Deuxfleurs/garage
48
56
Fork 73
Code Issues 99 Pull requests 13 Releases 30 Wiki Activity

cargo fmt
Some checks failed
continuous-integration/drone/pr Build is failing
Details
continuous-integration/drone/push Build is failing
Details

Browse source
This commit is contained in:
Alex 2022-04-14 15:02:49 +02:00
parent 69f14245bb
commit 025db41bba
Signed by: lx
GPG key ID: 0E496D15096376BE
6 changed files with 35 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/api/k2v/api_server.rs
View file

@ -12,16 +12,14 @@ use garage_util::error::Error as GarageError;
use garage_model::garage::Garage; use garage_model::garage::Garage;
use crate::error::*; use crate::error::*;
use crate::generic_server::*; use crate::generic_server::*;
use crate::signature::payload::check_payload_signature; use crate::signature::payload::check_payload_signature;
use crate::signature::streaming::*; use crate::signature::streaming::*;
use crate::helpers::*; use crate::helpers::*;
use crate::k2v::router::{Endpoint}; use crate::k2v::router::Endpoint;
use crate::s3::cors::*; use crate::s3::cors::*;
pub struct K2VApiServer { pub struct K2VApiServer {
@ -86,7 +84,12 @@ impl ApiHandler for K2VApiServer {
Error::Forbidden("Garage does not support anonymous access yet".to_string()) Error::Forbidden("Garage does not support anonymous access yet".to_string())
})?; })?;
let req = parse_streaming_body(&api_key, req, &mut content_sha256, &garage.config.s3_api.s3_region)?; let req = parse_streaming_body(
&api_key,
req,
&mut content_sha256,
&garage.config.s3_api.s3_region,
)?;
let bucket_id = resolve_bucket(&garage, &bucket_name, &api_key).await?; let bucket_id = resolve_bucket(&garage, &bucket_name, &api_key).await?;
let bucket = garage let bucket = garage
@ -141,9 +144,6 @@ impl ApiEndpoint for K2VApiEndpoint {
} }
fn add_span_attributes(&self, span: SpanRef<'_>) { fn add_span_attributes(&self, span: SpanRef<'_>) {
span.set_attribute(KeyValue::new( span.set_attribute(KeyValue::new("bucket", self.bucket_name.clone()));
"bucket",
self.bucket_name.clone(),
));
} }
} }

19
src/api/k2v/router.rs
View file

@ -2,11 +2,10 @@ use crate::error::*;
use std::borrow::Cow; use std::borrow::Cow;
use hyper::{Method, Request}; use hyper::{Method, Request};
use crate::router_macros::{router_match, generateQueryParameters};
use crate::helpers::Authorization; use crate::helpers::Authorization;
use crate::router_macros::{generateQueryParameters, router_match};
router_match! {@func router_match! {@func
@ -49,16 +48,15 @@ impl Endpoint {
/// Determine which S3 endpoint a request is for using the request, and a bucket which was /// Determine which S3 endpoint a request is for using the request, and a bucket which was
/// possibly extracted from the Host header. /// possibly extracted from the Host header.
/// Returns Self plus bucket name, if endpoint is not Endpoint::ListBuckets /// Returns Self plus bucket name, if endpoint is not Endpoint::ListBuckets
pub fn from_request<T>( pub fn from_request<T>(req: &Request<T>) -> Result<(Self, String), Error> {
req: &Request<T>,
) -> Result<(Self, String), Error> {
let uri = req.uri(); let uri = req.uri();
let path = uri.path().trim_start_matches('/'); let path = uri.path().trim_start_matches('/');
let query = uri.query(); let query = uri.query();
let (bucket, partition_key) = let (bucket, partition_key) = path
path.split_once('/') .map(|(b, p)| (b.to_owned(), p.trim_start_matches('/'))) .split_once('/')
.unwrap_or((path.to_owned(), "")); .map(|(b, p)| (b.to_owned(), p.trim_start_matches('/')))
.unwrap_or((path.to_owned(), ""));
if bucket.is_empty() { if bucket.is_empty() {
return Err(Error::BadRequest("Missing bucket name".to_owned())); return Err(Error::BadRequest("Missing bucket name".to_owned()));
@ -136,10 +134,7 @@ impl Endpoint {
} }
/// Determine which endpoint a request is for, knowing it is a PUT. /// Determine which endpoint a request is for, knowing it is a PUT.
fn from_put( fn from_put(partition_key: String, query: &mut QueryParameters<'_>) -> Result<Self, Error> {
partition_key: String,
query: &mut QueryParameters<'_>,
) -> Result<Self, Error> {
router_match! { router_match! {
@gen_parser @gen_parser
(query.keyword.take().unwrap_or_default().as_ref(), partition_key, query, None), (query.keyword.take().unwrap_or_default().as_ref(), partition_key, query, None),

5
src/api/router_macros.rs
View file

@ -1,5 +1,3 @@
/// This macro is used to generate very repetitive match {} blocks in this module /// This macro is used to generate very repetitive match {} blocks in this module
/// It is _not_ made to be used anywhere else /// It is _not_ made to be used anywhere else
macro_rules! router_match { macro_rules! router_match {
@ -120,7 +118,6 @@ macro_rules! router_match {
}; };
} }
/// This macro is used to generate part of the code in this module. It must be called only one, and /// This macro is used to generate part of the code in this module. It must be called only one, and
/// is useless outside of this module. /// is useless outside of this module.
macro_rules! generateQueryParameters { macro_rules! generateQueryParameters {
@ -189,5 +186,5 @@ macro_rules! generateQueryParameters {
} }
} }
pub(crate) use router_match;
pub(crate) use generateQueryParameters; pub(crate) use generateQueryParameters;
pub(crate) use router_match;

10
src/api/s3/api_server.rs
View file

@ -20,7 +20,6 @@ use crate::generic_server::*;
use crate::signature::payload::check_payload_signature; use crate::signature::payload::check_payload_signature;
use crate::signature::streaming::*; use crate::signature::streaming::*;
use crate::helpers::*; use crate::helpers::*;
use crate::s3::bucket::*; use crate::s3::bucket::*;
use crate::s3::copy::*; use crate::s3::copy::*;
@ -30,7 +29,7 @@ use crate::s3::get::*;
use crate::s3::list::*; use crate::s3::list::*;
use crate::s3::post_object::handle_post_object; use crate::s3::post_object::handle_post_object;
use crate::s3::put::*; use crate::s3::put::*;
use crate::s3::router::{Endpoint}; use crate::s3::router::Endpoint;
use crate::s3::website::*; use crate::s3::website::*;
pub struct S3ApiServer { pub struct S3ApiServer {
@ -127,7 +126,12 @@ impl ApiHandler for S3ApiServer {
Error::Forbidden("Garage does not support anonymous access yet".to_string()) Error::Forbidden("Garage does not support anonymous access yet".to_string())
})?; })?;
let req = parse_streaming_body(&api_key, req, &mut content_sha256, &garage.config.s3_api.s3_region)?; let req = parse_streaming_body(
&api_key,
req,
&mut content_sha256,
&garage.config.s3_api.s3_region,
)?;
let bucket_name = match bucket_name { let bucket_name = match bucket_name {
None => { None => {

2
src/api/s3/router.rs
View file

@ -5,8 +5,8 @@ use std::borrow::Cow;
use hyper::header::HeaderValue; use hyper::header::HeaderValue;
use hyper::{HeaderMap, Method, Request}; use hyper::{HeaderMap, Method, Request};
use crate::router_macros::{router_match, generateQueryParameters};
use crate::helpers::Authorization; use crate::helpers::Authorization;
use crate::router_macros::{generateQueryParameters, router_match};
router_match! {@func router_match! {@func

26
src/api/signature/streaming.rs
View file

@ -3,23 +3,23 @@ use std::pin::Pin;
use chrono::{DateTime, NaiveDateTime, Utc}; use chrono::{DateTime, NaiveDateTime, Utc};
use futures::prelude::*; use futures::prelude::*;
use futures::task; use futures::task;
use hyper::body::Bytes;
use hyper::{Body, Request};
use garage_model::key_table::Key; use garage_model::key_table::Key;
use hmac::Mac; use hmac::Mac;
use hyper::body::Bytes;
use hyper::{Body, Request};
use garage_util::data::Hash; use garage_util::data::Hash;
use super::{sha256sum, HmacSha256, LONG_DATETIME, compute_scope}; use super::{compute_scope, sha256sum, HmacSha256, LONG_DATETIME};
use crate::error::*; use crate::error::*;
pub fn parse_streaming_body( pub fn parse_streaming_body(
api_key: &Key, api_key: &Key,
req: Request<Body>, req: Request<Body>,
content_sha256: &mut Option<Hash>, content_sha256: &mut Option<Hash>,
region: &str, region: &str,
) -> Result<Request<Body>, Error> { ) -> Result<Request<Body>, Error> {
match req.headers().get("x-amz-content-sha256") { match req.headers().get("x-amz-content-sha256") {
Some(header) if header == "STREAMING-AWS4-HMAC-SHA256-PAYLOAD" => { Some(header) if header == "STREAMING-AWS4-HMAC-SHA256-PAYLOAD" => {
let signature = content_sha256 let signature = content_sha256
@ -42,13 +42,8 @@ pub fn parse_streaming_body(
let date: DateTime<Utc> = DateTime::from_utc(date, Utc); let date: DateTime<Utc> = DateTime::from_utc(date, Utc);
let scope = compute_scope(&date, region); let scope = compute_scope(&date, region);
let signing_hmac = crate::signature::signing_hmac( let signing_hmac = crate::signature::signing_hmac(&date, secret_key, region, "s3")
&date, .ok_or_internal_error("Unable to build signing HMAC")?;
secret_key,
region,
"s3",
)
.ok_or_internal_error("Unable to build signing HMAC")?;
Ok(req.map(move |body| { Ok(req.map(move |body| {
Body::wrap_stream( Body::wrap_stream(
@ -67,7 +62,6 @@ pub fn parse_streaming_body(
} }
} }
/// Result of `sha256("")` /// Result of `sha256("")`
const EMPTY_STRING_HEX_DIGEST: &str = const EMPTY_STRING_HEX_DIGEST: &str =
"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"; "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";