 +++++++++++++++++--------- 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/cmd/api-router.go b/cmd/api-router.go index 971c2ead6..4011c9aa5 100644 --- a/cmd/api-router.go +++ b/cmd/api-router.go @@ -285,6 +285,11 @@ func registerAPIRouter(router *mux.Router, encryptionEnabled, allowSSEKMS bool) apiRouter.Methods(http.MethodGet).Path(SlashSeparator).HandlerFunc( maxClients(collectAPIStats("listbuckets", httpTraceAll(api.ListBucketsHandler)))) + // S3 browser with signature v4 adds '//' for ListBuckets request, so rather + // than failing with UnknownAPIRequest we simply handle it for now. + apiRouter.Methods(http.MethodGet).Path(SlashSeparator + SlashSeparator).HandlerFunc( + maxClients(collectAPIStats("listbuckets", httpTraceAll(api.ListBucketsHandler)))) + // If none of the routes match add default error handler routes apiRouter.NotFoundHandler = http.HandlerFunc(collectAPIStats("notfound", httpTraceAll(errorResponseHandler))) apiRouter.MethodNotAllowedHandler = http.HandlerFunc(collectAPIStats("methodnotallowed", httpTraceAll(errorResponseHandler))) diff --git a/cmd/signature-v2.go b/cmd/signature-v2.go index 9b0a1ab1b..630c41514 100644 --- a/cmd/signature-v2.go +++ b/cmd/signature-v2.go @@ -33,19 +33,15 @@ import ( "github.com/minio/minio/pkg/auth" ) -// Signature and API related constants. -const ( - signV2Algorithm = "AWS" -) - -// AWS S3 Signature V2 calculation rule is give here: -// http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#RESTAuthenticationStringToSign - // Whitelist resource list that will be used in query string for signature-V2 calculation. -// The list should be alphabetically sorted +// +// This list should be kept alphabetically sorted, do not hastily edit. var resourceList = []string{ "acl", + "cors", "delete", + "encryption", + "legal-hold", "lifecycle", "location", "logging", @@ -59,6 +55,10 @@ var resourceList = []string{ "response-content-language", "response-content-type", "response-expires", + "retention", + "select", + "select-type", + "tagging", "torrent", "uploadId", "uploads", @@ -68,6 +68,14 @@ var resourceList = []string{ "website", } +// Signature and API related constants. +const ( + signV2Algorithm = "AWS" +) + +// AWS S3 Signature V2 calculation rule is give here: +// http://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html#RESTAuthenticationStringToSign + func doesPolicySignatureV2Match(formValues http.Header) APIErrorCode { cred := globalActiveCred accessKey := formValues.Get(xhttp.AmzAccessKeyID)